Quantcast

HTTP Basic Authentication (header encoding)

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

HTTP Basic Authentication (header encoding)

Rabick, Mark A (IS)
HTTP Basic Authentication (header encoding)

Does anyone have a code snippet for creating the Base64 encoded user/password combination for a Jersey server configured for BASIC authentication? 

In the Jersey client code, is it just:

nodeBaseResource.header("Authorization", "base64encoded_userid:password").type("application/xml").post(nodeV1);

… for a post request?

--mark
_______________________________________________
Mark A. Rabick
Software Engineer
Northrop Grumman - Integrated Mission Systems (IS/DSD/IMS)
3200 Samson Way
Bellevue, NE  68123
Ph:  (402) 293-7091
Em: [hidden email]
Remember PFC Ross A. McGinnis...
  http://www.army.mil/medalofhonor/McGinnis/index.html
... MA2 Michael A. Monsoor, Lt. Michael P. Murphy, Cpl. Jason Dunham, SFC Paul Ray Smith and the rest...
  http://www.cmohs.org/recipients/most_recent.htm


Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: HTTP Basic Authentication (header encoding)

Craig McClanahan
Rabick, Mark A (IS) wrote:
HTTP Basic Authentication (header encoding)

Does anyone have a code snippet for creating the Base64 encoded user/password combination for a Jersey server configured for BASIC authentication? 

In the Jersey client code, is it just:

nodeBaseResource.header("Authorization", "base64encoded_userid:password").type("application/xml").post(nodeV1);

… for a post request?

Close.  The header value has to be slightly different, though:

nodeBaseResource.header("Authorization", "Basic " + "base64encoded_userid:password").type("application/xml").post(nodeV1);

Craig

--mark
_______________________________________________
Mark A. Rabick
Software Engineer
Northrop Grumman - Integrated Mission Systems (IS/DSD/IMS)
3200 Samson Way
Bellevue, NE  68123
Ph:  (402) 293-7091
Em: [hidden email]
Remember PFC Ross A. McGinnis...
  http://www.army.mil/medalofhonor/McGinnis/index.html
... MA2 Michael A. Monsoor, Lt. Michael P. Murphy, Cpl. Jason Dunham, SFC Paul Ray Smith and the rest...
  http://www.cmohs.org/recipients/most_recent.htm



Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: HTTP Basic Authentication (header encoding)

Rabick, Mark A (IS)
I forgot to prefix the header with "Basic " but my I'm trying to figure
out how to use the HTTPBasicAuthFilter and ClientHandler code but I
can't find an example:
 

        HTTPBasicAuthFilter authFilter = new
HTTPBasicAuthFilter("weblogic","weblogic");
        ClientConfig cc = new DefaultClientConfig();
        Client c = Client.create(cc);
        c.addFilter(authFilter);
        webResource =
c.resource("http://localhost:7001/i3/cnodb/cdal/rest");

 but I'm not sure how this all harnesses together...

-mark

_______________________________________________
Mark A. Rabick - Software Engineer
Em: [hidden email]

 


________________________________

        From: [hidden email] [mailto:[hidden email]]

        Sent: Thursday, April 30, 2009 4:37 PM
        To: [hidden email]
        Subject: Re: [Jersey] HTTP Basic Authentication (header
encoding)
       
       
        Rabick, Mark A (IS) wrote:

                Does anyone have a code snippet for creating the Base64
encoded user/password combination for a Jersey server configured for
BASIC authentication?  

                In the Jersey client code, is it just:

                nodeBaseResource.header("Authorization",
"base64encoded_userid:password").type("application/xml").post(nodeV1);

                ... for a post request?

        Close.  The header value has to be slightly different, though:
       
       

        nodeBaseResource.header("Authorization", "Basic " +
"base64encoded_userid:password").type("application/xml").post(nodeV1);

        Craig
       

                --mark
                _______________________________________________
                Mark A. Rabick
                Software Engineer
                Northrop Grumman - Integrated Mission Systems
(IS/DSD/IMS)
                3200 Samson Way
                Bellevue, NE  68123
                Ph:  (402) 293-7091
                Em: [hidden email]
                Remember PFC Ross A. McGinnis...
                  http://www.army.mil/medalofhonor/McGinnis/index.html
<http://www.army.mil/medalofhonor/McGinnis/index.html>
                ... MA2 Michael A. Monsoor, Lt. Michael P. Murphy, Cpl.
Jason Dunham, SFC Paul Ray Smith and the rest...
                  http://www.cmohs.org/recipients/most_recent.htm
<http://www.cmohs.org/recipients/most_recent.htm>  




---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: HTTP Basic Authentication (header encoding)

Pavel Bucek

Hello,

see MainTest.java in https-clientserver-grizzly sample:

==========

        Client c = Client.create();

        // client basic auth demonstration
        c.addFilter(new HTTPBasicAuthFilter("user", "password"));

        System.out.println("Client: GET " + Server.BASE_URI);

        WebResource r = c.resource(Server.BASE_URI);

        String page = (String) r.path("/").get(String.class);

==========

And how this works? When you create WebResource instance, it has
reference to the original client and every request is passed through it
(so filter will be used for all WebResource instances created from that
particular Client).

