Basic Preemptive Authentication2 

Commons Http Client is a HTTP agent implementation in java supporting client-side authentication, HTTP state management and HTTP connection management. This requires the libraries httpclient-4.1.2.jar, httpcore-4.1.2.jar, httpmime-4.1.2.jar, httpclient-cache-4.1.2.jar, commons-codec.jar and commons-logging-1.1.1.jar to be in classpath. The following example shows how to access a JSP page protected through basic authentication in Tomcat v6.0.

Configure a new tomcat user venakat and role btc in tomcat-users.xml as shown below,

File Name  :   /HTTP_TEST_APP/tomcat_config_files/tomcat-users.xml

Configure BASIC Authentication for HTTP_TEST_APP in web.xml as shown below,

File Name  :   /HTTP_TEST_APP/tomcat_config_files/basic_auth_web.xml

A simple JSP page protected through BASIC Authentication.

File Name  :   /HTTP_TEST_APP/WebContent/basic_protected.jsp

A simple Http Client to access the protected JSP. We can see that the basic authentiction information is passed as request header in the format Authorization : Basic Base64(username:password)

File Name  :   com/bethecoder/tutorials/commons_httpclient/BasicPreemptiveAuthenticationTest2.java  Author  :   Sudhakar KV Email  :   [email protected]

package com.bethecoder.tutorials.commons_httpclient; import java.io.IOException; import org.apache.http.HttpHost; import org.apache.http.auth.AuthScope; import org.apache.http.auth.UsernamePasswordCredentials; import org.apache.http.client.AuthCache; import org.apache.http.client.ClientProtocolException; import org.apache.http.client.ResponseHandler; import org.apache.http.client.methods.HttpGet; import org.apache.http.client.protocol.ClientContext; import org.apache.http.impl.auth.BasicScheme; import org.apache.http.impl.client.BasicAuthCache; import org.apache.http.impl.client.BasicResponseHandler; import org.apache.http.impl.client.DefaultHttpClient; import org.apache.http.protocol.BasicHttpContext; public class BasicPreemptiveAuthenticationTest2 {   /**    * @param args    * @throws IOException     * @throws ClientProtocolException     */   public static void main(String[] args) throws ClientProtocolException, IOException {          DefaultHttpClient httpclient = new DefaultHttpClient();     HttpHost targetHost = new HttpHost("localhost", 8080);     HttpGet httpget = new HttpGet("http://localhost:8080/HTTP_TEST_APP/basic_protected.jsp");     System.out.println("Requesting : " + httpget.getURI());     try {       UsernamePasswordCredentials credentials = new UsernamePasswordCredentials("venkat", "mypassword");       AuthScope authscope = new AuthScope(targetHost.getHostName(), targetHost.getPort());       httpclient.getCredentialsProvider().setCredentials(authscope, credentials);       //Create Authentication Cache             AuthCache authCache = new BasicAuthCache();             authCache.put(targetHost, new BasicScheme());                          //Add AuthCache to the execution context             BasicHttpContext localcontext = new BasicHttpContext();             localcontext.setAttribute(ClientContext.AUTH_CACHE, authCache);             for (int i = 0 ; i < 2 ; i ++) {         ResponseHandler<String> responseHandler = new BasicResponseHandler();               String responseBody = httpclient.execute(targetHost, httpget, responseHandler, localcontext);         System.out.println("\n=========== RESPONSE ======== " + responseBody);             }            } finally {        httpclient.getConnectionManager().shutdown();     }   } }