Authentication
To challenge a client, the originating server issues a "401 Unauthorized" message. This message includes a WWW-Authenticate HTTP header that identifies an authentication scheme via a case-insensitive token. The client replies with an Authorization header that provides the credentials.
Basic Authentication and the Authenticator Class
HTTP 1.0 introduced the basic authentication scheme by which a client identifies itself via a username and a password.
import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLConnection;
import java.util.List;
import java.util.Map;
public class Main {
public static void main(String[] args) throws IOException {
String s = "http://test.webdav.org/auth-basic/";
URL url = new URL(s);
URLConnection urlc = url.openConnection();
Map<String, List<String>> hf = urlc.getHeaderFields();
for (String key : hf.keySet())
System.out.println(key + ": " + urlc.getHeaderField(key));
System.out.println(((HttpURLConnection) urlc).getResponseCode());
}
}
Output:
null: HTTP/1.1 401 Authorization Required
WWW-Authenticate: Basic realm="basic auth area"
Date: Tue, 14 Aug 2012 17:44:22 GMT
Content-Length: 401
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Server: Apache/2.0.54 (Debian GNU/Linux) DAV/2 SVN/1.3.2
401
In order to pass this username and password back to the HTTP server, the application must work with the java.net.Authenticator class.
The following code performs basic authentication
import java.io.IOException;
import java.net.Authenticator;
import java.net.HttpURLConnection;
import java.net.PasswordAuthentication;
import java.net.URL;
import java.net.URLConnection;
import java.util.List;
import java.util.Map;
public class Main {
public static void main(String[] args) throws IOException {
Authenticator.setDefault(new BasicAuthenticator());
URL url = new URL("http://test.webdav.org/auth-basic/");
URLConnection urlc = url.openConnection();
Map<String, List<String>> hf = urlc.getHeaderFields();
for (String key : hf.keySet()){
System.out.println(key + ": " + urlc.getHeaderField(key));
}
System.out.println(((HttpURLConnection) urlc).getResponseCode());
}
}
class BasicAuthenticator extends Authenticator {
final static String USERNAME = "user1";
final static String PASSWORD = "user1";
@Override
public PasswordAuthentication getPasswordAuthentication() {
System.out.println("Password requested " + getRequestingHost()
+ " for scheme " + getRequestingScheme());
return new PasswordAuthentication(USERNAME, PASSWORD.toCharArray());
}
}
Output:
Password requested test.webdav.org for scheme basic
null: HTTP/1.1 404 Not Found
Date: Tue, 14 Aug 2012 17:45:55 GMT
Content-Length: 209
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Server: Apache/2.0.54 (Debian GNU/Linux) DAV/2 SVN/1.3.2
404