IdHTTP basic authentication access violation

Question

I'm trying to do a HTTP Authentication with Indy HTTP class. But for some unknown reason I'm getting an Access Violation error in this line: IdHTTP1.Request.Authentication.Username := Username;

The code stretch is:

  IdHTTP1:= TIdHttp.Create(Application);
  IdHTTP1.ConnectTimeout:= 10000;
  IdHTTP1.Request.Clear;
  IdHTTP1.Request.BasicAuthentication:= true;
  IdHTTP1.Request.Authentication.Username := Username;
  IdHTTP1.Request.Authentication.Password := Password;
      try
        IdHTTP1.Get(PbxURL);
        HttpCode := IdHTTP1.ResponseCode;
      except
        on E: EIdHTTPProtocolException do
          HttpCode := IdHTTP1.ResponseCode;

I'm using Delphi 2010, and already tried to do something like: IdHTTP1.Request.Authentication.Username := 'admin'; but didn't solved the problem...

Answer 1

From a quick check, it appears that there is no IdHTTP.Request.Authentication needed (and therefore none is created) when the Request.BasicAuthentication is true. You should be using Request.UserName and Request.Password instead.

IdHTTP1:= TIdHttp.Create(Application);
IdHTTP1.ConnectTimeout:= 10000;
IdHTTP1.Request.Clear;
IdHTTP1.Request.BasicAuthentication:= true;
IdHTTP1.Request.UserName := UserName;
IdHTTP1.Request.Password := Password;

Answer 2

By default, the Request.Authentication object is not allocated until a request has been sent and an authentication response has been received, then the OnSelectAuthorization event is triggered to determine which class type to allocate for the object for subsequent requests..

The only other way the Request.Authentication object can be allocated is if you do it manually in your own code before sending a request, such as if you know ahead of time which auth scheme the server uses without sending a request to discover that dynamically.