Or you can set filter even on WebResource instance:

==========
        Client c = Client.create();

        WebResource r = c.resource(Server.BASE_URI);

        r.addFilter(new HTTPBasicAuthFilter("user", "password"));

        String page = (String) r.path("/").get(String.class);
==========


Hope it helps.

Pavel


Rabick, Mark A (IS) wrote:

> I forgot to prefix the header with "Basic " but my I'm trying to figure
> out how to use the HTTPBasicAuthFilter and ClientHandler code but I
> can't find an example:
>  
>
> HTTPBasicAuthFilter authFilter = new
> HTTPBasicAuthFilter("weblogic","weblogic");
> ClientConfig cc = new DefaultClientConfig();
> Client c = Client.create(cc);
> c.addFilter(authFilter);
> webResource =
> c.resource("http://localhost:7001/i3/cnodb/cdal/rest");
>
>  but I'm not sure how this all harnesses together...
>
> -mark
>
> _______________________________________________
> Mark A. Rabick - Software Engineer
> Em: [hidden email]
>
>  
>
>
> ________________________________
>
> From: [hidden email] [mailto:[hidden email]]
>
> Sent: Thursday, April 30, 2009 4:37 PM
> To: [hidden email]
> Subject: Re: [Jersey] HTTP Basic Authentication (header
> encoding)
>
>
> Rabick, Mark A (IS) wrote:
>
> Does anyone have a code snippet for creating the Base64
> encoded user/password combination for a Jersey server configured for
> BASIC authentication?  
>
> In the Jersey client code, is it just:
>
> nodeBaseResource.header("Authorization",
> "base64encoded_userid:password").type("application/xml").post(nodeV1);
>
> ... for a post request?
>
> Close.  The header value has to be slightly different, though:
>
>
>
> nodeBaseResource.header("Authorization", "Basic " +
> "base64encoded_userid:password").type("application/xml").post(nodeV1);
>
> Craig
>
>
> --mark
> _______________________________________________
> Mark A. Rabick
> Software Engineer
> Northrop Grumman - Integrated Mission Systems
> (IS/DSD/IMS)
> 3200 Samson Way
> Bellevue, NE  68123
> Ph:  (402) 293-7091
> Em: [hidden email]
> Remember PFC Ross A. McGinnis...
>  http://www.army.mil/medalofhonor/McGinnis/index.html
> <http://www.army.mil/medalofhonor/McGinnis/index.html>
> ... MA2 Michael A. Monsoor, Lt. Michael P. Murphy, Cpl.
> Jason Dunham, SFC Paul Ray Smith and the rest...
>  http://www.cmohs.org/recipients/most_recent.htm
> <http://www.cmohs.org/recipients/most_recent.htm>  
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>  


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: HTTP Basic Authentication (header encoding)

Rabick, Mark A (IS)
I'm getting an NPE in Line 67 of HTTPBasicAuthFilter if I try it as you
have it below:

                HTTPBasicAuthFilter authFilter = new
HTTPBasicAuthFilter("weblogic","weblogic");
                client = Client.create();
                client.addFilter(authFilter);

...

       
nodeResource.type(MediaType.APPLICATION_XML)
       
.accept(MediaType.APPLICATION_XML)
                                        .post(nodeV1);

--mark

Ps. I noticed an issue from 4/24 to fix the internal encoding .. I'm
running the 1.0.3 release.  Maybe I don't have the fix?


