[prev in list] [next in list] [prev in thread] [next in thread]
List: httpclient-users
Subject: Re: user info in the url
From: Oleg Kalnichevski <olegk () apache ! org>
Date: 2014-05-02 12:30:54
Message-ID: 1399033854.21079.2.camel () ubuntu
[Download RAW message or body]
On Fri, 2014-05-02 at 13:40 +1000, Perryn Fowler wrote:
> Hello
>
> I am trying to use a cloud service that provides an endpoint url that has
> user/password embedded in the url like so:
>
> https://user:pass@host.com/blah/blah
>
> Sending a request to this URL with httpClient results in a 401 being
> reported to my client code.
>
> I assume that this is because httpClient first sends an unauthenticated
> request expecting to get back a 401 with a WWW-Authenticate header
> indicating what scheme to use.
>
> As it happens the service I am hitting does not seem to send back a
> WWW-Authenticate header at all. It seems to assume you will do pre-emptive
> Basic auth.
>
> So, I have 2 questions
>
> 1) If the service started sending back a WWW-Authenticate: Basic header,
> would httpClient automatically resend the authenticated request
> transparently to my client code? This issue(
> https://issues.apache.org/jira/browse/HTTPCLIENT-1131) seems to imply so,
> but I didn't seem to be able to find anywhere in the code that does that.
>
Yes, it would.
http://hc.apache.org/httpcomponents-client-4.3.x/httpclient/xref/org/apache/http/impl/execchain/ProtocolExec.html#173
> 2) Given that the service does not currently send back a WWW-authenticate
> header, is there any way to tell httpClient to authenticate pre-emptively
> using Basic and the credentials from the URL?
>
> The following example shows how to pre-emptively authenticate using a
> provided username/password, but I would rather not have to parse them out
> of the URL myself if I can avoid it
>
No, there is not. You'll need to manually add those credentials to the
auth cache to force HttpClient to authenticate preemptively.
Oleg
> http://hc.apache.org/httpcomponents-client-ga/httpclient/examples/org/apache/http/examples/client/ClientPreemptiveBasicAuthentication.java
>
> cheers
> Perryn
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic