Sending login details as a part of HTTP auth header

Support
1

Hi,

The server side of the form submission for my project requires the user to
be authenticated.
As a part of this, we have to send the login details in HTTP auth.

I am trying to send with the below code, however i am not able to do so.

if(!this.mLogon.equals("")) { //Logon information provided

  • Log.i("Uploading","preemptiveAuth");*

  • HttpRequestInterceptor preemptiveAuth = new HttpRequestInterceptor() {*

  • public void process(final HttpRequest request, final HttpContext
    context) throws HttpException, IOException {*

  • HttpHost targetHost = (HttpHost) context.getAttribute(ExecutionContext.
    HTTP_TARGET_HOST);*

  • AuthScope authScope = new AuthScope(targetHost.getHostName(),
    targetHost.getPort());*

  • AuthState authState = (AuthState) context.getAttribute(ClientContext.
    TARGET_AUTH_STATE);*

  • CredentialsProvider credsProvider = (CredentialsProvider)
    context.getAttribute(*

  • ClientContext.CREDS_PROVIDER);*

  • Credentials creds = credsProvider.getCredentials(authScope);*

  • if (creds != null) {*

  • authState.setAuthScheme(new BasicScheme());*

  • authState.setCredentials(creds);*

··· * *

  • defaultHttpclient.addRequestInterceptor(preemptiveAuth, 0);*

Can someone guide me with this ?

2

Hi,

Anyone to help with below ?

Thanks,
Parikshit Deshpande

··· On Monday, 22 October 2012 09:02:34 UTC-4, Parikshit Deshpande wrote: > > Hi, > > The server side of the form submission for my project requires the user to > be authenticated. > As a part of this, we have to send the login details in HTTP auth. > > I am trying to send with the below code, however i am not able to do so. > > > *if(!this.mLogon.equals("")) { //Logon information provided* > > * Log.i("Uploading","preemptiveAuth");* > > * HttpRequestInterceptor preemptiveAuth = new HttpRequestInterceptor() {* > > * public void process(final HttpRequest request, final HttpContext > context) throws HttpException, IOException {* > > * HttpHost targetHost = (HttpHost) > context.getAttribute(ExecutionContext.HTTP_TARGET_HOST);* > > * AuthScope authScope = new AuthScope(targetHost.getHostName(), > targetHost.getPort());* > > * AuthState authState = (AuthState) context.getAttribute(ClientContext. > TARGET_AUTH_STATE);* > > * CredentialsProvider credsProvider = (CredentialsProvider) > context.getAttribute(* > > * ClientContext.CREDS_PROVIDER);* > > * Credentials creds = credsProvider.getCredentials(authScope);* > > * if (creds != null) {* > > * authState.setAuthScheme(new BasicScheme());* > > * authState.setCredentials(creds);* > > * > * > > * defaultHttpclient.addRequestInterceptor(preemptiveAuth, 0);* > > * > * > > Can someone guide me with this ? >
3

ODK Collect 1.2.1 sends preemptive basic auth if the connection is over
https (you should not send preemptive auth on a http connection, as the
username and password are sent unencrypted ).
if ( u.getScheme().equals("https") ) {
WebUtils.enablePreemptiveBasicAuth(localContext,
u.getHost());
}

Mitch

··· On Thu, Nov 1, 2012 at 5:20 PM, Parikshit Deshpande wrote:

Hi,

Anyone to help with below ?

Thanks,
Parikshit Deshpande

On Monday, 22 October 2012 09:02:34 UTC-4, Parikshit Deshpande wrote:

Hi,

The server side of the form submission for my project requires the user
to be authenticated.
As a part of this, we have to send the login details in HTTP auth.