_______________________________________________
Mark A. Rabick - Software Engineer
Em: [hidden email]

 

> -----Original Message-----
> From: [hidden email] [mailto:[hidden email]]
> Sent: Thursday, April 30, 2009 5:41 PM
> To: [hidden email]
> Subject: Re: [Jersey] HTTP Basic Authentication (header encoding)
>
>
> Hello,
>
> see MainTest.java in https-clientserver-grizzly sample:
>
> ==========
>
>         Client c = Client.create();
>
>         // client basic auth demonstration
>         c.addFilter(new HTTPBasicAuthFilter("user", "password"));
>
>         System.out.println("Client: GET " + Server.BASE_URI);
>
>         WebResource r = c.resource(Server.BASE_URI);
>
>         String page = (String) r.path("/").get(String.class);
>
> ==========
>
> And how this works? When you create WebResource instance, it
> has reference to the original client and every request is
> passed through it (so filter will be used for all WebResource
> instances created from that particular Client).
>
> Or you can set filter even on WebResource instance:
>
> ==========
>         Client c = Client.create();
>
>         WebResource r = c.resource(Server.BASE_URI);
>
>         r.addFilter(new HTTPBasicAuthFilter("user", "password"));
>
>         String page = (String) r.path("/").get(String.class);
> ==========
>
>
> Hope it helps.
>
> Pavel
>
>
> Rabick, Mark A (IS) wrote:
> > I forgot to prefix the header with "Basic " but my I'm trying to
> > figure out how to use the HTTPBasicAuthFilter and
> ClientHandler code
> > but I can't find an example:
> >  
> >
> > HTTPBasicAuthFilter authFilter = new
> > HTTPBasicAuthFilter("weblogic","weblogic");
> > ClientConfig cc = new DefaultClientConfig();
> > Client c = Client.create(cc);
> > c.addFilter(authFilter);
> > webResource =
> > c.resource("http://localhost:7001/i3/cnodb/cdal/rest");
> >
> >  but I'm not sure how this all harnesses together...
> >
> > -mark
> >
> > _______________________________________________
> > Mark A. Rabick - Software Engineer
> > Em: [hidden email]
> >
> >  
> >
> >
> > ________________________________
> >
> > From: [hidden email] [mailto:[hidden email]]
> >
> > Sent: Thursday, April 30, 2009 4:37 PM
> > To: [hidden email]
> > Subject: Re: [Jersey] HTTP Basic Authentication (header
> > encoding)
> >
> >
> > Rabick, Mark A (IS) wrote:
> >
> > Does anyone have a code snippet for creating
> the Base64 encoded
> > user/password combination for a Jersey server configured for BASIC
> > authentication?
> >
> > In the Jersey client code, is it just:
> >
> > nodeBaseResource.header("Authorization",
> >
> "base64encoded_userid:password").type("application/xml").post(nodeV1);
> >
> > ... for a post request?
> >
> > Close.  The header value has to be slightly different, though:
> >
> >
> >
> > nodeBaseResource.header("Authorization", "Basic " +
> >
> "base64encoded_userid:password").type("application/xml").post(nodeV1);
> >
> > Craig
> >
> >
> > --mark
> > _______________________________________________
> > Mark A. Rabick
> > Software Engineer
> > Northrop Grumman - Integrated Mission Systems
> > (IS/DSD/IMS)
> > 3200 Samson Way
> > Bellevue, NE  68123
> > Ph:  (402) 293-7091
> > Em: [hidden email]
> > Remember PFC Ross A. McGinnis...
> >  http://www.army.mil/medalofhonor/McGinnis/index.html
> > <http://www.army.mil/medalofhonor/McGinnis/index.html>
> > ... MA2 Michael A. Monsoor, Lt. Michael P. Murphy, Cpl.
> > Jason Dunham, SFC Paul Ray Smith and the rest...
> >  http://www.cmohs.org/recipients/most_recent.htm
> > <http://www.cmohs.org/recipients/most_recent.htm>
> >
> >
> >
> >
> >
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [hidden email]
> > For additional commands, e-mail: [hidden email]
> >
> >  
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: HTTP Basic Authentication (header encoding)

Paul Sandoz
Administrator

On May 1, 2009, at 1:08 AM, Rabick, Mark A (IS) wrote:

> I'm getting an NPE in Line 67 of HTTPBasicAuthFilter if I try it as  
> you
> have it below:
>
> HTTPBasicAuthFilter authFilter = new
> HTTPBasicAuthFilter("weblogic","weblogic");
> client = Client.create();
> client.addFilter(authFilter);
>
> ...
>
>
> nodeResource.type(MediaType.APPLICATION_XML)
>
> .accept(MediaType.APPLICATION_XML)
> .post(nodeV1);
>
> --mark
>
> Ps. I noticed an issue from 4/24 to fix the internal encoding ..

Correct. The filter was padding the string to be base 64 encoded with  
0 values. This result in an incorrect base 64 encoded string that was  
not correctly padded with "=" characters.


> I'm
> running the 1.0.3 release.  Maybe I don't have the fix?
>

I fixed in the 1.1.0-ea-SNAPSHOT and the latest stable release that i  
will announce today.

Paul.

