Httpurlconnection digest authentication
We have an applet which runs after requesting a page from an http server. This applet then makes thousands of http requests (SOAP) to the same server. Our problem is that when we set the server to require digest authentication for the soap service, the httpurlconnection is sending the soap request, getting back an unauthorized, then sending the auth information with the next request. So every request is getting huge overhead, 2 round trips, when it should be 1. For the first request, java vm pops up its little window and asks for credentials, then for the rest of the requests it uses those same credentials, but does not automatically send them until the server requests them. How can I set it so that for each request, it automatically sends the credentials with the cnonce, instead of sending no credentials, getting an unauthorized reply, then sending again with the credentials? I tried System.setProperty("http.auth.digest.validateServer", "true");, but that did not change anything. All help is appreciated.
A brute-force way I have discovered is to clear out the entire AuthCacheValue map:
AuthCacheValue.setAuthCache(new AuthCacheImpl());
However, both AuthCacheValue and AuthCacheImpl are part of the sun.net.www.* classes, so this method would be very fragile and raises issues of incompatibility.
Similar Messages
-
HTTP digest Authentication, using HttpURLConnection
Hi,
My requirement is simple, my stanalone applicaiton creates a XML request sends that to a web Application. Now to do this the Web application needs a HttpDigest Authentication. To do this wat we are doing is create a http url connection and get 401 response and then use that ot create the digest. to accomplish this the same urlConnection need to be used, else the new URL connection will send a new request. But in HttpUrlConnection there is a limitation that it can be used for only single request-response cycle.... can anybody suggest on this, wats the best practice to do HTTP digest authentication while communicating from a Stand alone application to a web application........................I would open a support case to get clarification on whether DIGEST is supported. According to the WLS 8.1 book I found on google, it looks like it may have been supported in 8.1:
http://books.google.com/books?id=TiAKHpPHpHIC&pg=PA836&lpg=PA836&dq=WebLogic+Digest+Authentication&source=web&ots=ciJMQOXm2q&sig=oJGOs-J5snfFGt_hWSPi-FXyERQ&hl=en&sa=X&oi=book_result&resnum=10&ct=result
If that is the case, it is unlikely that they removed it, it just may not be documented well as it is very uncommon. -
Logical Port for Digest Authentication
Hello,
I want to connect to a webservice which is running at an IIS with Digest Authentication. I created a Consumer Proxy and added a Logical Port in SAO Management (Java-Stack) to this Consumer Proxy, but I can't find a digest authetification in Configuration of the Logical Port. Is it possible to connect from a SAP System to a webservice with Digest Authentification?
Thanks and best regards
IrisHello Gourav,
Thank you for your answer.
I tried to create a Logical Port with HTTP Access to the WSDL, but the WSDl needs digest authetication as well. So I get the error
Error: Error in WSDL access: Exception occurred in communication framework:Error in HTTP Framework:401Unauthorizedhttps://itnts2371/SecurityWebService.asmx?WSDL
though I logged in with right credentials.
Then I tried to read the WSDl from a file then, but I get the error
Error: Error in WSDL parsing: Exception occurred in library handler
So I created a manual Logical Port for SSL-Access. I get only "User ID/Password" and "SAP Authenticatoin Assertion Ticket", but no "Digest Authentication". "User ID/Password" doesn't work, I get a dialog to put in User ID and password, but I'm never authorized.
Any other suggestions?
Thanks
With best regards
Iris -
How to configure a Proxy in OSB with Digest Authentication?
Hello, Guys.
I need a help with this subject.
I have a demand to configure a Proxy in OSB 11.1.1.6 with Digest Authentication. I'm using a Embedded Ldap with Identity Asserter.
I'have configured a DefaultAuthenticator and the DefaultIdentityAsserter to support Digest Password and create a new LdapIdentityAsserter pointing to my embedded Ldap.
When I'll create a new Proxy, in the security options, i can see the digest options to authenticate my username and password. I selected the one of all the options, but in the time of the Proxy test the authentication didn't work.
