[android-developers] Re: Set credentials for a secured http connection via a Webview with setHttpAuthUsernamePassword

[Sandeep N M]

http://stackoverflow.com/questions/995514/https-connection-android

Regards,
Sandeep

On Dec 27, 2:00 am, MattBol mboll...@gmail.com wrote:
 Hi,
 I would like to use a WebView to connect to a secure website over
 HTTPS, accept its certificate and automatically handle credentials
 (given previously by the user).
 This far, I ve got the Webview working and accepting the certificate
 using the following 
 website:http://damianflannery.wordpress.com/2010/09/28/android-webview-with-h...
 But although I try to set the credentials or to handle them in a
 method, nothing happens, I just end up at the login page without even
 any error messages.

 I couldnt find out the answer myself and I couldnt find it on the
 Internet answer, so I post here ... Anyone up for this challenge? =o)
 Here is my code:

 package ;

 import android.app.Activity;
 import android.net.http.SslError;
 import android.os.Bundle;
 import android.webkit.HttpAuthHandler;
 import android.webkit.SslErrorHandler;
 import android.webkit.WebView;
 import android.webkit.WebViewClient;

 public class ConnectorWebView extends Activity {
         WebView mWebView;
         String mUsrName;
         String mPassC;

     @Override
     public void onCreate(Bundle savedInstanceState) {
         super.onCreate(savedInstanceState);
         setContentView(R.layout.Connwebview);

         //      Getting info from Intent extras
                 //      Get it if it s different from null
                 Bundle extras = getIntent().getExtras();
                 mUsrName = extras != null ? extras.getString(username) : 
 null;
                 mPassC = extras != null ? extras.getString(passcode) : null;

         mWebView = (WebView) findViewById(R.id.webview);
         mWebView.getSettings().setJavaScriptEnabled(true);
         mWebView.setHttpAuthUsernamePassword(myhost.com,
 CertificateAuthentication, mUsrName, mPassC);

         mWebView.setWebViewClient(new WebViewClient() {
                 @Override
             public void onReceivedHttpAuthRequest  (WebView view,
 HttpAuthHandler handler, String host, String realm){
                         handler.proceed(mUsrName, mPassC);
             }

                 public void onReceivedSslError (WebView view, SslErrorHandler
 handler, SslError error) {
                  handler.proceed() ;
                  }
         });

         mWebView.loadUrl(https://myhost.com/user_area;);
     }

 }



-- 
You received this message because you are subscribed to the Google
Groups Android Developers group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: Set credentials for a secured http connection via a Webview with setHttpAuthUsernamePassword

[Nikolay Elenkov]

 http://stackoverflow.com/questions/995514/https-connection-android 

Please don't just put some random code that trusts all certificates in your 
app. 
(like some people in the thread above suggest). 

Read all the answers and understand how to use a custom trust store 
in your application. If 'myhost.com' is using a self-signed certificate, 
you have to add it to your custom trust store. If it is issued by some 
CA (in house one, or whatever), you have to add the CA certificate 
to your trust store. 

Instead  of following tutorials take some time to understand how 
Java handles SSL, it will make your life much easier. 

HTH


-- 
You received this message because you are subscribed to the Google
Groups Android Developers group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en