3

I tried hitting my server using HttpsURLConnection, got response code 401 - need to authenticate. Tried the following:

            Authenticator.setDefault (new Authenticator() {
                protected PasswordAuthentication getPasswordAuthentication() {
                    return new PasswordAuthentication ("myuser", "!mypassword".toCharArray());
                }
            });

Got response code 400 - bad request.

Based on some stackoverflow research I also tried using:

        String authorizationString = "Basic " + Base64.encodeToString(("username" + ":" + "password").getBytes(), Base64.DEFAULT);
        conn.setRequestProperty("Authorization", authorizationString);

Same problem, code 400. I'm also trusting all hosts using the @Chrispix method in this post: Trust Anchor not found for Android SSL Connection not sure if that is interfering somehow, but this is for a prototype and the site certificate isn't valid, so I needed to bypass the check.

The connection is set up with these properties, not sure if there is anything wrong or missing:

        HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
        conn.setReadTimeout(10000 /* milliseconds */);
        conn.setConnectTimeout(15000 /* milliseconds */);
        conn.addRequestProperty("Content-Type", "application/json");
        conn.setRequestMethod("POST");
        conn.setDoInput(true);

Thanks!

Community
  • 1
  • 1
Adam
  • 1,486
  • 3
  • 20
  • 35

3 Answers3

1

How about using HttpClient ?

HttpClient httpClient= new DefaultHttpClient();
HttpGet httpGet= new HttpGet(yourUrl);
String authString = (yourUserName+":"+yourPassword);
httpGet.addHeader("Authorization", "Basic " + 
    Base64.encodeToString(authString.getBytes(),Base64.DEFAULT));
HttpResponse response = httpClient.execute(httpGet);

Seems you wanna by-pass the cert checking currently, this related link may help you

Trusting all certificates using HttpClient over HTTPS

Community
  • 1
  • 1
hungr
  • 2,086
  • 1
  • 20
  • 33
0

Try this way

public String sendHttpRequest(String params)
{       
    URL url;
    String result = new String();
    try 
    {
        url = new URL(AUTHENTICATION_SERVER_ADDRESS);
        HttpURLConnection connection;
        connection = (HttpURLConnection) url.openConnection();
        connection.setDoOutput(true);
        connection.setRequestMethod("POST");
        connection.setRequestProperty("Content-Type",
                "application/x-www-form-urlencoded;charset=UTF-8");
        PrintWriter out = new PrintWriter(connection.getOutputStream());

        out.println(params);
        out.close();

        BufferedReader in = new BufferedReader(
                new InputStreamReader(
                        connection.getInputStream()));
        String inputLine;

        while ((inputLine = in.readLine()) != null) {
            result = result.concat(inputLine);  

        }
        in.close();         
    } 
    catch (MalformedURLException e) {
        e.printStackTrace();
    } 
    catch (IOException e) {
        e.printStackTrace();
    }           

    if (result.length() == 0) {
        result = HTTP_REQUEST_FAILED;
    }

    return result;


}

params argument should be in this format

      public String authenticateUser(String username, String password) 
      {
           String params = "username="+ URLEncoder.encode(username,"UTF-8") +
                           "&password="+ URLEncoder.encode(password,"UTF-8") +
                    "&";

          String result = socketOperator.sendHttpRequest(params);       

          return result;
       }

Call this function to authentication...

Punit
  • 667
  • 1
  • 7
  • 17
0

It seems that I was getting the proper response- I thought 400 meant a badly formatted request, but checking the error stream I found the request was fine, but the parameters were wrong. Rookie mistake!

Adam
  • 1,486
  • 3
  • 20
  • 35