You can download code for Base 64 encoding and decoding from my download
page: http://www.pobox.com/~bwit/download.htm
Regards,
Bob
At 08:37 AM 5/7/99 +0530, you wrote:
>Hi Andras,
>
> thanks for the java code which checks for the authentication.
>
> Where can I get some info or whitepapers or articles on this
> encoding and decoding protocol. Looks great.
>
>Rgds,
>Raj.
>On Thu, 6 May 1999, Balogh Andras wrote:
>
>|Hi !!
>|
>|I have tried this and it works fine.
>|Here is a pice of code:
>|
>|
>| public void doGet(HttpServletRequest req, HttpServletResponse res) throws
>|ServletException, IOException
>|
>| {
>| try{
>|
>| if( ! authenticated(req,res) )
>|
>| {
>| res.setHeader("WWW-Authenticate","Basic realm=\"Welcome to
>|this page\" ");
>| res.sendError(HttpServletResponse.SC_UNAUTHORIZED);
>| }
>| else
>|
>|
>| //do something if authentication succedeed
>|
>| ....
>| }
>|
>| }
>|
>|
>|
>| private boolean authenticated(HttpServletRequest req,HttpServletResponse
>|resp) throws ServletException,IOException
>|
>|
>|
>|
>| String header=req.getHeader("Authorization");
>| if (header==null) return false;
>| String enc=header.substring(6);
>| String user=new String();
>| String passwd=new String();
>| sun.misc.BASE64Decoder b64d=new sun.misc.BASE64Decoder();
>|
>| String decodedstring=new String( b64d.decodeBuffer(enc) );
>|
>|
>| if(decodedstring == null ) return false;
>| if(decodedstring.indexOf(":") == -1 ) return false;
>| user=decodedstring.substring(0,decodedstring.indexOf(":"));
>| passwd=decodedstring.substring(decodedstring.indexOf(":")+1);
>|
>| //check user and passwd if valid return true;
>|
>| else retrurn false;
>|
>| }
>|
>|Thats all. About server interference i have a JavaWebServer and no problem
>|encountered.
>|
>|
>|p.s. If something goes wrong please let me know.
>|
>|Best wishes,
>| Andras.
>|
>|-----Original Message-----
>|From: Oliver Springauf <[EMAIL PROTECTED]>
>|To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
>|Date: Thursday, May 06, 1999 1:49 PM
>|Subject: HTTP authentication in a servlet?
>|
>|
>|>Hi,
>|>
>|>assume I want a basic user authentication for my servlet application
>|>and I already have the allowed users with their privileges in the
>|>underlying database. Now, instead of synchonizing the web server's
>|>access control list with these user lists, couldn't I just let my
>|>servlet do the authentication? I'm thinking about the basic HTTP
>|>method, with "401" response and challenge ..., via
>|>HttpServletResponse.setHeader().
>|>
>|>Will my web server interfere with this? Has anyone tried this?
>|>Thanks,
>|>
>|>--
>|>Oliver Springauf
>|>
>|
>|___________________________________________________________________________
>|To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
>|of the message "signoff SERVLET-INTEREST".
>|
>|Archives: http://archives.java.sun.com/archives/servlet-interest.html
>|Resources: http://java.sun.com/products/servlet/external-resources.html
>|LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
>|
>
> _ +=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+ _
> / )| Rajalingam R.A. | Email: |( \
> / / | Software Engineer,| [EMAIL PROTECTED] | \ \
> _( (_ | _Wipro Global R&D | [EMAIL PROTECTED] | _) )_
>(((\ \>|-/()----------------+----------------------()\-|</ /)))
>(\\\\ \|/ / Hello:- 91-80-2241730 Extn: 3323 \ \|/ ////)
> \ ^ /=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\ ^ /
> \ _/ \_ /
> / / \ \
>
>___________________________________________________________________________
>To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
>of the message "signoff SERVLET-INTEREST".
>
>Archives: http://archives.java.sun.com/archives/servlet-interest.html
>Resources: http://java.sun.com/products/servlet/external-resources.html
>LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
>
>
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
