Android HttpClient reactive authentication

Question

I am trying to set up an Android app where I can access URL's behind arbitrary proxies or HTTP authentications. That is, the app won't know immediately if a URL needs authentication and will repond to an authentication request by asking the user for credentials, the same way it does for the Android Browser.

I recently worked out how to request user authentication for a WebView, responding to authentication requests from the browser, bringing up a dialog, and advancing the user to the destination page. I am looking to do the same with HttpClient.

The basic process, as I see it, is to:

1. Perform the request via HttpClient.execute.
   • If not 401 or 407 with proper headers, trigger a "done" callback.
   • Otherwise...
2. Pop up a dialog asking for the username and password.
3. Set the http credentials in the HTTP client via HttpClient.getCredentialsProvider().setCredentials.
4. Return to step 1 until the the user clicks cancel or the server gives up. In that case, trigger a "failed" callback with the last response received.

Am I on the right track or has someone already implemented something similar? I would hate to be reinventing the wheel on this.

Answer 1

The reactive approach described above did work. Responding to an arbitrary 401 or 407 request is effective with the caveat that you need to suppor each authentication scheme you expect to encounter so something like UsernamePasswordCredentials won't work for NTLM.

Answer 2

You should try the authentication example on the apache site

httpclient.getCredentialsProvider().setCredentials(
                    new AuthScope("localhost", 443),
                    new UsernamePasswordCredentials("username", "password"));

The direct link to the java file is http://hc.apache.org/httpcomponents-client-ga/httpclient/examples/org/apache/http/examples/client/ClientAuthentication.java