In the context of a HTTP transaction, basic access authentication is a method for an HTTP user agent to provide a user name
and password when making a request.
HTTP Basic authentication implementation is the
simplest technique for enforcing access controls to web resources
because
it doesn't require cookies, session identifier and login pages.
Rather, HTTP Basic authentication uses static, standard HTTP headers
which means
that no handshakes have to be done in anticipation.
When the user agent wants to send the server
authentication credentials it may use the Authorization header. The
Authorization header
is constructed as follows:
1) Username and password are combined into a string "username:password"
2) The resulting string is then encoded using Base64 encoding
3) The authorization method and a space i.e. "Basic " is then put before the encoded string
- See more at: http://java2novice.com/restful-web-services/http-basic-authentication/#sthash.RReFgMTE.dpuf2) The resulting string is then encoded using Base64 encoding
3) The authorization method and a space i.e. "Basic " is then put before the encoded string
In the context of a HTTP transaction, basic access authentication is a method for an HTTP user agent to provide a user name
and password when making a request.
HTTP Basic authentication implementation is the
simplest technique for enforcing access controls to web resources
because
it doesn't require cookies, session identifier and login pages.
Rather, HTTP Basic authentication uses static, standard HTTP headers
which means
that no handshakes have to be done in anticipation.
When the user agent wants to send the server
authentication credentials it may use the Authorization header. The
Authorization header
is constructed as follows:
1) Username and password are combined into a string "username:password"
2) The resulting string is then encoded using Base64 encoding
3) The authorization method and a space i.e. "Basic " is then put before the encoded string
- See more at: http://java2novice.com/restful-web-services/http-basic-authentication/#sthash.RReFgMTE.dpuf2) The resulting string is then encoded using Base64 encoding
3) The authorization method and a space i.e. "Basic " is then put before the encoded string
In the context of a HTTP transaction, basic access authentication is a method for an HTTP user agent to provide a user name
and password when making a request.
HTTP Basic authentication implementation is the
simplest technique for enforcing access controls to web resources
because
it doesn't require cookies, session identifier and login pages.
Rather, HTTP Basic authentication uses static, standard HTTP headers
which means
that no handshakes have to be done in anticipation.
When the user agent wants to send the server
authentication credentials it may use the Authorization header. The
Authorization header
is constructed as follows:
1) Username and password are combined into a string "username:password"
2) The resulting string is then encoded using Base64 encoding
3) The authorization method and a space i.e. "Basic " is then put before the encoded string
- See more at: http://java2novice.com/restful-web-services/http-basic-authentication/#sthash.RReFgMTE.dpuf2) The resulting string is then encoded using Base64 encoding
3) The authorization method and a space i.e. "Basic " is then put before the encoded string
In the context of a HTTP transaction, basic access authentication is a method for an HTTP user agent to provide a user name
and password when making a request.
HTTP Basic authentication implementation is the
simplest technique for enforcing access controls to web resources
because
it doesn't require cookies, session identifier and login pages.
Rather, HTTP Basic authentication uses static, standard HTTP headers
which means
that no handshakes have to be done in anticipation.
When the user agent wants to send the server
authentication credentials it may use the Authorization header. The
Authorization header
is constructed as follows:
1) Username and password are combined into a string "username:password"
2) The resulting string is then encoded using Base64 encoding
3) The authorization method and a space i.e. "Basic " is then put before the encoded string
- See more at: http://java2novice.com/restful-web-services/http-basic-authentication/#sthash.RReFgMTE.dpuf2) The resulting string is then encoded using Base64 encoding
3) The authorization method and a space i.e. "Basic " is then put before the encoded string
In the context of a HTTP transaction, basic access authentication is a method for an HTTP user agent to provide a user name and password when making a request.
HTTP Basic authentication implementation is the simplest technique for enforcing access controls to web resources because it doesn't require cookies, session identifier and login pages. Rather, HTTP Basic authentication uses static, standard HTTP headers which means that no handshakes have to be done in anticipation.
When the user agent wants to send the server authentication credentials it may use the Authorization header. The Authorization header is constructed as follows:
1) Username and password are combined into a string "username:password"
2) The resulting string is then encoded using Base64 encoding
3) The authorization method and a space i.e. "Basic " is then put before the encoded string
Here is an example :-
Order.java
package per.sample.rest.bean;
import javax.xml.bind.annotation.XmlRootElement;
@XmlRootElement
public class Order {
private String customer;
private String address;
private String amount;
public String getCustomer() {
return customer;
}
public void setCustomer(String customer) {
this.customer = customer;
}
public String getAddress() {
return address;
}
public void setAddress(String address) {
this.address = address;
}
public String getAmount() {
return amount;
}
public void setAmount(String amount) {
this.amount = amount;
}
}
==============================================================
SampleAuthenticationResource.java
package per.sample.rest.service;
import java.io.IOException;
import javax.ws.rs.GET;
import javax.ws.rs.HeaderParam;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import per.sample.rest.bean.Order;
import sun.misc.BASE64Decoder;
@Path("/sample-authentication")
public class SampleAuthenticationResource {
@GET
@Path("/user/{id}")
@Produces(MediaType.APPLICATION_JSON)
public Object getUserById(@PathParam("orderId") Integer orderId,
@HeaderParam("authorization") String authString) {
if (!isUserAuthenticated(authString)) {
return "{\"error\":\"User not authenticated\"}";
}
Order ord = new Order();
ord.setCustomer("Java Developer");
ord.setAddress("Anywhere");
ord.setAmount("$2000");
return ord;
}
private boolean isUserAuthenticated(String authString) {
String decodedAuth = "";
// Header is in the format "Basic 5tyc0uiDat4"
// We need to extract data before decoding it back to original string
String[] authParts = authString.split("\\s+");
String authInfo = authParts[1];
// Decode the data back to original string
byte[] bytes = null;
try {
bytes = new BASE64Decoder().decodeBuffer(authInfo);
} catch (IOException e) {
e.printStackTrace();
}
decodedAuth = new String(bytes);
System.out.println(decodedAuth);
/**
* here you include your logic to validate user authentication. it can
* be using ldap, or token exchange mechanism or your custom
* authentication mechanism.