Could anyone help me?
Thanks you.Unfortunately, a reference trigger can't be used for continuous acquisition after the trigger. The maximum post-trigger count is either 2^24 or 2^32 depending on your hardware. Depending on your sampling rate and how many samples you expect to acquire before issuing a software stop, using the max post-trigger count may be sufficient for you. There are a couple of other options I can think of that you might want to try:
1.) If possible, play with the trigger condition such that it occurs at the start of your pre-trigger data and use it as a start trigger instead. I suspect this may not be possible.
2.) Set up a continuous acquisition and implement detection of the trigger condition through software. This is more software work and is more CPU intensive than the hardware solution, but it can definitely be made to work.
3.) With some creative use of the counters, you may be able to latch the sample clock number that trigger occurred on. This would allow you to setup a continuous acquisition and use the hardware to tell you where the trigger occurred instead of figuring it out in software. What I'm thinking is you would set up a buffered event counting task with the ai/SampleClock as the timebase source of the counter and the trigger signal as the sample clock of the counter. By reading the first count value, you should know which AI sample the trigger occurred. From there, you can seek to the right position in the buffer and begin reading data indefinitely.
Good luck! -
OSB: HTTP digest authentication for WebServices
Hi,
How do I configure HTTP digest authentication for WebServices offered by the OSB (Proxy Services with WS as transport)?
Best regards
DimoDid you figure out how to do it.?
-
HTTP Digest Authentication in Weblogic Server ?
I understand that Weblogic Server 10.3.0.0 does not have declarative support for HTTP Digest Authentication. In that case, what are the alternatives to do HTTP Digest Authentication on the server ?
Edited by: user566628 on Sep 19, 2008 1:47 PMI would open a support case to get clarification on whether DIGEST is supported. According to the WLS 8.1 book I found on google, it looks like it may have been supported in 8.1:
http://books.google.com/books?id=TiAKHpPHpHIC&pg=PA836&lpg=PA836&dq=WebLogic+Digest+Authentication&source=web&ots=ciJMQOXm2q&sig=oJGOs-J5snfFGt_hWSPi-FXyERQ&hl=en&sa=X&oi=book_result&resnum=10&ct=result
If that is the case, it is unlikely that they removed it, it just may not be documented well as it is very uncommon. -
Digest authentication in WL7.0
Hi,
Does anybody know if Weblogic Server 7.0 supports HTTP
digest authentication method ?
I created my own authenticator, but I want Weblogic to check
the authentication method (but not the username/password). When
I try to set a security constraint in my application's web.xml,
the server says:
weblogic.xml.dom.DOMProcessingException: DIGEST authentication method is not supported.
Regards, Geza"Geza Szocs" <[email protected]> wrote in message
news:[email protected]..
>
Hi,
Does anybody know if Weblogic Server 7.0 supports HTTP
digest authentication method ?
Digest authentication is not supported in 7.0 -
I have noticed that neither SunONE nor weblogic support DIGEST authentication. Tomcat appears to have spotty support as well.
Digests should be supported by all browsers that use HTTP 1.1, but yet the servlet spec makes it an optional item for web container implementors. I would love to have a good way to hide passwords entered from the browser without going whole hog (SSL).
Does anyone know why DIGEST isn't better supported by containers?I'm not sure but I don't believe so.
Paul
On Fri, 29 Jun 2001 13:26:58 -0400, "Alex" <[email protected]> wrote:
Does WLS 5.1 support DIGEST authentication?
Alex
[email protected] -
Hi there!
Is there any chance to achieve digest authentication to AMServer? Suppose I have only username and digest (MD5 or SHA-1) and I want to log in and obtain SSOToken.
For instace client enters username and password on some JSP page, then the password will be digested and send through the wire to AMServer.
I dont want to use HTTPS or Certificate authentication (the digest is quite enough).
Please help.
Thanks.Yes, you have to do this implementation yourself in the WLSS 2.1 release. Example application code will be provided as part of a future WLSS release, however.