I am trying to send with the below code, however i am not able to do so.

if(!this.mLogon.equals("")) { //Logon information provided

  • Log.i("Uploading","preemptiveAuth");*

  • HttpRequestInterceptor preemptiveAuth = new HttpRequestInterceptor() {

  • public void process(final HttpRequest request, final HttpContext
    context) throws HttpException, IOException {*

  • HttpHost targetHost = (HttpHost) context.getAttribute(
    ExecutionContext.HTTP_TARGET_HOST);*

  • AuthScope authScope = new AuthScope(targetHost.getHostName(),
    targetHost.getPort());*

  • AuthState authState = (AuthState) context.getAttribute(ClientContext.
    TARGET_AUTH_STATE);*

  • CredentialsProvider credsProvider = (CredentialsProvider)
    context.getAttribute(*

  • ClientContext.CREDS_PROVIDER);*

  • Credentials creds = credsProvider.getCredentials(authScope);*

  • if (creds != null) {*

  • authState.setAuthScheme(new BasicScheme());*

  • authState.setCredentials(creds);*

  • defaultHttpclient.addRequestInterceptor(preemptiveAuth, 0);*

Can someone guide me with this ?

--
Post: opendatakit@googlegroups.com
Unsubscribe: opendatakit+unsubscribe@googlegroups.com
Options: http://groups.google.com/group/opendatakit?hl=en

--
Mitch Sundt
Software Engineer
University of Washington
mitchellsundt@gmail.com

4

Thanks Mitchell,

But i had a doubt regarding this implementation.
I am currently reading the username password from user preferences.

Now the server side code checks for preemptive authentication and i need to
pass even the username password in the request.
How can i do this ?

One was i was thinking it to implement *HttpRequestInterceptor *and then
add the credentials to the authstate.
authState.setCredentials(creds);

··· * * Is this approach correct ?

Also i tried setting https to see if preemptive auth is set or not but on
executing the request i get the following exception :
javax.net.ssl.SSLPeerUnverifiedException: No peer certificate

Do i need to add any certificate for this ? What is a way to make this work
?

Thanks,
Parikshit.

On Fri, Nov 2, 2012 at 12:36 PM, Mitch S mitchellsundt@gmail.com wrote:

ODK Collect 1.2.1 sends preemptive basic auth if the connection is over
https (you should not send preemptive auth on a http connection, as the
username and password are sent unencrypted ).
if ( u.getScheme().equals("https") ) {
WebUtils.enablePreemptiveBasicAuth(localContext,
u.getHost());
}

Mitch

On Thu, Nov 1, 2012 at 5:20 PM, Parikshit Deshpande qpari4655@gmail.comwrote:

Hi,

Anyone to help with below ?

Thanks,
Parikshit Deshpande

On Monday, 22 October 2012 09:02:34 UTC-4, Parikshit Deshpande wrote:

Hi,

The server side of the form submission for my project requires the user
to be authenticated.
As a part of this, we have to send the login details in HTTP auth.

I am trying to send with the below code, however i am not able to do so.

if(!this.mLogon.equals("")) { //Logon information provided

  • Log.i("Uploading","preemptiveAuth");*

  • HttpRequestInterceptor preemptiveAuth = new HttpRequestInterceptor()
    {*

  • public void process(final HttpRequest request, final HttpContext
    context) throws HttpException, IOException {*

  • HttpHost targetHost = (HttpHost) context.getAttribute(
    ExecutionContext.HTTP_TARGET_HOST);*

  • AuthScope authScope = new AuthScope(targetHost.getHostName(),
    targetHost.getPort());*

  • AuthState authState = (AuthState) context.getAttribute(
    ClientContext.TARGET_AUTH_STATE);*

  • CredentialsProvider credsProvider = (CredentialsProvider)
    context.getAttribute(*

  • ClientContext.CREDS_PROVIDER);*

  • Credentials creds = credsProvider.getCredentials(authScope);*

  • if (creds != null) {*

  • authState.setAuthScheme(new BasicScheme());*

  • authState.setCredentials(creds);*

  • defaultHttpclient.addRequestInterceptor(preemptiveAuth, 0);*

Can someone guide me with this ?

