java – HTTP requests with basic authentication-ThrowExceptions

Exception or error:

I have to download and parse XML files from http server with HTTP Basic authentication. Now I’m doing it this way:

URL url = new URL("http://SERVER.WITHOUT.AUTHENTICATION/some.xml");
     DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
     DocumentBuilder db = dbf.newDocumentBuilder();
     Document doc = db.parse(new InputSource(url.openStream()));
     doc.getDocumentElement().normalize();

But in that way I can’t get xml (or I’m just simply not aware of that ) document from server with http authentication.

I will be really grateful if you can show me the best and easiest way to reach my goal.

How to solve:

You can use an Authenticator. For example:

Authenticator.setDefault(new Authenticator() {
 @Override
        protected PasswordAuthentication getPasswordAuthentication() {
         return new PasswordAuthentication(
   "user", "password".toCharArray());
        }
});

This sets the default Authenticator and will be used in all requests. Obviously the setup is more involved when you don’t need credentials for all requests or a number of different credentials, maybe on different threads.

Alternatively you can use a DefaultHttpClient where a GET request with basic HTTP authentication would look similar to:

HttpClient httpClient = new DefaultHttpClient();
HttpGet httpGet = new HttpGet("http://foo.com/bar");
httpGet.addHeader(BasicScheme.authenticate(
 new UsernamePasswordCredentials("user", "password"),
 "UTF-8", false));

HttpResponse httpResponse = httpClient.execute(httpGet);
HttpEntity responseEntity = httpResponse.getEntity();

// read the stream returned by responseEntity.getContent()

I recommend using the latter because it gives you a lot more control (e.g. method, headers, timeouts, etc.) over your request.

###

public String reloadTomcatWebApplication(String user, String pwd, String urlWithParameters, boolean returnResponse) {
    URL url = null;
    try {
        url = new URL(urlWithParameters);
    } catch (MalformedURLException e) {
        System.out.println("MalformedUrlException: " + e.getMessage());
        e.printStackTrace();
        return "-1";
    }

    URLConnection uc = null;
    try {
        uc = url.openConnection();
    } catch (IOException e) {
        System.out.println("IOException: " + e.getMessage());
        e.printStackTrace();
        return "-12";
    }


    String userpass = user + ":" + pwd;
    String basicAuth = "Basic " + javax.xml.bind.DatatypeConverter.printBase64Binary(userpass.getBytes());

    uc.setRequestProperty("Authorization", basicAuth);
    InputStream is = null;
    try {
        is = uc.getInputStream();
    } catch (IOException e) {
        System.out.println("IOException: " + e.getMessage());
        e.printStackTrace();
        return "-13";
    }
    if (returnResponse) {
        BufferedReader buffReader = new BufferedReader(new InputStreamReader(is));
        StringBuffer response = new StringBuffer();

        String line = null;
        try {
            line = buffReader.readLine();
        } catch (IOException e) {
            e.printStackTrace();
            return "-1";
        }
        while (line != null) {
            response.append(line);
            response.append('\n');
            try {
                line = buffReader.readLine();
            } catch (IOException e) {
                System.out.println(" IOException: " + e.getMessage());
                e.printStackTrace();
                return "-14";
            }
        }
        try {
            buffReader.close();
        } catch (IOException e) {
            e.printStackTrace();
            return "-15";
        }
        System.out.println("Response: " + response.toString());
        return response.toString();
    }
    return "0";
}

###

Use HttpClient. Documentation for performing downloads with HTTP AUTH is here. Documentation for getting a string result is here. Then, parse your string (ideally using SAX, though, not DOM).

###

  • DefaultHttpClient deprecated
  • addHeader must have 2 parameters

Updated code block using HttpClient 4.5.2

HttpClient httpClient = HttpClientBuilder.create().build();
HttpGet httpGet = new HttpGet("https://test.com/abc.xyz");
httpGet.addHeader("Authorization", BasicScheme.authenticate(new UsernamePasswordCredentials("login", "password"), "UTF-8"));

HttpResponse httpResponse = httpClient.execute(httpGet);
HttpEntity responseEntity = httpResponse.getEntity();

Leave a Reply

Your email address will not be published. Required fields are marked *