-
Digest Authentication with OC4J standalone
Hi,
I am using oc4j 9.0.3 standalone web container . I used axis application as soap engine for deploying a web service in the oc4j . I want to implement HTTP digest authentication for my webservice.
I am forced to use the same verison of OC4J due to some reasons. Could anyone help me in knowing the procedure for the HTTP digest authentication implementation using oc4j903 asap.
Advance thanks for helpcould anyone please reply to this thread asap
-
Digest Authentication against IIS
Hi All,
I have created a .net web service and deployed it on IIS.
I am calling it from java. In java I have written following code snippet to pass the creadentials:
Stub stub = createProxy();
stub._setProperty(javax.xml.rpc.Stub.ENDPOINT_ADDRESS_PROPERTY,"http://servername/_vti_bin/CreateUser.asmx");
stub._setProperty(javax.xml.rpc.Stub.USERNAME_PROPERTY, "domain\\username");
stub._setProperty(javax.xml.rpc.Stub.PASSWORD_PROPERTY, "password");It's workng fine when I enable "Basic Authentication" and "Integrated Windows Authentication" on IIS but it gives me unuthorization error when I enable only " Integrated Authentication" or combination of "Integrated Windows Authentication" and "Digest Authentication".
Do I need to write some another code for "Digest Authentication"?
Thanks
GauravNo. We only use Digest. I am able to login but must continue providing credentials on any link past the secured folder.
-
Digest authentication for webservices
Hi,
Does WLS9.2 support digest authentication?
protocol described in RFC 2617 (http://www.ietf.org/rfc/rfc2617.txt)
ThanksDid you figure out how to do it.?
-
Has anyone ever successfully performed a remote http server
digest authentication? I am currently building a script that
authenticates against a server using a supplied username and
password. All of my attempts thus far have come up empty and I am
not quite sure where I am going wrong with this.
I have modeled my headers exactly after the heads I get with
a successful Firefox login.
Here are the headers I get from the Live Headers firefox
addon.
Initial Response:
http://rets.armls.mlsrets.com/rets/login
GET /rets/login HTTP/1.1
Host: rets.armls.mlsrets.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3
Accept:
application/x-shockwave-flash,text/xml,application/xml,application/xhtml+xml,text/html;q= 0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
HTTP/1.x 401 Unauthorized
Content-Length: 1944
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
WWW-Authenticate: Digest
qop="auth",realm="[email protected]",nonce="2aaa0db6ed2bb21e8b913e1844b0abf1",opaque="2 0050024497281"
Date: Sun, 20 May 2007 00:24:49 GMT
Connection: close
Authenticated Response:
http://rets.armls.mlsrets.com/rets/login
GET /rets/login HTTP/1.1
Host: rets.armls.mlsrets.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3
Accept:
application/x-shockwave-flash,text/xml,application/xml,application/xhtml+xml,text/html;q= 0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Authorization: Digest username="cril01",
realm="[email protected]",
nonce="2aaa0db6ed2bb21e8b913e1844b0abf1", uri="/rets/login",
response="db214dcb999219968d829b5513e476dd",
opaque="20050024497281", qop="auth", nc=00000001,
cnonce="1d545807784766d0"
HTTP/1.x 200 OK
Connection: close
Date: Sun, 20 May 2007 00:24:54 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Expires: 0
Cache-Control: private
RETS-Version: RETS/1.5
Set-Cookie: RETS-Session-ID=2aaa0db6ed2bb21e8b913e1844b0abf1;
path=/
Content-Type: text/xml
Now even with me exactly copying these headers. I still get
401 (Unauthorized) errors. Does anyone see where I went wrong with
this?
Here is a link to my current test:
http://www.myhomesmart.com/admin/dev/test4.cfm
And here is my code.You cannot just copy headers form successful login, since
they are a function of server's nonce, which is different on every
request (this is the main idea of Digest). Actually, authorization
is a function of server's nonce and client's nonce. So, you have to
correclty calculate this every time you log in.