>
> _______________________________________________
> Mark A. Rabick - Software Engineer
> Em: [hidden email]
>
>
>
>> -----Original Message-----
>> From: [hidden email] [mailto:[hidden email]]
>> Sent: Thursday, April 30, 2009 5:41 PM
>> To: [hidden email]
>> Subject: Re: [Jersey] HTTP Basic Authentication (header encoding)
>>
>>
>> Hello,
>>
>> see MainTest.java in https-clientserver-grizzly sample:
>>
>> ==========
>>
>>        Client c = Client.create();
>>
>>        // client basic auth demonstration
>>        c.addFilter(new HTTPBasicAuthFilter("user", "password"));
>>
>>        System.out.println("Client: GET " + Server.BASE_URI);
>>
>>        WebResource r = c.resource(Server.BASE_URI);
>>
>>        String page = (String) r.path("/").get(String.class);
>>
>> ==========
>>
>> And how this works? When you create WebResource instance, it
>> has reference to the original client and every request is
>> passed through it (so filter will be used for all WebResource
>> instances created from that particular Client).
>>
>> Or you can set filter even on WebResource instance:
>>
>> ==========
>>        Client c = Client.create();
>>
>>        WebResource r = c.resource(Server.BASE_URI);
>>
>>        r.addFilter(new HTTPBasicAuthFilter("user", "password"));
>>
>>        String page = (String) r.path("/").get(String.class);
>> ==========
>>
>>
>> Hope it helps.
>>
>> Pavel
>>
>>
>> Rabick, Mark A (IS) wrote:
>>> I forgot to prefix the header with "Basic " but my I'm trying to
>>> figure out how to use the HTTPBasicAuthFilter and
>> ClientHandler code
>>> but I can't find an example:
>>>
>>>
>>> HTTPBasicAuthFilter authFilter = new
>>> HTTPBasicAuthFilter("weblogic","weblogic");
>>> ClientConfig cc = new DefaultClientConfig();
>>> Client c = Client.create(cc);
>>> c.addFilter(authFilter);
>>> webResource =
>>> c.resource("http://localhost:7001/i3/cnodb/cdal/rest");
>>>
>>> but I'm not sure how this all harnesses together...
>>>
>>> -mark
>>>
>>> _______________________________________________
>>> Mark A. Rabick - Software Engineer
>>> Em: [hidden email]
>>>
>>>
>>>
>>>
>>> ________________________________
>>>
>>> From: [hidden email] [mailto:[hidden email]]
>>>
>>> Sent: Thursday, April 30, 2009 4:37 PM
>>> To: [hidden email]
>>> Subject: Re: [Jersey] HTTP Basic Authentication (header
>>> encoding)
>>>
>>>
>>> Rabick, Mark A (IS) wrote:
>>>
>>> Does anyone have a code snippet for creating
>> the Base64 encoded
>>> user/password combination for a Jersey server configured for BASIC
>>> authentication?
>>>
>>> In the Jersey client code, is it just:
>>>
>>> nodeBaseResource.header("Authorization",
>>>
>> "base64encoded_userid:password").type("application/
>> xml").post(nodeV1);
>>>
>>> ... for a post request?
>>>
>>> Close.  The header value has to be slightly different, though:
>>>
>>>
>>>
>>> nodeBaseResource.header("Authorization", "Basic " +
>>>
>> "base64encoded_userid:password").type("application/
>> xml").post(nodeV1);
>>>
>>> Craig
>>>
>>>
>>> --mark
>>> _______________________________________________
>>> Mark A. Rabick
>>> Software Engineer
>>> Northrop Grumman - Integrated Mission Systems
>>> (IS/DSD/IMS)
>>> 3200 Samson Way
>>> Bellevue, NE  68123
>>> Ph:  (402) 293-7091
>>> Em: [hidden email]
>>> Remember PFC Ross A. McGinnis...
>>>  http://www.army.mil/medalofhonor/McGinnis/index.html
>>> <http://www.army.mil/medalofhonor/McGinnis/index.html>
>>> ... MA2 Michael A. Monsoor, Lt. Michael P. Murphy, Cpl.
>>> Jason Dunham, SFC Paul Ray Smith and the rest...
>>>  http://www.cmohs.org/recipients/most_recent.htm
>>> <http://www.cmohs.org/recipients/most_recent.htm>
>>>
>>>
>>>
>>>
>>>
>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: [hidden email]
>>> For additional commands, e-mail: [hidden email]
>>>
>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [hidden email]
>> For additional commands, e-mail: [hidden email]
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: HTTP Basic Authentication (header encoding)

markthegre
This post has NOT been accepted by the mailing list yet.
In reply to this post by Pavel Bucek
Excellent response.  Thanks!
Loading...