1

There are numerous answer to this (one, two, three) but they all use obsolete methods. For Java 1.7 and later what is the best way to request a resource over http when credentials need to be supplied for Basic, Digest, NTLM, and/or Windows Identity?

Using an Apache library for this is fine.

I know this is a repeat question, but the existing answer all appear to be using obsolete calls.

Update: This is for a library we have where a user can pass to us any URL and say it is any of the different authentication systems. This library is added to different applications by our users. So, it could be any service, used in any application. It could be web, it could be REST. It could be under Apache, WebLogic, WebSphere, or anything else.

Community
  • 1
  • 1
David Thielen
  • 28,723
  • 34
  • 119
  • 193
  • This is too little information. Do you want to access an HTTP service (web, rest)? Which Apache framework do you plan to use? (http-client, axis, cxf, ...) which version? – gusto2 Dec 17 '16 at 17:52
  • @GabrielVince I updated it although as a runtime library we provide to lots of people, the basic answer is "could be anything." – David Thielen Dec 17 '16 at 20:13

1 Answers1

0

Wwhat are you trying to achieve - there's not one magic silver bullet for all authentication methods. The best option is to use a well established HTTP client framework (e.g. http-client) with rich authentication options. There are several others, but I consider the apache HttpCompnents as one of the most reliable (and still free).

Apache HTTP commons client should work out-of-box with any client-only authentication (basic, digest, NTLM (not my favourite)). Mostly you implement a "CredentialProvider" (a password callback class) for the HTTP context it it will work. For the Windows Identity (I assume you mean Kerberos / SPNEGO authentication) you will need some more configuration (a keytab file, jaas configuration, ..).

Usually you should stick to some common standards supported by everybody and try to make others to use it (basic authentication over TLS/SSL should be fine).

What you may still encounter is - using different environments (WebSphere, WebLogic, other apps) other applications may force you to use different version of the HTTP client libraries or versions and your configuration won't work for all methods. So until you don't plan to implement your own http client (simple for basic and digest authentication), you will have to enforce clients to use a specific framework with specific version.

gusto2
  • 11,210
  • 2
  • 17
  • 36