However, with
CFX_HTTP5 I
immediately got this [successful] response without any programming:
<RETS ReplyCode="0" ReplyText="Operation Successful">
<RETS-RESPONSE>
MemberName = TRUDY MOORE
User = CRIL01,1,SUBSCRIBER,CRIL01
Broker = HOMESMART
MetadataVersion = 1.00.00004
MinMetadataVersion = 1.00.00004
OfficeList = NONE
TimeoutSeconds = 1440
Action = /RETS/Action
GetObject = /RETS/GetObject
Login = /RETS/Login
Logout = /RETS/Logout
Search = /RETS/Search
GetMetadata = /RETS/GetMetadata
X-Links = /RETS/LINKS
X-Stats = /RETS/STATS
X-OMEGA = /RETS/Omega
</RETS-RESPONSE>
</RETS> -
ICal digest authentication broken after system crash
Our XServe crashed a few days ago. It rebooted fine and all services works like before the crash. Only iCal authentication is giving me a headache. Digest authentication isn't working. Kerberos works and Basic, but I need Digest to work too. For web-authentication, everything works too, and we know the password is correct.
caldavd > access.log gives this:
127.0.0.1 - username [09/Jan/2013:14:38:15 +0200] "PROPFIND /principals/ HTTP/1.1" 207 504 "-" "Mac OS X/10.8.2 (12C60) CalendarAgent/55" i=8009 t=8.0 or=2
ApplePasswordServer.Server.log gives this:
Jan 9 2013 14:38:15 AUTH2: {0x4785feb3473967ce0000007a00000416, username} WEBDAV-DIGEST authentication failed, SASL error -13 (password incorrect).
ApplePasswordServer.Error.log gives this:
Jan 9 2013 14:38:15 client response doesn't match what we generated
Any ideas on what to look for? Caches or corrupt files to check?
Thanks!Finally found the error. Somehow a setting for Digest authentication had changed to
Calendar:Authentication:Digest:Qop = "auth"
after changing it back to
Calendar:Authentication:Digest:Qop = ""
everything works well again! -
Hi,
To authenticate users I have to use digest authentication (RFC2617). However, it seems there is no support for this authentication in BEA webserver 8.1.
How can I best implement this? Any tips on where to find classes which I can reuse, I hope I do not have to develop this from scratch.
Thanks,
SteveSteve, did this ever get solved? I have the same issue trying to use Mappoint.
Thanks.
Maybe you are looking for
-
DVCPRO 50 - looks like 1920 in seq settings, shrinks to 1280 after render
This is correct right. It's an anamorphic image and goes from 1920 width to 1280 after the timeline renders. ? Sounds easy enough, I've just never seen it happen before and the client is asking for this. It fools you, because the sequence setting say
-
Redirecting stdout and stderr when starting a MS with the NM
We are looking at using the Node Manager for stopping and starting the managed servers in some of our projects, to give the testers/developers the ability with operator role in the WLS console to save them calling someone. The only trouble is, with o
-
Search Cards based on Crawler ID
I am using PRC search trying to get document counts grouped by crawler. ISearchFactory ptSearch = ptRSession.GetSearchFactory(); IPortalSearchRequest ptSearchReq = ptSearch.CreatePortalSearchRequest(); IFilterClause ptFilter = ptSearch.CreateAndFilte
-
Image Capture resolution setting screwed up
Running Mavericks 10.9.5 on an iMac 27" with 3.6 GHz Core i5. All of the sudden while scanning with Image Capture, the pull down menu for setting the resolution is screwed up. It flicker and scrolls through all the potential values from 50 to 12,800
-
Playback (Streaming) to bluetooth headphones constantly interrupts
Hi, I use a pair of Sennheiser Headphones (MM 450 Travel) connected via Bluetooth to my ipad (Ipad 1st Gen, Wi-Fi 64GB with iOS 4.3.3). I have absolutely no problem using them with content which is stored on my Ipad, like when I use the iPod applicat