CODEWITHSUNDEEP
javahttpsapache-httpclient-4.x
user1889665
user1889665

Reputation:

http client 4.3 not sending credentials

I am trying to send a get request using apache http client 4.3 (to a client using self sign cert), however I get back the error "Requires Authentication" everytime. In a web browser it works just fine so the username / password / url is correct. Is this not the way to pass username/password using http client 4.3?

public static String sendJsonHttpGetRequest(
                String host,
                String path,
                String username,
                String password,
                int socketTimeout,
                int connectionTimeout,
                int connectionRequestTimeout
                ) throws Exception
    {
            String responseBody = null;
            CredentialsProvider credsProvider = new BasicCredentialsProvider();
            credsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(username, password));
            SSLContextBuilder builder = new SSLContextBuilder();
            builder.loadTrustMaterial(null, new TrustStrategy(){
                  @Override
                  public boolean isTrusted(java.security.cert.X509Certificate[] chain, String authType) 
                  throws java.security.cert.CertificateException
                  {
                      return true;
                  }
                });
            SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(builder.build());
            CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory(sslsf).setDefaultCredentialsProvider(credsProvider).build();
            URIBuilder uriB = new URIBuilder().setScheme("https").setHost(host).setPath(path);
            HttpGet _http = new HttpGet( uriB.build() );
            RequestConfig _requestConfig = RequestConfig.custom().
                      setSocketTimeout(socketTimeout).
                      setConnectTimeout(connectionTimeout).
                      setConnectionRequestTimeout(connectionRequestTimeout).build();
            _http.addHeader("Content-Type", "application/json");
            _http.addHeader("Accept","application/json, text/xml;q=9, /;q=8");
            _http.setConfig(_requestConfig);
            // ###########################
            ResponseHandler<String> response = new BasicResponseHandler();
            responseBody = httpclient.execute(_http, response);
            return responseBody;
    }

Upvotes: 1

Views: 1545

Answers (2)

user1889665
user1889665

Reputation:

turns out now with http 4+ you have to provide it in two locations for it to work,

second is

authCache.put(host, basicAuth);
CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(username, password));
HttpClientContext _context = HttpClientContext.create();
_context.setAuthCache(authCache);
_context.setCredentialsProvider(credentialsProvider);
responseBody = httpclient.execute(_http, response, _context);

Upvotes: 3

BoppreH
BoppreH

Reputation: 10173

I don't use this library myself, but have you tried the HttpClient class?

HttpClient client = new HttpClient();
client.getParams().setAuthenticationPreemptive(true);
client.getState().setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(username, password));
GetMethod method = new GetMethod(uri);
client.executeMethod(method);

You still have to build the uri and set timeouts, but it could be an option.

Upvotes: 0

Related Questions