Solved

Indy (Delphi) Http Client and Digest Authentication

Posted on 2013-01-31
11
2,906 Views
Last Modified: 2013-12-03
I'm trying to communicate with a server that needs digest authentication.

My Code:
uses IdHttp, IdAuthenticationDigest;

...

begin
  IdHttp1 := TIdHttp.Create(nil);
  try
    IdHttp1.Request.Username := 'xxx';
    IdHttp1.Request.Password := 'xxx';
        
    Result := IdHttp1.Get(URL)
   finally
    idHttp1.Free;
   end;
end; 

Open in new window

Unfortunately I get a 401 from the server. Both Firefox and Chrome connect fine if I enter the username and password.

I've the latest Indy 10 from SVN and Delphi 7.

The header of the server (on LAN):
Connecting...
Resolving hostname dm7020hd.
Connecting to 192.168.1.10.
Connected.
Server: webserver/1.0
Date: Thu, 31 Jan 2013 11:28:32 GMT
WWW-Authenticate: Digest algorithm="MD5", realm="Forbidden", qop="auth", opaque="7edfc2c756ad1f795651f15f88c32b25", nonce="d2ef913b753b3b6ad8878b34b93cfc5a"
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate
Expires: Sat, 10 Jan 2000 05:00:00 GMT
Content-Length: 15
Last-Modified: Thu, 31 Jan 2013 11:28:32 GMT
ETag: "753868328"
Connection: close
Disconnected

Open in new window

.
0
Comment
Question by:Casady
11 Comments
 
LVL 45

Expert Comment

by:aikimark
ID: 38842081
when you are entering the uid/pwd manually, is it with http or https?
0
 

Author Comment

by:Casady
ID: 38842283
http
0
 
LVL 9

Expert Comment

by:rinfo
ID: 38843181
I understand  Result := IdHttp1.Get(URL) would be like this


  if Method = 'GET' then
      Result := IdHttp.Get(self.ServiceHost + URI)
    else
    if Method = 'POST' then
      Result := IdHttp.Post(self.ServiceHost + URI, SendStream);

Besides you need to use this as well
 idHttp.Request.BasicAuthentication := False;

and
idHttp.Request.ContentType := self.inputType;
idHttp.Request.Accept := self.outputType;
0
 

Author Comment

by:Casady
ID: 38843234
@rinfo

BasicAuthentication is set to False by default, so changing it to False brings nothing.

Default ContentType is empty and default Accept is text/html, */*

 self.inputType is of course not defined (I have no idea what you are referring to).
0
 
LVL 9

Expert Comment

by:rinfo
ID: 38843806
idHttp.Request.ContentType := '*/*';
idHttp.Request.Accept := 'text/html';

Important is you should set url according to submit method - Get or Post
if url has get request you should use this
      Result := IdHttp.Get(self.ServiceHost + url)
If data are posted then you should use this
      Result := IdHttp.Post(self.ServiceHost + url, SendStream);
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:Casady
ID: 38844028
How can I determine if a URL needs Get or Post? Currently I'm using Get only.

idHttp.Request.ContentType := '*/*';
idHttp.Request.Accept := 'text/html';

made no difference.
0
 

Author Comment

by:Casady
ID: 38844237
I have more infos.

I've created two events to watch what's going on during connect.
procedure  Auth(Sender: TObject; Authentication: TIdAuthentication; var Handled: Boolean);
procedure AuthSelect(Sender: TObject; var AuthenticationClass: TIdAuthenticationClass; AuthInfo: TIdHeaderList);

...

IdHTTP1.OnAuthorization := Auth;
IdHTTP1.OnSelectAuthorization := AuthSelect;

Open in new window

When OnSelectAuthorization is fired

AuthenticationClass is:

TIdDigestAuthentication

AuthInfo is:

Digest algorithm="MD5", realm="Forbidden", qop="auth", opaque="1f4ffff678e1ac3ca5a49a44001fb374", nonce="1b2a0979d3adff70d59e1d11f6315df1"

But OnAuthorization is NOT fired at all!
0
 
LVL 25

Expert Comment

by:Sinisa Vuk
ID: 38845699
0
 

Author Comment

by:Casady
ID: 38845835
@sinisav

I've read these threads and about 100 others 1 week before. They don't offer any solutions.

The first thread you've posted is about basic authentication (not related to my problem of digest authentication).

The second thread is the same problem as mine, but offers NO solution (like many others where user asks questions like mine, but get no solution).

The third thread is almost 10 years old, where Indy digest authentication was not fully implemented (and offers also no solution).
0
 

Accepted Solution

by:
Casady earned 0 total points
ID: 38846480
I've received the solution in another forum.

Here it is in case someone else has this problem:

IdHTTP1.HttpOptions  := IdHTTP1.HttpOptions + [hoInProcessAuth];

Open in new window

0
 

Author Closing Comment

by:Casady
ID: 38863259
Received solution in another forum.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

What my article will show is if you ever had to do processing to a listbox without being able to just select all the items in it. My software Visual Studio 2008 crystal report v11 My issue was I wanted to add crystal report to a form and show…
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now