Casady
asked on
Indy (Delphi) Http Client and Digest Authentication
I'm trying to communicate with a server that needs digest authentication.
My Code:
I've the latest Indy 10 from SVN and Delphi 7.
The header of the server (on LAN):
My Code:
uses IdHttp, IdAuthenticationDigest;
...
begin
IdHttp1 := TIdHttp.Create(nil);
try
IdHttp1.Request.Username := 'xxx';
IdHttp1.Request.Password := 'xxx';
Result := IdHttp1.Get(URL)
finally
idHttp1.Free;
end;
end;
Unfortunately I get a 401 from the server. Both Firefox and Chrome connect fine if I enter the username and password.I've the latest Indy 10 from SVN and Delphi 7.
The header of the server (on LAN):
Connecting...
Resolving hostname dm7020hd.
Connecting to 192.168.1.10.
Connected.
Server: webserver/1.0
Date: Thu, 31 Jan 2013 11:28:32 GMT
WWW-Authenticate: Digest algorithm="MD5", realm="Forbidden", qop="auth", opaque="7edfc2c756ad1f795651f15f88c32b25", nonce="d2ef913b753b3b6ad8878b34b93cfc5a"
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate
Expires: Sat, 10 Jan 2000 05:00:00 GMT
Content-Length: 15
Last-Modified: Thu, 31 Jan 2013 11:28:32 GMT
ETag: "753868328"
Connection: close
Disconnected
.
when you are entering the uid/pwd manually, is it with http or https?
ASKER
http
I understand Result := IdHttp1.Get(URL) would be like this
if Method = 'GET' then
Result := IdHttp.Get(self.ServiceHos t + URI)
else
if Method = 'POST' then
Result := IdHttp.Post(self.ServiceHo st + URI, SendStream);
Besides you need to use this as well
idHttp.Request.BasicAuthen tication := False;
and
idHttp.Request.ContentType := self.inputType;
idHttp.Request.Accept := self.outputType;
if Method = 'GET' then
Result := IdHttp.Get(self.ServiceHos
else
if Method = 'POST' then
Result := IdHttp.Post(self.ServiceHo
Besides you need to use this as well
idHttp.Request.BasicAuthen
and
idHttp.Request.ContentType
idHttp.Request.Accept := self.outputType;
ASKER
@rinfo
BasicAuthentication is set to False by default, so changing it to False brings nothing.
Default ContentType is empty and default Accept is text/html, */*
self.inputType is of course not defined (I have no idea what you are referring to).
BasicAuthentication is set to False by default, so changing it to False brings nothing.
Default ContentType is empty and default Accept is text/html, */*
self.inputType is of course not defined (I have no idea what you are referring to).
idHttp.Request.ContentType := '*/*';
idHttp.Request.Accept := 'text/html';
Important is you should set url according to submit method - Get or Post
if url has get request you should use this
Result := IdHttp.Get(self.ServiceHos t + url)
If data are posted then you should use this
Result := IdHttp.Post(self.ServiceHo st + url, SendStream);
idHttp.Request.Accept := 'text/html';
Important is you should set url according to submit method - Get or Post
if url has get request you should use this
Result := IdHttp.Get(self.ServiceHos
If data are posted then you should use this
Result := IdHttp.Post(self.ServiceHo
ASKER
How can I determine if a URL needs Get or Post? Currently I'm using Get only.
idHttp.Request.ContentType := '*/*';
idHttp.Request.Accept := 'text/html';
made no difference.
idHttp.Request.ContentType
idHttp.Request.Accept := 'text/html';
made no difference.
ASKER
I have more infos.
I've created two events to watch what's going on during connect.
AuthenticationClass is:
TIdDigestAuthentication
AuthInfo is:
Digest algorithm="MD5", realm="Forbidden", qop="auth", opaque="1f4ffff678e1ac3ca5 a49a44001f b374", nonce="1b2a0979d3adff70d59 e1d11f6315 df1"
But OnAuthorization is NOT fired at all!
I've created two events to watch what's going on during connect.
procedure Auth(Sender: TObject; Authentication: TIdAuthentication; var Handled: Boolean);
procedure AuthSelect(Sender: TObject; var AuthenticationClass: TIdAuthenticationClass; AuthInfo: TIdHeaderList);
...
IdHTTP1.OnAuthorization := Auth;
IdHTTP1.OnSelectAuthorization := AuthSelect;
When OnSelectAuthorization is firedAuthenticationClass is:
TIdDigestAuthentication
AuthInfo is:
Digest algorithm="MD5", realm="Forbidden", qop="auth", opaque="1f4ffff678e1ac3ca5
But OnAuthorization is NOT fired at all!
Follow this links and there you will find working examples
http://stackoverflow.com/q uestions/1 2441508/id http-basic -authentic ation-acce ss-violati on
http://stackoverflow.com/q uestions/1 2056951/40 1-with-ind y-idhttp-d igest-auth entication -in-delphi -xe
... and something to think about:
http://www.experts-exchang e.com/Prog ramming/La nguages/Pa scal/Delph i/Q_206348 24.html
http://stackoverflow.com/q
http://stackoverflow.com/q
... and something to think about:
http://www.experts-exchang
ASKER
@sinisav
I've read these threads and about 100 others 1 week before. They don't offer any solutions.
The first thread you've posted is about basic authentication (not related to my problem of digest authentication).
The second thread is the same problem as mine, but offers NO solution (like many others where user asks questions like mine, but get no solution).
The third thread is almost 10 years old, where Indy digest authentication was not fully implemented (and offers also no solution).
I've read these threads and about 100 others 1 week before. They don't offer any solutions.
The first thread you've posted is about basic authentication (not related to my problem of digest authentication).
The second thread is the same problem as mine, but offers NO solution (like many others where user asks questions like mine, but get no solution).
The third thread is almost 10 years old, where Indy digest authentication was not fully implemented (and offers also no solution).
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Received solution in another forum.