1

My app has save login credential feature, so I store cookies for the next use after succeeding to sign in. However, after a time period, the session will be time out and cannot log in with the cookies any more. On iOS, after setting credential persistence to permanent, the app works nicely even after restarting the phone: 

[[challenge sender] useCredential:[NSURLCredential credentialWithUser:username password:password persistence:NSURLCredentialPersistencePermanent] forAuthenticationChallenge:challenge];

On Android, I cannot find out such kind of this option. Here is from my HttpHelper class: 

((AbstractHttpClient) HttpHelper.client).getAuthSchemes().register("ntlm",new NTLMSchemeFactory());
  NTCredentials creds = new NTCredentials(user, pass, "", domain);
  ((AbstractHttpClient) HttpHelper.client).getCredentialsProvider().setCredentials(AuthScope.ANY, creds);

The server is SharePoint so I have to deal with ntlm authentication by following this instruction

If you have idea, please let me know.

Thank you.

thanhbinh84
  • 17,876
  • 6
  • 62
  • 69

4 Answers4

1

Consider using Sharedpreferences provided by the Android framework.

Dharman
  • 30,962
  • 25
  • 85
  • 135
Dinesh Venkata
  • 1,087
  • 1
  • 9
  • 22
  • Shared Preferences is used for primitive data types only, how can I store credential there? I'd like to keep the credential permanent like as what I do on iOS rather than encrypting user/pass and do log in whenever requesting data. – thanhbinh84 Dec 20 '12 at 13:39
  • yes you can get whatever data required for credentials and store them in sharedpreferences for later usage. – Dinesh Venkata Dec 21 '12 at 05:22
  • Could you specify in more details by updating the answer with a sample code. Thanks – thanhbinh84 Dec 21 '12 at 08:36
  • Well, you have three strings, so just save them as three strings? Nothing special really. Except that on iOS those are probably encrypted with some sort of platform key, and on Android you will have to do this yourself, if required. (shared preferences are private to the app by default, but accessible on a rooted device) – Nikolay Elenkov Dec 26 '12 at 05:20
  • You are right, iOS automatically encrypt with key chain, while as we need to do it manually on Android. I keep user/pass in Shared Preferences now but with encryption before that for safety. Thank you, Nikolay – thanhbinh84 Jan 23 '13 at 09:38
1

NTCredentials implements Serializable.

http://hc.apache.org/httpcomponents-client-ga/httpclient/apidocs/org/apache/http/auth/NTCredentials.html

Simplified without error handling:

Saving:

FileOutputStream fos = openFileOutput("MyFileName", Context.MODE_PRIVATE);
ObjectOutputStream os = new ObjectOutputStream(fos);
os.writeObject(creds);
os.close();

Loading:

FileInputStream fis = openFileInput("MyFileName");
ObjectInputStream is = new ObjectInputStream(fis);
NTCredentials creds = (NTCredentials) is.readObject();
is.close();
Robin Gawenda
  • 559
  • 5
  • 21
0

You can use Shared Preference to store your credential to save it on device side.

Ricky Khatri
  • 952
  • 2
  • 16
  • 42
0

Have you looked at the AccountManager? It is a general account manager framework that is built into the Android Framework specifically for managing account credentials. I haven't used ntlm before, so I can't speak on that aspect, but you are allowed to store an "authToken", user name, password, and also has extra location for storing data (I believe in a Bundle). It supports attempting re-authenticating with the server when it's notified that server communication failed for the given account. And can request the user enter their credentials again if it is incapable of re-authenticating automatically. All of these aspects are exposed for the developer to define the behavior.

The advantage of AccountManager is that it allows you to let the user manage your account type in the Settings with all their other accounts on the device.

Dandre Allison
  • 5,975
  • 5
  • 42
  • 56