Solved

Indy (Delphi) Http Client and Digest Authentication

Posted on 2013-01-31
11
2,969 Views
Last Modified: 2013-12-03
I'm trying to communicate with a server that needs digest authentication.

My Code:
uses IdHttp, IdAuthenticationDigest;

...

begin
  IdHttp1 := TIdHttp.Create(nil);
  try
    IdHttp1.Request.Username := 'xxx';
    IdHttp1.Request.Password := 'xxx';
        
    Result := IdHttp1.Get(URL)
   finally
    idHttp1.Free;
   end;
end; 

Open in new window

Unfortunately I get a 401 from the server. Both Firefox and Chrome connect fine if I enter the username and password.

I've the latest Indy 10 from SVN and Delphi 7.

The header of the server (on LAN):
Connecting...
Resolving hostname dm7020hd.
Connecting to 192.168.1.10.
Connected.
Server: webserver/1.0
Date: Thu, 31 Jan 2013 11:28:32 GMT
WWW-Authenticate: Digest algorithm="MD5", realm="Forbidden", qop="auth", opaque="7edfc2c756ad1f795651f15f88c32b25", nonce="d2ef913b753b3b6ad8878b34b93cfc5a"
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate
Expires: Sat, 10 Jan 2000 05:00:00 GMT
Content-Length: 15
Last-Modified: Thu, 31 Jan 2013 11:28:32 GMT
ETag: "753868328"
Connection: close
Disconnected

Open in new window

.
0
Comment
Question by:Casady
11 Comments
 
LVL 45

Expert Comment

by:aikimark
ID: 38842081
when you are entering the uid/pwd manually, is it with http or https?
0
 

Author Comment

by:Casady
ID: 38842283
http
0
 
LVL 9

Expert Comment

by:rinfo
ID: 38843181
I understand  Result := IdHttp1.Get(URL) would be like this


  if Method = 'GET' then
      Result := IdHttp.Get(self.ServiceHost + URI)
    else
    if Method = 'POST' then
      Result := IdHttp.Post(self.ServiceHost + URI, SendStream);

Besides you need to use this as well
 idHttp.Request.BasicAuthentication := False;

and
idHttp.Request.ContentType := self.inputType;
idHttp.Request.Accept := self.outputType;
0
 

Author Comment

by:Casady
ID: 38843234
@rinfo

BasicAuthentication is set to False by default, so changing it to False brings nothing.

Default ContentType is empty and default Accept is text/html, */*

 self.inputType is of course not defined (I have no idea what you are referring to).
0
 
LVL 9

Expert Comment

by:rinfo
ID: 38843806
idHttp.Request.ContentType := '*/*';
idHttp.Request.Accept := 'text/html';

Important is you should set url according to submit method - Get or Post
if url has get request you should use this
      Result := IdHttp.Get(self.ServiceHost + url)
If data are posted then you should use this
      Result := IdHttp.Post(self.ServiceHost + url, SendStream);
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 

Author Comment

by:Casady
ID: 38844028
How can I determine if a URL needs Get or Post? Currently I'm using Get only.

idHttp.Request.ContentType := '*/*';
idHttp.Request.Accept := 'text/html';

made no difference.
0
 

Author Comment

by:Casady
ID: 38844237
I have more infos.

I've created two events to watch what's going on during connect.
procedure  Auth(Sender: TObject; Authentication: TIdAuthentication; var Handled: Boolean);
procedure AuthSelect(Sender: TObject; var AuthenticationClass: TIdAuthenticationClass; AuthInfo: TIdHeaderList);

...

IdHTTP1.OnAuthorization := Auth;
IdHTTP1.OnSelectAuthorization := AuthSelect;

Open in new window

When OnSelectAuthorization is fired

AuthenticationClass is:

TIdDigestAuthentication

AuthInfo is:

Digest algorithm="MD5", realm="Forbidden", qop="auth", opaque="1f4ffff678e1ac3ca5a49a44001fb374", nonce="1b2a0979d3adff70d59e1d11f6315df1"

But OnAuthorization is NOT fired at all!
0
 
LVL 26

Expert Comment

by:Sinisa Vuk
ID: 38845699
0
 

Author Comment

by:Casady
ID: 38845835
@sinisav

I've read these threads and about 100 others 1 week before. They don't offer any solutions.

The first thread you've posted is about basic authentication (not related to my problem of digest authentication).

The second thread is the same problem as mine, but offers NO solution (like many others where user asks questions like mine, but get no solution).

The third thread is almost 10 years old, where Indy digest authentication was not fully implemented (and offers also no solution).
0
 

Accepted Solution

by:
Casady earned 0 total points
ID: 38846480
I've received the solution in another forum.

Here it is in case someone else has this problem:

IdHTTP1.HttpOptions  := IdHTTP1.HttpOptions + [hoInProcessAuth];

Open in new window

0
 

Author Closing Comment

by:Casady
ID: 38863259
Received solution in another forum.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
HTTP Header Question 10 92
Correct Component for Shopping Cart. 2 95
Adoquery sql  left join does not work 25 80
how to change, disabled button color FMX ? 1 14
For a while now I'v been searching for a circular progress control, much like the one you get when first starting your Silverlight application. I found a couple that were written in WPF and there were a few written in Silverlight, but all appeared o…
Introduction Raise your hands if you were as upset with FireMonkey as I was when I discovered that there was no TListview.  I use TListView in almost all of my applications I've written, and I was not going to compromise by resorting to TStringGrid…
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now