aspose file tools*
The moose likes Servlets and the fly likes Automatic Basic Authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Automatic Basic Authentication" Watch "Automatic Basic Authentication" New topic
Author

Automatic Basic Authentication

Deyan Sultov
Ranch Hand

Joined: Jul 01, 2002
Posts: 32
Hello All,

[Background]
I have a simple JSP - Servlet application that user interacts with. There is a possibility user to define a set of URL's(as well as user/pass if they are protected) which later he can visit by pressing a button. The user should be able to log authomatically no matter whether these sites are pass protected.

[Problem]
One of these sites uses Basic Authentication. Is is possible to implement an authomatic login in this case. I tried the following mechanism but it didn't work:

String userPassword = theUsername + ":" + thePassword;
String encoding = new sun.misc.BASE64Encoder().encode (userPassword.getBytes());
response.setHeader("Authorization", "Basic " + encoding);
response.sendRedirect('URL to GO');

Please can you help me.

Thanks in advance,
Deyan
[ May 05, 2005: Message edited by: Deyan Sultov ]
Thomas Mcfarrow
Ranch Hand

Joined: Jul 09, 2001
Posts: 137
Hello,

I would try using the RequestDispatcher.forward(......). The end result of redirect won't have the headers or parameters set. Forward passes the values on

Regards.
Deyan Sultov
Ranch Hand

Joined: Jul 01, 2002
Posts: 32
You mean to try something like
RequestDispatcher rd = request.getRequestDispatcher("URL to GO");
response.setHeader("Authorization", "Basic " + encoding);
rd.forward(request, response);

Unfortunately the request.getRequestDispatcher(String path) expects a path which is not outside of the current context. In my case the path is of a completely different site.
Ben Souther
Sheriff

Joined: Dec 11, 2004
Posts: 13410

I don't think you're going to be able to do this from the server.

You used to be able to build links that looked like:
http://USER:PASSWORD@DOMAIN

This capability has recently been pulled from MSIE. I think it still works in Mozilla and Firefox.

[ May 09, 2005: Message edited by: Ben Souther ]
[ May 09, 2005: Message edited by: Ben Souther ]

Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: Automatic Basic Authentication