Connecting to a https://
Hi,
I have two requirements,
1. To connect to a http:// site that takes a username and password to login. I have the code that checks url response for internal and external sites that do not have an authentication(login types). Now when i run this on a site that requires a login i get the response code as 401. I looked up this and found out that this concerns authentication.
What i want to know is how to provide login details when i access the URL? In short my code is like this;
URLConnection connection = url.openConnection(proxy);
if (connectioninstanceof HttpURLConnection){
// check if the connection obtained is the HTTPURLCONNECTION
HttpURLConnection httpConnection
= (HttpURLConnection) connection;
httpConnection.connect();
int response = httpConnection.getResponseCode();
System.out.println("Response Code >>> " + response);
//inputStream = httpConnection.getInputStream();
if (response == 400 || response == 500 || response == 404){
result = 0;
}else{
result = 1;
}
//Load the page.
//byte[] buffer = new byte[256];
//while (inputStream.read(buffer) != -1) {
//}
}
}catch (IOException ex){
result = 0;
thrownew BackgroundTaskException(ex);
}/*finally {
try {
if (result == 1) {
inputStream.close();
}
} catch (IOException ex) {
throw new BackgroundTaskException(ex);
}
}
2. How can i achieve the same for a https:// URL?
thanks,
Dilip
[2344 byte] By [
dilip_jsfa] at [2007-11-27 8:57:44]
# 5
EJP check out what i could write after going thru the authenticator class and a few examples.
package com.mypkg;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.Authenticator;
import java.net.MalformedURLException;
import java.net.PasswordAuthentication;
import java.net.URL;
public class AuthenticationDemo {
public static void main(String args[]) throws MalformedURLException,
IOException {
String urlString = "http://<<my internal site>>";
String username = "username";
String password = "password";
Authenticator.setDefault(new MyAuthenticator(username, password));
URL url = new URL(urlString);
InputStream content = (InputStream) url.getContent();
BufferedReader in = new BufferedReader(new InputStreamReader(content));
String line;
while ((line = in.readLine()) != null) {
System.out.println(line);
}
System.out.println("Done.");
}
static class MyAuthenticator extends Authenticator {
private String username, password;
//Constructor
public MyAuthenticator(String user, String pass) {
username = user;
password = pass;
}
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication(username, password.toCharArray());
}
}
}
but i get the following stack trace...
Exception in thread "main" java.net.ProtocolException: Server redirected too many times (20)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at java.net.URLConnection.getContent(Unknown Source)
at java.net.URL.getContent(Unknown Source)
at com.mypkg.AuthDemo.main(AuthDemo.java:20)
I dunno how to work around this...
help me,
thanks,
Dilip
# 7
EJP i dont even know if i have logged in or not. Ok let me ask you a question, if i dont use authenticator and try to access the web page i get a HTML error code 401. I looked it up and it says that 'Authorisation Required'. With this code can i assume that the internal site is up and running and just that i am not able to login and check? In other words will i get the 401 error irrespective of whether the application is down or up?
let me rephrase it further,
does error code 401 take precedence over 404 or 503?
Also the user name for the site takes a domain value too. Like i got to give something like mydomain\userName
to login. Is there a way by which i can set the domain from java?
Reply asap,
thanks,
Dilip
# 10
[you wrote:]
>> Reply asap
I may or may not reply at all; if I do, it will be when and if I am ready.
[you wrote:]
> does error code 401 take precedence over 404 or 503?
The answer to that should be obvious to you from the behaviour of the application and also from my previous reply.
[I wrote:]
>> All I know is ...
IOW that's all I have to say on this.
[you wrote:]
> but you havent answered my other questions.
Correct.
You've overcome the security part of the problem. The too-many-redirects problem is a separate problem. Not a security problem. Not a question for this forum. Not why I hang around here. Not a question I am interested in answering.
ejpa at 2007-7-12 21:22:40 >
