Android and IIS Authentication-basic verification

 

Content summary

Preface

1. Server Side

2. Android Client

3. IIS deployment

4. Running Effect

 

In Android mobile project development, we often use http protocol to transmit data in JSON format for simplicity and convenience when accessing the server. However, some projects require certain security, such as logging on to the MIS system using the Android client. Although we log on to the system through the login Activity of the Android mobile client, hackers who know little about the computer can skip the login Activity and directly access the system. In this way, some problems may be caused by system insecurity. It is particularly important to establish an authentication mode to prevent forced logon by hackers. At this time, the system authentication becomes a barrier to block hacker login. So how to implement an identity authentication? Let's use IIS as the host to implement authentication step by step.

 

　　I. ASP. NET Server

First, use VS2010 to create a web project (either WebForms or MVC). Here I am using ASP. NET MVC project ). See Figure 1.1.

Fig 1.1

 

Then, in the Index Action of HomeController, enter: Login successful.

 

[HandleError]
Public class HomeController: Controller
{
Public ActionResult Index ()
{
Return Content ("Login successful ");
}
}

 

Ii. Android Client

First, create an Android project and create a MainActivity class.

Next, write a class to access the IIS server.

 

Package ld.com. authorize;

Import java. io. BufferedReader;
Import java. io. InputStreamReader;

Import org. apache. http. HttpResponse;
Import org. apache. http. auth. AuthScope;
Import org. apache. http. auth. UsernamePasswordCredentials;
Import org. apache. http. client. methods. HttpPost;
Import org. apache. http. impl. client. BasicCredentialsProvider;
Import org. apache. http. impl. client. DefaultHttpClient;

Import android. util. Log;

Public abstract class HttpHelper {

Private final static String TAG = "HttpHelper ";

Public static String invoke (){
String result = null;
Try {
Final String url = "http://192.168.1.104: 180 /";

HttpPost httpPost = new HttpPost (url );
DefaultHttpClient httpClient = new DefaultHttpClient ();

// Basic Authentication
BasicCredentialsProvider bcp = new BasicCredentialsProvider ();
String userName = "liudong ";
String password = "123 ";
Bcp. setCredentials (AuthScope. ANY, new UsernamePasswordCredentials (
UserName, password ));
HttpClient. setCredentialsProvider (bcp );

HttpResponse httpResponse = httpClient.exe cute (httpPost );

StringBuilder builder = new StringBuilder ();
BufferedReader reader = new BufferedReader (new InputStreamReader (
HttpResponse. getEntity (). getContent ()));
For (String s = reader. readLine (); s! = Null; s = reader. readLine ()){
Builder. append (s );
}
Result = builder. toString ();
Log. d (TAG, "result is (" + result + ")");
} Catch (Exception e ){
Log. e (TAG, e. toString ());
}
Log. d (TAG, "over ");
Return result;
}
}

Note that the user name and password here are: liudong and 123.

 

Then, modify the layout file: main. xml

 

<? Xml version = "1.0" encoding = "UTF-8"?>
<LinearLayout xmlns: android = "http://schemas.android.com/apk/res/android"
Android: orientation = "vertical" android: layout_width = "fill_parent"
Android: layout_height = "fill_parent">
<TextView android: layout_width = "fill_parent"
Android: layout_height = "wrap_content" android: text = "@ string/hello"/>
<Button android: text = "authentication code" android: id = "@ + id/btnPassword"
Android: layout_width = "fill_parent" android: layout_height = "wrap_content"> </Button>
</LinearLayout>

 

Finally, modify MainActivity.

 

Package ld.com. authorize;

Import android. app. Activity;
Import android. app. ProgressDialog;
Import android. OS. AsyncTask;
Import android. OS. Bundle;
Import android. util. Log;
Import android. view. View;
Import android. view. View. OnClickListener;
Import android. widget. Button;
Import android. widget. Toast;

Public class MainActivity extends Activity {

Private final String TAG = this. getClass (). getSimpleName ();

Private Button btnPassword;

/** Called when the activity is first created .*/
@ Override
Public void onCreate (Bundle savedInstanceState ){
Super. onCreate (savedInstanceState );
SetContentView (R. layout. main );

BtnPassword = (Button) this. findViewById (R. id. btnPassword );

SetInvokeOnClick ();
}

Private void setInvokeOnClick (){
BtnPassword. setOnClickListener (new OnClickListener (){

@ Override
Public void onClick (View v ){
// TODO Auto-generated method stub
AsyncTask <Void, Void, String> task = new AsyncTask <Void, Void, String> (){

Private ProgressDialog progressDialog;

@ Override
Protected void onPostExecute (String result ){
// TODO Auto-generated method stub
// Super. onPostExecute (result );
ProgressDialog. cancel ();
Toast. makeText (MainActivity. this, result,
Toast. LENGTH_SHORT). show ();

Log. d (TAG, result );
}

@ Override
Protected void onPreExecute (){
// TODO Auto-generated method stub
Super. onPreExecute ();
ProgressDialog = new ProgressDialog (MainActivity. this );
ProgressDialog
. SetProgressStyle (ProgressDialog. STYLE_SPINNER );
ProgressDialog. setTitle ("calling ...");
ProgressDialog. show ();
}

@ Override
Protected String doInBackground (Void... arg0 ){
// TODO Auto-generated method stub
Try {
Return HttpHelper. invoke ();
} Catch (Exception e ){
Return null;
}
}

};
Task.exe cute ();
}
});
}
}

 

Set the access permission to: <uses-permission android: name = "android. permission. INTERNET"/>

 

The effect of running the simulator is 2.1.

Fig 2.1

 

　　Iii. IIS deployment

First, add a website, as shown in Figure 3.1.

3.1

 

Next, choose Computer Management> local users and groups> users to create a user, as shown in Figure 3.2.

Fig 3.2

 

Then, set IIS authentication (as shown in Figure 3.3 ).

Fig 3.3

 

Set the Authentication Mode to basic authentication or Window identity s authentication (Figure 3.4 ).

Fig 3.4

 

Finally, enter the URL in the browser for verification. The verification result is shown in Figure 3.5 and Figure 3.6.

Fig 3.5

Fig 3.6

 

We can find that the user name and password are required to browse the webpage. After entering the correct user name and password, you can log on to this page.

 

　　4. Running effect.

See Figure 4.1 and Figure 4.2.

Fig 4.1

Fig 4.2

 

 

Code download

Source: http://www.cnblogs.com/GoodHelper/archive/2011/08/17/android_iis_01.html

Author: Liu Dong. NET

You are welcome to reprint it, but you must retain the copyright.