[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 881
  • Last Modified:

java.net.Authenticator and setDault()

How can the authenticator initially set using setDefault() be 'undone' or 'reset'. In my code I'd like to reset the authenticator to use a new set of credentials each time it's called but it keeps using the credentials that were used to create the initial authenticator. Any help out there?
0
craigdawson
Asked:
craigdawson
  • 9
  • 6
  • 2
1 Solution
 
CEHJCommented:
How are you trying to reset it? - please post code
0
 
craigdawsonAuthor Commented:
I am not trying because I don't know how to do it :-)  The basic code is below.

// Install Authenticator
Authenticator.setDefault (new MyAuthenticator (userId, password));
...

class MyAuthenticator extends Authenticator {
         private String username = "";
          private String password = "";
   
          public MyAuthenticator(){}
   
          public MyAuthenticator(String username, String password){
                this.username = username;
                this.password = password;
          }
   
          protected PasswordAuthentication getPasswordAuthentication() {
                  return new PasswordAuthentication (this.username, this.password.toCharArray());
          }

}
0
 
CEHJCommented:
You can use the same authenticator:

String password = null;
String username = null;
String hostname = getRequestingHost();
if (hostname.equals("somehost.somewhere.com")) {
  username = "uname1";
  password = "password1");
}
else if(.....
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
CEHJCommented:
To have a looser coupling between your code and the credentials, you could keep them in a Map keyed on hostname and use Properties to load username/passwords (which you could encrypt if necessary)

0
 
craigdawsonAuthor Commented:
Not sure that helps me. I want to hit the same url with different credentials each time.
0
 
CEHJCommented:
Then just rotate credentials each time the callback function is called:

numberOfCalls++;      
switch(numberOfCalls) {
      case 1:
            username = "y";
            password = "x";
            break;
      case 2:
            username = "p";
            password = "q";
            break;
}            
            
0
 
craigdawsonAuthor Commented:
Not just different credentials. User-supplied credentials. I can't hard code them.
0
 
CEHJCommented:
Then what's wrong with

username = getUsernameFromUser();      
password = getPasswordFromUser();

?
0
 
craigdawsonAuthor Commented:
I have Java web app. The login page accepts credentials. Once the user has entered id and pw, the code must invoke an ASP page with thise same credentials, stream in some content, and continue with the java/jsp processing. It's the call to the ASP I'm trying to use the Authenticator for. I can't ask for the credentials again.

Thanks for all your input to this point.
0
 
CEHJCommented:
>>It's the call to the ASP I'm trying to use the Authenticator for

I still don't see what the problem is. What about

String username = (String)request().getSession().getAttribute("username");
String password = (String)request().getSession().getAttribute("password");

(these details having previously been put in the session)

?
0
 
craigdawsonAuthor Commented:
Maybe I'm just dense but ...

The request object isn't available in getPasswordAuthentication(). If I add it to the constructor and store it, I get an exception: java.lang.IllegalStateException: Context has not been prepared for next connection.
0
 
CEHJCommented:
You could pass the session as an argument to an Authenticator constructor
0
 
objectsCommented:
> You could pass the session as an argument to an Authenticator constructor

Don't think you can do that.
0
 
objectsCommented:
Is there a point in your code where you know the cr4edentials have changed and what they are? If so you could change the authenticator at that point.
0
 
CEHJCommented:
>>Don't think you can do that.

What makes you think that? Give it a try craigdawson...
0
 
craigdawsonAuthor Commented:
Using session worked. Full marks for persistence to CEHJ! Thanks.
0
 
CEHJCommented:
:-)
0

Featured Post

Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

  • 9
  • 6
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now