I am checking out the class org.apache.http.auth. Any more reference or example if anyone has?
Asked
Active
Viewed 1.3e+01k times
73
-
2Is this a question about Android applications authentication or just about authentication for a general web app, which just might run on Android? – jottos Dec 28 '09 at 08:02
-
For web authentication(http authentication) for user credentials(username,password) – Bohemian Dec 28 '09 at 08:18
6 Answers
120
For me, it worked,
final String basicAuth = "Basic " + Base64.encodeToString("user:password".getBytes(), Base64.NO_WRAP);
Apache HttpCLient:
request.setHeader("Authorization", basicAuth);
HttpUrlConnection:
connection.setRequestProperty ("Authorization", basicAuth);
GabrielOshiro
- 7,986
- 4
- 45
- 57
cesards
- 15,882
- 11
- 70
- 65
-
24The NO_WRAP flag! That was key. I was just using the default and wondering why I kept getting a 400. – Robert Massaioli Feb 23 '12 at 04:42
-
5Your answer saves me a lot of time. Thanx! My problem was really in wrong flag (DEFAULT). – Johnny Doe Jan 28 '13 at 11:01
-
6
-
-
wow - this NO_WRAP just ended my 5 hours problem solving against a server which had no logging... THANX! – slott Dec 19 '13 at 11:57
-
1
-
Base64.encodeToString() did the trick for me. Previously, I was using Base64.encode() which was resulting in a HTTP response code of 500. – ban-geoengineering May 09 '14 at 20:10
-
Use connection.setRequestProperty as described in other answers if you are using the HttpURLConnection class – personne3000 May 10 '14 at 09:39
-
I use this: String basicAuth = Base64.encodeToString(String.format("%s:%s",user,passwd).getBytes(),Base64.DEFAULT); and with NO_WRAP and no way to add credentials... Only get "Basic MTIzNDU2NzhBOnR0YQ==\r\n"... WHY? – Asier Jan 14 '17 at 22:24
80
I've not met that particular package before, but it says it's for client-side HTTP authentication, which I've been able to do on Android using the java.net APIs, like so:
Authenticator.setDefault(new Authenticator(){
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication("myuser","mypass".toCharArray());
}});
HttpURLConnection c = (HttpURLConnection) new URL(url).openConnection();
c.setUseCaches(false);
c.connect();
Obviously your getPasswordAuthentication() should probably do something more intelligent than returning a constant.
If you're trying to make a request with a body (e.g. POST) with authentication, beware of Android issue 4326. I've linked a suggested fix to the platform there, but there's a simple workaround if you only want Basic auth: don't bother with Authenticator, and instead do this:
c.setRequestProperty("Authorization", "basic " +
Base64.encode("myuser:mypass".getBytes(), Base64.NO_WRAP));
Chris Boyle
- 11,423
- 7
- 48
- 63
-
-
The platform has it in a few places, but oddly enough they don't expose it. They even left references to it in the docs of e.g. `android.util`. I was using `ksoap2-android` when I found this, and they have an implementation that depends only on `java.io`, so you could just grab that class (subject to its license of course) from: http://kobjects.cvs.sourceforge.net/kobjects/kobjects/src/org/kobjects/base64/Base64.java?view=markup – Chris Boyle Dec 28 '09 at 11:51
-
3How do you handle the event that the authentication fails, say because the supplied credentials are bad? – Ken Aug 14 '11 at 06:26
-
1Base64 is not available in older versions of Android. Any suggestions there? – amit Nov 22 '12 at 19:14
-
i'm getting an error when trying to c.connect(); , it says IOException – Bachask8 Oct 15 '13 at 15:19
-
@Bachask8 IOException is probably not related to authentication; I would expect a 401 Unauthorized response if authentication was bad. – Chris Boyle Oct 17 '13 at 11:03
-
The code with Authenticator is not working for me even for simple GET request. If after c.connect() i call c.getResponseCode(), this hangs indefinitely. My server is using digest authentication. I m using Android api level 15. Same works for non-android platforms. – Yevgeniy P Dec 13 '14 at 08:32
-
Somehow this doesn't work for me. I am getting "Error response code: 301". Any idea why? – Arjun Kalidas Jul 30 '17 at 17:37
-
You have to use `Base64.encodeToString` in your example with `c.setRequestProperty` otherwise you're concatenating a base64 array with a string. – Ring Nov 17 '18 at 03:29
14
You can manually insert http header to request:
HttpGet request = new HttpGet(...);
request.setHeader("Authorization", "Basic "+Base64.encodeBytes("login:password".getBytes()));
fo2rist
- 1,903
- 15
- 22
13
Manual method works well with import android.util.Base64, but be sure to set Base64.NO_WRAP on calling encode:
String basicAuth = "Basic " + new String(Base64.encode("user:pass".getBytes(),Base64.NO_WRAP ));
connection.setRequestProperty ("Authorization", basicAuth);
GWu
- 2,767
- 18
- 28
3
For my Android projects I've used the Base64 library from here:
It's a very extensive library and so far I've had no problems with it.
Oke Uwechue
- 66
- 1
1
This works for me
URL imageUrl = new URL(url);
HttpURLConnection conn = (HttpURLConnection) imageUrl
.openConnection();
conn.setRequestProperty("Authorization", "basic " +
Base64.encode("username:password".getBytes()));
conn.setConnectTimeout(30000);
conn.setReadTimeout(30000);
conn.setInstanceFollowRedirects(true);
InputStream is = conn.getInputStream();
Cristiana Chavez
- 11,349
- 5
- 55
- 54