Basic,Diagest Authentication using HttpClient in java

basic
.........
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.UsernamePasswordCredentials;
import org.apache.commons.httpclient.auth.AuthScope;
import org.apache.commons.httpclient.methods.GetMethod;

/**
 * A simple example that uses HttpClient to perform a GET using Basic
 * Authentication. Can be run standalone without parameters.
 *
 * You need to have JSSE on your classpath for JDK prior to 1.4
 *
 * @author Michael Becke
 */
public class BasicAuthenticationExample {
    
    /**
     * Constructor for BasicAuthenticatonExample.
     */
    public BasicAuthenticationExample() {
        super();
    }
    
    public static void main(String[] args) throws Exception {
        HttpClient client = new HttpClient();
        
        // pass our credentials to HttpClient, they will only be used for
        // authenticating to servers with realm "realm" on the host
        // "www.verisign.com", to authenticate against an arbitrary realm 
        // or host change the appropriate argument to null.
        client.getState().setCredentials(
                new AuthScope("www.verisign.com", 443, "realm"),
                new UsernamePasswordCredentials("username", "password")
                );
        
        // create a GET method that reads a file over HTTPS, 
        // we're assuming that this file requires basic 
        // authentication using the realm above.
        GetMethod get = new GetMethod(
                "https://www.verisign.com/products/index.html");
        
        // Tell the GET method to automatically handle authentication. The
        // method will use any appropriate credentials to handle basic
        // authentication requests.  Setting this value to false will cause
        // any request for authentication to return with a status of 401.
        // It will then be up to the client to handle the authentication.
        get.setDoAuthentication( true );
        
        try {
            // execute the GET
            int status = client.executeMethod( get );
            
            // print the status and response
            System.out.println(status + "\n" + 
                    get.getResponseBodyAsString());
            
        } finally {
            // release any connection resources used by the method
            get.releaseConnection();
        }
    }
}

Diagest
............

List authPrefs = new ArrayList(1);
authPrefs.add(AuthPolicy.DIGEST);
client.getParams().setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, authPrefs);

public class AlternateAuthenticationExample { 84 85 /** 86 * Constructor for BasicAuthenticatonExample. 87 */ 88 public AlternateAuthenticationExample() { 89 super(); 90 } 91 92 public static void main(String[] args) throws Exception { 93 HttpClient client = new HttpClient(); 94 client.getState().setCredentials("myrealm", "myhost", 95 new UsernamePasswordCredentials("username", "password")); 96 // Suppose the site supports several authetication schemes: NTLM and Basic 97 // Basic authetication is considered inherently insecure. Hence, NTLM authentication 98 // is used per default 99 100 // This is to make HttpClient pick the Basic authentication scheme over NTLM & Digest 101 List authPrefs = new ArrayList(3); 102 authPrefs.add(AuthPolicy.BASIC); 103 authPrefs.add(AuthPolicy.NTLM); 104 authPrefs.add(AuthPolicy.DIGEST); 105 client.getParams().setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, authPrefs); 106 107 GetMethod httpget = new GetMethod("http://myhost/protected/auth-required.html"); 108 109 try { 110 int status = client.executeMethod(httpget); 111 // print the status and response 112 System.out.println(httpget.getStatusLine()); 113 System.out.println(httpget.getResponseBodyAsString()); 114 } finally { 115 // release any connection resources used by the method 116 httpget.releaseConnection(); 117 } 118 } 119 }