add authorization header (user/password) before sendRedirect
in [Java Help]
|
From: eunever32 on 4 Dec 2009 06:17 Hi I need to send a request to another web server The username and password are sent in the header (Authorization) But when I try as follows: response.addHeader("Content-Type", "application/x-www-form- urlencoded"); response.addHeader("Authorization", "Basic SUJJASDFASDFASDFUM="); response.sendRedirect(the_remote_url) The remote server complains the username and password is not set. So apparently setting the header in the response is not correct. Is there anyway to get the authorization header into the request. Thanks in advance
From: Lothar Kimmeringer on 4 Dec 2009 07:56 eunever32(a)yahoo.co.uk wrote: > I need to send a request to another web server > > The username and password are sent in the header (Authorization) > > But when I try as follows: > response.addHeader("Content-Type", "application/x-www-form- > urlencoded"); > response.addHeader("Authorization", "Basic SUJJASDFASDFASDFUM="); > response.sendRedirect(the_remote_url) The redirection is a specific HTTP response code. The headers in that response are not part of that, so the browser receiving that response will ignore it. > The remote server complains the username and password is not set. So > apparently setting the header in the response is not correct. > > Is there anyway to get the authorization header into the request. Not really, you might try to add the username/password-combination to the URL you redirect to, like http://user:password(a)server:port/ The correct behavior is browser-dependent, so it might work with one but not with another. Regards, Lothar -- Lothar Kimmeringer E-Mail: spamfang(a)kimmeringer.de PGP-encrypted mails preferred (Key-ID: 0x8BC3CD81) Always remember: The answer is forty-two, there can only be wrong questions!
From: Daniel Pitts on 4 Dec 2009 11:24 eunever32(a)yahoo.co.uk wrote: > Hi > > I need to send a request to another web server > > The username and password are sent in the header (Authorization) > > But when I try as follows: > response.addHeader("Content-Type", "application/x-www-form- > urlencoded"); > response.addHeader("Authorization", "Basic SUJJASDFASDFASDFUM="); > response.sendRedirect(the_remote_url) > > The remote server complains the username and password is not set. So > apparently setting the header in the response is not correct. > > Is there anyway to get the authorization header into the request. > > Thanks in advance Try setting a cookie instead, that is more likely to succeed. Otherwise you'll need to proxy the request, rather than redirect. -- Daniel Pitts' Tech Blog: <http://virtualinfinity.net/wordpress/>
From: Roedy Green on 4 Dec 2009 15:04 On Fri, 4 Dec 2009 03:17:10 -0800 (PST), "eunever32(a)yahoo.co.uk" <eunever32(a)yahoo.co.uk> wrote, quoted or indirectly quoted someone who said : >Is there anyway to get the authorization header into the request. see http://mindprod.com/jgloss/authentication.html -- Roedy Green Canadian Mind Products http://mindprod.com I mean the word proof not in the sense of the lawyers, who set two half proofs equal to a whole one, but in the sense of a mathematician, where half proof = 0, and it is demanded for proof that every doubt becomes impossible. ~ Carl Friedrich Gauss
From: Lothar Kimmeringer on 4 Dec 2009 18:31
Daniel Pitts wrote: > Try setting a cookie instead, that is more likely to succeed. Otherwise > you'll need to proxy the request, rather than redirect. I doubt that you can set a cookie for a different domain than the one you are serving. Regards, Lothar -- Lothar Kimmeringer E-Mail: spamfang(a)kimmeringer.de PGP-encrypted mails preferred (Key-ID: 0x8BC3CD81) Always remember: The answer is forty-two, there can only be wrong questions! |