*/
// your validation code goes here....
return true;
}
}
======================================================================
Ref:- http://java2novice.com/restful-web-services/http-basic-authentication/
In the context of a HTTP transaction, basic access authentication is a method for an HTTP user agent to provide a user name
and password when making a request.
HTTP Basic authentication implementation is the
simplest technique for enforcing access controls to web resources
because
it doesn't require cookies, session identifier and login pages.
Rather, HTTP Basic authentication uses static, standard HTTP headers
which means
that no handshakes have to be done in anticipation.
When the user agent wants to send the server
authentication credentials it may use the Authorization header. The
Authorization header
is constructed as follows:
1) Username and password are combined into a string "username:password"
2) The resulting string is then encoded using Base64 encoding
3) The authorization method and a space i.e. "Basic " is then put before the encoded string
- See more at: http://java2novice.com/restful-web-services/http-basic-authentication/#sthash.RReFgMTE.dpuf2) The resulting string is then encoded using Base64 encoding
3) The authorization method and a space i.e. "Basic " is then put before the encoded string
In the context of a HTTP transaction, basic access authentication is a method for an HTTP user agent to provide a user name
and password when making a request.
HTTP Basic authentication implementation is the
simplest technique for enforcing access controls to web resources
because
it doesn't require cookies, session identifier and login pages.
Rather, HTTP Basic authentication uses static, standard HTTP headers
which means
that no handshakes have to be done in anticipation.
When the user agent wants to send the server
authentication credentials it may use the Authorization header. The
Authorization header
is constructed as follows:
1) Username and password are combined into a string "username:password"
2) The resulting string is then encoded using Base64 encoding
3) The authorization method and a space i.e. "Basic " is then put before the encoded string
- See more at: http://java2novice.com/restful-web-services/http-basic-authentication/#sthash.RReFgMTE.dpuf2) The resulting string is then encoded using Base64 encoding
3) The authorization method and a space i.e. "Basic " is then put before the encoded string
In the context of a HTTP transaction, basic access authentication is a method for an HTTP user agent to provide a user name
and password when making a request.
HTTP Basic authentication implementation is the
simplest technique for enforcing access controls to web resources
because
it doesn't require cookies, session identifier and login pages.
Rather, HTTP Basic authentication uses static, standard HTTP headers
which means
that no handshakes have to be done in anticipation.
When the user agent wants to send the server
authentication credentials it may use the Authorization header. The
Authorization header
is constructed as follows:
1) Username and password are combined into a string "username:password"
2) The resulting string is then encoded using Base64 encoding
3) The authorization method and a space i.e. "Basic " is then put before the encoded string
- See more at: http://java2novice.com/restful-web-services/http-basic-authentication/#sthash.RReFgMTE.dpuf2) The resulting string is then encoded using Base64 encoding
3) The authorization method and a space i.e. "Basic " is then put before the encoded string
In the context of a HTTP transaction, basic access authentication is a method for an HTTP user agent to provide a user name
and password when making a request.
HTTP Basic authentication implementation is the
simplest technique for enforcing access controls to web resources
because
it doesn't require cookies, session identifier and login pages.
Rather, HTTP Basic authentication uses static, standard HTTP headers
which means
that no handshakes have to be done in anticipation.
When the user agent wants to send the server
authentication credentials it may use the Authorization header. The
Authorization header
is constructed as follows:
1) Username and password are combined into a string "username:password"
2) The resulting string is then encoded using Base64 encoding
3) The authorization method and a space i.e. "Basic " is then put before the encoded string
- See more at: http://java2novice.com/restful-web-services/http-basic-authentication/#sthash.RReFgMTE.dpuf2) The resulting string is then encoded using Base64 encoding
3) The authorization method and a space i.e. "Basic " is then put before the encoded string
In the context of a HTTP transaction, basic access authentication is a method for an HTTP user agent to provide a user name
and password when making a request.
HTTP Basic authentication implementation is the
simplest technique for enforcing access controls to web resources
because
it doesn't require cookies, session identifier and login pages.
Rather, HTTP Basic authentication uses static, standard HTTP headers
which means
that no handshakes have to be done in anticipation.
When the user agent wants to send the server
authentication credentials it may use the Authorization header. The
Authorization header
is constructed as follows:
1) Username and password are combined into a string "username:password"
2) The resulting string is then encoded using Base64 encoding
3) The authorization method and a space i.e. "Basic " is then put before the encoded string
- See more at: http://java2novice.com/restful-web-services/http-basic-authentication/#sthash.RReFgMTE.dpuf2) The resulting string is then encoded using Base64 encoding
3) The authorization method and a space i.e. "Basic " is then put before the encoded string
Nice post.
ReplyDeleteJava classes in Pune