6.4 HTTP Basic AuthenticationSome HTTP headers can carry client credential information. Those credentials are used by servers to determine the client's identity and then grant or deny access to the requested resources. In the HTTP basic authentication scheme, the client sends its username and password in plain text with every request. The procedure is the following: Use the Base64 algorithm to encode a username : password stringSend the encoded string and string Basic in the HTTP header Authorization For example, if the username is Aladdin and password is open sesame, the HTTP authentication header is the following.
6.4.1 Code ExampleTo enable HTTP basic authentication in the HttpClient class, we need to plug in a handler (BasicAuthHandler). We can easily use BasicAuthHandler together with CookieHandler to make the HttpClient object keep track of a client session over an authentication connection (Listing 6.6). Listing 6.6. Use cookies with HTTP basic authentication
Sample source code for the BasicAuthHandler class is shown in Listing 6.7. Listing 6.7. The BasicAuthHandler class
|