HTTP Basic authentication for Android

You should not use HTTP Basic authentication. That's not safe because it sends a username and password by asking for hair. You should consider something like OAuth to replace it.

But aside from the original, sometimes you'll use it. And you will find that there is no way to work with documentation. You can try each of them in a separate way without success. So you should not rely on the Apache library approach. You should implement your own validation.

Let's cut to the chase: The client side verifies that it contains an HTTP header called authorization. Its value is a BASE64 encoded string, and the following is its format:

Username:password

After encoding, this header will look like this:

Authorization:basic qwxhzgrpbjpvcgvuihnlc2ftzq==

With that in view, we just need to create a header in that format to append to the request.

The following code requires Android 2.2 to run:

httpurirequest request = new HttpGet (Your_url); Or HttpPost (), depends on your needs  

String credentials = your_username +": "+ your_password;  

String base64encodedcredentials = base64.encodetostring (Credentials.getbytes (), BASE64.NO_WRAP);  

Request.addheader ("Authorization", "Basic" + base64encodedcredentials);

HttpClient HttpClient = new Defaulthttpclient ();  

Httpclient.execute (request);  

You'll need to handle the exceptions thrown by execute ()

The Base64.nowrap parameter should pay special attention, without it, this code fragment type cannot run.

Hope to be helpful.

You shouldn ' t use HTTP Basic authentication. It's unsafe, since it sends the username and the password through the request headers. You should consider something like OAuth instead.

But, reasons aside, sometimes you'll need to use it. And you'll find that's none of the documented methods work. You can try every single one of themwithout success. So you shouldn ' t rely on the methods of the Apache library. You should do the authentication yourself.

How IT WORKS

let ' s cut to the Chase:the client-side authentication consists on a HTTP header called  authorization . Its value was a base64-encoded string, with the following format:

Username:password

After encoded, the header would look like this:

Authorization:basic qwxhzgrpbjpvcgvuihnlc2ftzq==

Knowing that, we just need to create a header with that format and append to the request.

The SNIPPET

Tho code below requires Android 2.2 to work (API level 8):

Httpurirequest request = new HttpGet (Your_url);  Or HttpPost (), depends on your needs String credentials = your_username + ":" + your_password;  String base64encodedcredentials = base64.encodetostring (Credentials.getbytes (), base64.no_wrap); Request.addheader ("Authorization", "Basic" + base64encodedcredentials);  HttpClient HttpClient = new Defaulthttpclient ();  Httpclient.execute (Request); You'll need to handle the exceptions thrown by execute ()

Pay special attention to the Base64.NO_WRAP param. Without it, the snippet won ' t work.

Hope it helps!

HTTP Basic authentication for Android