[prev in list] [next in list] [prev in thread] [next in thread] 

List:       httpclient-users
Subject:    Re: user info in the url
From:       Oleg Kalnichevski <olegk () apache ! org>
Date:       2014-05-02 12:30:54
Message-ID: 1399033854.21079.2.camel () ubuntu
[Download RAW message or body]

On Fri, 2014-05-02 at 13:40 +1000, Perryn Fowler wrote:
> Hello
> 
> I am trying to use a cloud service that provides an endpoint url that has
> user/password embedded in the url like so:
> 
> https://user:pass@host.com/blah/blah
> 
> Sending a request to this URL with httpClient results in a 401 being
> reported to my client code.
> 
> I assume that this is because httpClient first sends an unauthenticated
> request expecting to get back a 401 with a WWW-Authenticate header
> indicating what scheme to use.
> 
> As it happens the service I am hitting does not seem to send back a
> WWW-Authenticate header at all. It seems to assume you will do pre-emptive
> Basic auth.
> 
> So, I have 2 questions
> 
> 1) If the service started sending back a WWW-Authenticate: Basic header,
> would httpClient automatically resend the authenticated request
> transparently to my client code? This issue(
> https://issues.apache.org/jira/browse/HTTPCLIENT-1131) seems to imply so,
> but I didn't seem to be able to find anywhere in the code that does that.
> 

Yes, it would.

http://hc.apache.org/httpcomponents-client-4.3.x/httpclient/xref/org/apache/http/impl/execchain/ProtocolExec.html#173


> 2) Given that the service does not currently send back a WWW-authenticate
> header, is there any way to tell httpClient to authenticate pre-emptively
> using Basic and the credentials from the URL?
> 
> The following example shows how to pre-emptively authenticate using a
> provided username/password, but I would rather not have to parse them out
> of the URL myself if I can avoid it
> 

No, there is not. You'll need to manually add those credentials to the
auth cache to force HttpClient to authenticate preemptively.

Oleg

> http://hc.apache.org/httpcomponents-client-ga/httpclient/examples/org/apache/http/examples/client/ClientPreemptiveBasicAuthentication.java
>  
> cheers
> Perryn



---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


[prev in list] [next in list] [prev in thread] [next in thread]