tl  tr
  Home | Tutorials | Articles | Videos | Products | Tools | Search
Open Source | Tag Cloud | Follow Us | Bookmark | Contact   
 
 Tools and Libs > Commons Http Client > Digest Authentication

Digest Authentication 

Commons Http Client is a HTTP agent implementation in java supporting client-side authentication, HTTP state management and HTTP connection management. This requires the libraries httpclient-4.1.2.jar, httpcore-4.1.2.jar, httpmime-4.1.2.jar, httpclient-cache-4.1.2.jar, commons-codec.jar and commons-logging-1.1.1.jar to be in classpath. The following example shows how to access a JSP page protected through digest authentication in Tomcat v6.0.

Configure a new tomcat user venakat and role btc in tomcat-users.xml as shown below,

File Name  :  
/HTTP_TEST_APP/tomcat_config_files/tomcat-users.xml 

Configure DIGEST Authentication and Realm for HTTP_TEST_APP in web.xml as shown below,

File Name  :  
/HTTP_TEST_APP/tomcat_config_files/digest_auth_web.xml 

A simple JSP page protected through DIGEST Authentication.

File Name  :  
/HTTP_TEST_APP/WebContent/digest_protected.jsp 

A simple Http Client to access the protected JSP.

File Name  :  
com/bethecoder/tutorials/commons_httpclient/DigestAuthenticationTest.java 
Author  :  Sudhakar KV
Email  :  kvenkatasudhakar@gmail.com
   
package com.bethecoder.tutorials.commons_httpclient;

import java.io.IOException;

import org.apache.http.Header;
import org.apache.http.HttpResponse;
import org.apache.http.HttpStatus;
import org.apache.http.auth.AUTH;
import org.apache.http.auth.AuthenticationException;
import org.apache.http.auth.MalformedChallengeException;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.ResponseHandler;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.auth.DigestScheme;
import org.apache.http.impl.client.BasicResponseHandler;
import org.apache.http.impl.client.DefaultHttpClient;

public class DigestAuthenticationTest {

  /**
   @param args
   @throws IOException 
   @throws ClientProtocolException 
   */
  public static void main(String[] argsthrows ClientProtocolException, IOException {
    DefaultHttpClient httpclient = new DefaultHttpClient();
    DefaultHttpClient httpclient2 = new DefaultHttpClient();
    HttpGet httpget = new HttpGet("http://localhost:8080/HTTP_TEST_APP/digest_protected.jsp");
    System.out.println("Requesting : " + httpget.getURI());

    try {
      //Initial request without credentials returns "HTTP/1.1 401 Unauthorized"
      HttpResponse response = httpclient.execute(httpget);
      System.out.println(response.getStatusLine());
      
            if (response.getStatusLine().getStatusCode() == HttpStatus.SC_UNAUTHORIZED) {
              
              //Get current current "WWW-Authenticate" header from response
              // WWW-Authenticate:Digest realm="My Test Realm", qop="auth", 
              //nonce="cdcf6cbe6ee17ae0790ed399935997e8", opaque="ae40d7c8ca6a35af15460d352be5e71c"
                Header authHeader = response.getFirstHeader(AUTH.WWW_AUTH);
                System.out.println("authHeader = " + authHeader);
                
                DigestScheme digestScheme = new DigestScheme();
                
                //Parse realm, nonce sent by server. 
                digestScheme.processChallenge(authHeader);
                
                UsernamePasswordCredentials creds = new UsernamePasswordCredentials("venkat""mypassword");
                httpget.addHeader(digestScheme.authenticate(creds, httpget));
                
                ResponseHandler<String> responseHandler = new BasicResponseHandler();
                String responseBody = httpclient2.execute(httpget, responseHandler);
          System.out.println("responseBody : " + responseBody);
            }
            
    catch (MalformedChallengeException e) {
      e.printStackTrace();
    catch (AuthenticationException e) {
      e.printStackTrace();
    finally {
       httpclient.getConnectionManager().shutdown();
       httpclient2.getConnectionManager().shutdown();
    }

  }

}
   

It gives the following output,
File Name  :  OUTPUT


                    Print

   



Books Recommendation

 
 
bl  br