http client 4.3 not sending credentials

https://stackoverflow.com/questions/21647337

08-10-2022
|

Pregunta

I am trying to send a get request using apache http client 4.3 (to a client using self sign cert), however I get back the error "Requires Authentication" everytime. In a web browser it works just fine so the username / password / url is correct. Is this not the way to pass username/password using http client 4.3?

public static String sendJsonHttpGetRequest(
                String host,
                String path,
                String username,
                String password,
                int socketTimeout,
                int connectionTimeout,
                int connectionRequestTimeout
                ) throws Exception
    {
            String responseBody = null;
            CredentialsProvider credsProvider = new BasicCredentialsProvider();
            credsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(username, password));
            SSLContextBuilder builder = new SSLContextBuilder();
            builder.loadTrustMaterial(null, new TrustStrategy(){
                  @Override
                  public boolean isTrusted(java.security.cert.X509Certificate[] chain, String authType) 
                  throws java.security.cert.CertificateException
                  {
                      return true;
                  }
                });
            SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(builder.build());
            CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory(sslsf).setDefaultCredentialsProvider(credsProvider).build();
            URIBuilder uriB = new URIBuilder().setScheme("https").setHost(host).setPath(path);
            HttpGet _http = new HttpGet( uriB.build() );
            RequestConfig _requestConfig = RequestConfig.custom().
                      setSocketTimeout(socketTimeout).
                      setConnectTimeout(connectionTimeout).
                      setConnectionRequestTimeout(connectionRequestTimeout).build();
            _http.addHeader("Content-Type", "application/json");
            _http.addHeader("Accept","application/json, text/xml;q=9, /;q=8");
            _http.setConfig(_requestConfig);
            // ###########################
            ResponseHandler<String> response = new BasicResponseHandler();
            responseBody = httpclient.execute(_http, response);
            return responseBody;
    }

Solución

turns out now with http 4+ you have to provide it in two locations for it to work,

second is

authCache.put(host, basicAuth);
CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(username, password));
HttpClientContext _context = HttpClientContext.create();
_context.setAuthCache(authCache);
_context.setCredentialsProvider(credentialsProvider);
responseBody = httpclient.execute(_http, response, _context);

Otros consejos

I don't use this library myself, but have you tried the HttpClient class?

HttpClient client = new HttpClient();
client.getParams().setAuthenticationPreemptive(true);
client.getState().setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(username, password));
GetMethod method = new GetMethod(uri);
client.executeMethod(method);

You still have to build the uri and set timeouts, but it could be an option.

Licenciado bajo: CC-BY-SA con atribución

No afiliado a StackOverflow