You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@commons.apache.org by "Gustafson, Vicki" <vi...@us.didata.com> on 2002/12/11 18:17:34 UTC
Authentication using HttpClient
Is there a way to specify which authentication scheme you would like the client to use if several schemes are returned in the www-auth header?
I'm performing a simple post using the httpClient. The server returns a 401 at which point the httpClient tries to authenticate with the server. The following header is received:
Attempting to parse authenticate header: 'WWW-Authenticate: Negotiate, NTLM, Basic realm="XXXwhateverXXX"
I need to authenticate using Basic, but the Authenticator class will only try the most secure scheme: NTLM. Is there a setting or parameter I can set to force the httpClient to use Basic?
thanks,
Vicki
// determine the most secure request header to add
Header requestHeader = null;
if (challengeMap.containsKey("ntlm")) {
String challenge = (String) challengeMap.get("ntlm");
requestHeader = Authenticator.ntlm(challenge, method, state,
responseHeader);
} else if (challengeMap.containsKey("digest")) {
String challenge = (String) challengeMap.get("digest");
String realm = parseRealmFromChallenge(challenge);
requestHeader = Authenticator.digest(realm, method, state,
responseHeader);
} else if (challengeMap.containsKey("basic")) {
String challenge = (String) challengeMap.get("basic");
String realm = parseRealmFromChallenge(challenge);
requestHeader = Authenticator.basic(realm, state, responseHeader);
} else if (challengeMap.size() == 0) {
throw new HttpException("No authentication scheme found in '"
+ authenticateHeader + "'");
} else {
throw new UnsupportedOperationException(
"Requested authentication scheme " + challengeMap.keySet()
+ " is unsupported");
}