How to open a web page from android application passing credentials?

Question

I'm developing an App for my company, basically we need just a launcher to skip opening the browser and typing the address. I have two text boxes in my app and a login button. It's okay to launch the default browser (OpenAsync works just fine, but I can't pass the credentials). We already have a webapp which requires username and password and we have to reach it from anywhere using a VPN. I'd like to save the credential from the app, send them thru it when pressing the login button and load the page already authenticated. Security is not a concern at the moment since we're not managing private data.

I'm new to this world and I'm not sure how HttpRequests and WebRequests work. I just tryed many solutions i found online, but none of them worked for me. Probably I just miss the point there.

WebRequest request = WebRequest.Create("http://www.example.com/login");
request.Method = "POST";
string postData = "username=usr&password=pass1234";
byte[] byteArray = Encoding.UTF8.GetBytes(postData);
request.ContentType = "application/x-www-form-urlencoded";
request.ContentLength = byteArray.Length;
Stream dataStream = request.GetRequestStream();
dataStream.Write(byteArray, 0, byteArray.Length);
dataStream.Close();
WebResponse response = request.GetResponse();
Console.WriteLine(((HttpWebResponse)response).StatusDescription);
dataStream = response.GetResponseStream();
StreamReader reader = new StreamReader(dataStream);
string responseFromServer = reader.ReadToEnd();
Console.WriteLine(responseFromServer);

Check this https://stackoverflow.com/questions/4540972/set-credentials-on-an-android-webview-using-secured-https-connection — Yyy, Jun 27 '19 at 08:23

score 1 · Accepted Answer · answered Jun 27 '19 at 10:17

1

Pass the username and password as url parameter and from webapp access the username and password.

answered Jun 27 '19 at 10:17

Milan Joseph

118
10

I can't figure how to do that. I used "www.example.com?username=usr&password=pass1234" but the page loads without anything in the boxes. It even cancels out the last part of the url. – Hackjaku Jun 27 '19 at 13:45
1

In the web app you need to create boxes and handle the url parameters. Get the url parameters and set in the boxes – Milan Joseph Jul 01 '19 at 05:12

score 1 · Answer 2 · answered Jun 27 '19 at 15:22

1

Credentials passed via query string will not auto populate the login page boxes with the values passed.

You have to modify you web app's login page to accept username and passwords passed via query string and authenticate user.

answered Jun 27 '19 at 15:22

Gaurav Mathur

804
5
14

score 0 · Answer 3 · answered Dec 20 '20 at 20:12

0

try this "www.example.com?username=" + username + "&password=" + password;

where as username and password are String variables containing your credential values

answered Dec 20 '20 at 20:12

J SAKET CHANDRA PRUSTY

9
1

1

this would send the username and password over the net in plain text. Loging in is normally a POST, not a GET. Even if they are using a VPN, this is still a terrible idea and whatever they're logging in to better not have a GET to login. – fstam Dec 20 '20 at 20:54
This is insecure since the query params are often stored in log files by the web servers. – grandnasty May 11 '22 at 10:22

How to open a web page from android application passing credentials?

3 Answers3