--
Post: opendatakit@googlegroups.com
Unsubscribe: opendatakit+unsubscribe@googlegroups.com
Options: http://groups.google.com/group/opendatakit?hl=en

--
Mitch Sundt
Software Engineer
University of Washington
mitchellsundt@gmail.com

--
Post: opendatakit@googlegroups.com
Unsubscribe: opendatakit+unsubscribe@googlegroups.com
Options: http://groups.google.com/group/opendatakit?hl=en

5

Doubt or is there a bug??

The code should work as-is. The certificate problem likely indicates that
you are using a self-signed certificate or you need to update the root
certificates on the phone.

Mitch

··· On Sat, Nov 3, 2012 at 6:28 AM, Parikshit Deshpande wrote:

Thanks Mitchell,

But i had a doubt regarding this implementation.
I am currently reading the username password from user preferences.

Now the server side code checks for preemptive authentication and i need
to pass even the username password in the request.
How can i do this ?

One was i was thinking it to implement *HttpRequestInterceptor *and then
add the credentials to the authstate.
authState.setCredentials(creds);
*
*
Is this approach correct ?

Also i tried setting https to see if preemptive auth is set or not but on
executing the request i get the following exception :
javax.net.ssl.SSLPeerUnverifiedException: No peer certificate

Do i need to add any certificate for this ? What is a way to make this
work ?

Thanks,
Parikshit.

On Fri, Nov 2, 2012 at 12:36 PM, Mitch S mitchellsundt@gmail.com wrote:

ODK Collect 1.2.1 sends preemptive basic auth if the connection is over
https (you should not send preemptive auth on a http connection, as the
username and password are sent unencrypted ).
if ( u.getScheme().equals("https") ) {
WebUtils.enablePreemptiveBasicAuth(localContext,
u.getHost());
}

Mitch

On Thu, Nov 1, 2012 at 5:20 PM, Parikshit Deshpande qpari4655@gmail.comwrote:

Hi,

Anyone to help with below ?

Thanks,
Parikshit Deshpande

On Monday, 22 October 2012 09:02:34 UTC-4, Parikshit Deshpande wrote:

Hi,

The server side of the form submission for my project requires the user
to be authenticated.
As a part of this, we have to send the login details in HTTP auth.

I am trying to send with the below code, however i am not able to do so.

if(!this.mLogon.equals("")) { //Logon information provided

  • Log.i("Uploading","preemptiveAuth");*

  • HttpRequestInterceptor preemptiveAuth = newHttpRequestInterceptor() {

  • public void process(final HttpRequest request, final HttpContext
    context) throws HttpException, IOException {*

  • HttpHost targetHost = (HttpHost) context.getAttribute(
    ExecutionContext.HTTP_TARGET_HOST);*

  • AuthScope authScope = new AuthScope(targetHost.getHostName(),
    targetHost.getPort());*

  • AuthState authState = (AuthState) context.getAttribute(
    ClientContext.TARGET_AUTH_STATE);*

  • CredentialsProvider credsProvider = (CredentialsProvider)
    context.getAttribute(*

  • ClientContext.CREDS_PROVIDER);*

  • Credentials creds = credsProvider.getCredentials(authScope);*

  • if (creds != null) {*

  • authState.setAuthScheme(new BasicScheme());*

  • authState.setCredentials(creds);*

  • defaultHttpclient.addRequestInterceptor(preemptiveAuth, 0);*

Can someone guide me with this ?

--
Post: opendatakit@googlegroups.com
Unsubscribe: opendatakit+unsubscribe@googlegroups.com
Options: http://groups.google.com/group/opendatakit?hl=en

--
Mitch Sundt
Software Engineer
University of Washington
mitchellsundt@gmail.com

--
Post: opendatakit@googlegroups.com
Unsubscribe: opendatakit+unsubscribe@googlegroups.com
Options: http://groups.google.com/group/opendatakit?hl=en

--
Post: opendatakit@googlegroups.com
Unsubscribe: opendatakit+unsubscribe@googlegroups.com
Options: http://groups.google.com/group/opendatakit?hl=en

--
Mitch Sundt
Software Engineer
University of Washington
mitchellsundt@gmail.com