tl  tr
  Home | Tutorials | Articles | Videos | Products | Tools | Search
Open Source | Tag Cloud | Follow Us | Bookmark | Contact   
 Tools and Libs > Commons Http Client > Digest Authentication

Digest Authentication 

Commons Http Client is a HTTP agent implementation in java supporting client-side authentication, HTTP state management and HTTP connection management. This requires the libraries httpclient-4.1.2.jar, httpcore-4.1.2.jar, httpmime-4.1.2.jar, httpclient-cache-4.1.2.jar, commons-codec.jar and commons-logging-1.1.1.jar to be in classpath. The following example shows how to access a JSP page protected through digest authentication in Tomcat v6.0.

Configure a new tomcat user venakat and role btc in tomcat-users.xml as shown below,

File Name  :  

Configure DIGEST Authentication and Realm for HTTP_TEST_APP in web.xml as shown below,

File Name  :  

A simple JSP page protected through DIGEST Authentication.

File Name  :  

A simple Http Client to access the protected JSP.

File Name  :  
Author  :  Sudhakar KV
Email  :  [email protected]
package com.bethecoder.tutorials.commons_httpclient;


import org.apache.http.Header;
import org.apache.http.HttpResponse;
import org.apache.http.HttpStatus;
import org.apache.http.auth.AUTH;
import org.apache.http.auth.AuthenticationException;
import org.apache.http.auth.MalformedChallengeException;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.ResponseHandler;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.auth.DigestScheme;
import org.apache.http.impl.client.BasicResponseHandler;
import org.apache.http.impl.client.DefaultHttpClient;

public class DigestAuthenticationTest {

   @param args
   @throws IOException 
   @throws ClientProtocolException 
  public static void main(String[] argsthrows ClientProtocolException, IOException {
    DefaultHttpClient httpclient = new DefaultHttpClient();
    DefaultHttpClient httpclient2 = new DefaultHttpClient();
    HttpGet httpget = new HttpGet("http://localhost:8080/HTTP_TEST_APP/digest_protected.jsp");
    System.out.println("Requesting : " + httpget.getURI());

    try {
      //Initial request without credentials returns "HTTP/1.1 401 Unauthorized"
      HttpResponse response = httpclient.execute(httpget);
            if (response.getStatusLine().getStatusCode() == HttpStatus.SC_UNAUTHORIZED) {
              //Get current current "WWW-Authenticate" header from response
              // WWW-Authenticate:Digest realm="My Test Realm", qop="auth", 
              //nonce="cdcf6cbe6ee17ae0790ed399935997e8", opaque="ae40d7c8ca6a35af15460d352be5e71c"
                Header authHeader = response.getFirstHeader(AUTH.WWW_AUTH);
                System.out.println("authHeader = " + authHeader);
                DigestScheme digestScheme = new DigestScheme();
                //Parse realm, nonce sent by server. 
                UsernamePasswordCredentials creds = new UsernamePasswordCredentials("venkat""mypassword");
                httpget.addHeader(digestScheme.authenticate(creds, httpget));
                ResponseHandler<String> responseHandler = new BasicResponseHandler();
                String responseBody = httpclient2.execute(httpget, responseHandler);
          System.out.println("responseBody : " + responseBody);
    catch (MalformedChallengeException e) {
    catch (AuthenticationException e) {
    finally {



It gives the following output,
File Name  :  OUTPUT



Books Recommendation

Your Ad Here
bl  br