Indy (Delphi) Http Client and Digest Authentication

I'm trying to communicate with a server that needs digest authentication.

My Code:
uses IdHttp, IdAuthenticationDigest;


  IdHttp1 := TIdHttp.Create(nil);
    IdHttp1.Request.Username := 'xxx';
    IdHttp1.Request.Password := 'xxx';
    Result := IdHttp1.Get(URL)

Open in new window

Unfortunately I get a 401 from the server. Both Firefox and Chrome connect fine if I enter the username and password.

I've the latest Indy 10 from SVN and Delphi 7.

The header of the server (on LAN):
Resolving hostname dm7020hd.
Connecting to
Server: webserver/1.0
Date: Thu, 31 Jan 2013 11:28:32 GMT
WWW-Authenticate: Digest algorithm="MD5", realm="Forbidden", qop="auth", opaque="7edfc2c756ad1f795651f15f88c32b25", nonce="d2ef913b753b3b6ad8878b34b93cfc5a"
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate
Expires: Sat, 10 Jan 2000 05:00:00 GMT
Content-Length: 15
Last-Modified: Thu, 31 Jan 2013 11:28:32 GMT
ETag: "753868328"
Connection: close

Open in new window

Who is Participating?
CasadyConnect With a Mentor Author Commented:
I've received the solution in another forum.

Here it is in case someone else has this problem:

IdHTTP1.HttpOptions  := IdHTTP1.HttpOptions + [hoInProcessAuth];

Open in new window

when you are entering the uid/pwd manually, is it with http or https?
CasadyAuthor Commented:
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

I understand  Result := IdHttp1.Get(URL) would be like this

  if Method = 'GET' then
      Result := IdHttp.Get(self.ServiceHost + URI)
    if Method = 'POST' then
      Result := IdHttp.Post(self.ServiceHost + URI, SendStream);

Besides you need to use this as well
 idHttp.Request.BasicAuthentication := False;

idHttp.Request.ContentType := self.inputType;
idHttp.Request.Accept := self.outputType;
CasadyAuthor Commented:

BasicAuthentication is set to False by default, so changing it to False brings nothing.

Default ContentType is empty and default Accept is text/html, */*

 self.inputType is of course not defined (I have no idea what you are referring to).
idHttp.Request.ContentType := '*/*';
idHttp.Request.Accept := 'text/html';

Important is you should set url according to submit method - Get or Post
if url has get request you should use this
      Result := IdHttp.Get(self.ServiceHost + url)
If data are posted then you should use this
      Result := IdHttp.Post(self.ServiceHost + url, SendStream);
CasadyAuthor Commented:
How can I determine if a URL needs Get or Post? Currently I'm using Get only.

idHttp.Request.ContentType := '*/*';
idHttp.Request.Accept := 'text/html';

made no difference.
CasadyAuthor Commented:
I have more infos.

I've created two events to watch what's going on during connect.
procedure  Auth(Sender: TObject; Authentication: TIdAuthentication; var Handled: Boolean);
procedure AuthSelect(Sender: TObject; var AuthenticationClass: TIdAuthenticationClass; AuthInfo: TIdHeaderList);


IdHTTP1.OnAuthorization := Auth;
IdHTTP1.OnSelectAuthorization := AuthSelect;

Open in new window

When OnSelectAuthorization is fired

AuthenticationClass is:


AuthInfo is:

Digest algorithm="MD5", realm="Forbidden", qop="auth", opaque="1f4ffff678e1ac3ca5a49a44001fb374", nonce="1b2a0979d3adff70d59e1d11f6315df1"

But OnAuthorization is NOT fired at all!
CasadyAuthor Commented:

I've read these threads and about 100 others 1 week before. They don't offer any solutions.

The first thread you've posted is about basic authentication (not related to my problem of digest authentication).

The second thread is the same problem as mine, but offers NO solution (like many others where user asks questions like mine, but get no solution).

The third thread is almost 10 years old, where Indy digest authentication was not fully implemented (and offers also no solution).
CasadyAuthor Commented:
Received solution in another forum.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.