You are viewing a plain text version of this content. The canonical link for it is here.
Posted to httpclient-users@hc.apache.org by Chris Ashurst <ca...@thig.com> on 2005/09/06 20:30:30 UTC
Preemptive Authorisation Problem
I've been playing around with the httpclient library for a little bit to
try and get it to connect to a service website in use by my employer.
The problem is weird... As far as I can see, I've followed the example
scripts and they've worked fine in terms of testing against the server
running on my dev machine. However, when I try to connect to the service
website, I always get the following:
[INFO] AuthChallengeProcessor - basic authentication scheme selected
[INFO] HttpMethodDirector - Failure authenticating with BASIC
'blackweb.msbexpress.net'@blackweb.msbexpress.net:80
This happens regardless of whether I choose to use preemptive
authentication or not.
As I say, on my localhost Basic auth test, I get no problems at all with
the login (again, regardless of whether I choose preemptive login or not).
As far as I can see, the service website uses IIS, and attempting to
read the headers through a regular login on FireFox shows that it does
in fact use Basic authentication:
HTTP/1.x 401 Access Denied
Server: Microsoft-IIS/5.0
Date: Tue, 06 Sep 2005 18:26:26 GMT
WWW-Authenticate: Basic realm="blackweb.msbexpress.net"
Connection: close
Content-Length: 4431
Content-Type: text/html
So I know I have the correct realm set, but one thing I'm curious about
is the fact that the username has to be sent as <domain>\<username> and
the password includes an ampersand (&)... This is usual of an NTLM
login, right (as far as the domain\username part)?
And one last thing... Why does Eclipse report
setAuthenticationPreemptive and setCredentials as depreceated?
Code as follows:
~~~
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.UsernamePasswordCredentials;
import org.apache.commons.httpclient.methods.GetMethod;
public class BasicAuth {
public BasicAuth() {}
public static void main(String[] args) throws Exception {
HttpClient client = new HttpClient();
client.getState().setAuthenticationPreemptive(true);
// pass our credentials to HttpClient, they will only be used for
// authenticating to servers with realm "realm", to
authenticate agains
// an arbitrary realm change this to null.
client.getState().setCredentials(
"blackweb.msbexpress.net", //Realm
"blackweb.msbexpress.net", //Host
new UsernamePasswordCredentials("domain\user",
"pass&word") //Duh
);
GetMethod get = new
GetMethod("http://blackweb.msbexpress.net/thig/Test");
get.setDoAuthentication(true);
int status = client.executeMethod(get);
System.out.println(status + "\n" + get.getResponseBodyAsString());
get.releaseConnection();
}
}
~~~
Thanks in advance
~Chris
--
~Chris Ashurst
~~Tower Hill Insurance
~cashurst@thig.com
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org