Getting 401 unauthorized for the first time using [org.apache.http.client] HttpClient 4.1.1

Question

The first request made to the messageSender via a webservicetemplate using credential is failing with 401 unauthorized, but second time it is all okay and works well.

Configuration:

 <property name="messageSender">
            <bean class="org.springframework.ws.transport.http.HttpComponentsMessageSender">
                <property name="connectionTimeout" value="900000" />
                <property name="readTimeout" value="0" />
                <property name="credentials">
                    <bean class="org.apache.http.auth.UsernamePasswordCredentials">
                        <constructor-arg value="${userName}:${Password}" />
                    </bean>
                </property>

From so far, what i have googled through I get to know that I will have to do a preemptive authentication to avoid 401 unauthorized using [org.apache.http.client.HttpClient]. I want a spring xml configuration to allow this so that I can configure preemptive authentication.

Also, is the behaviour as expected.

What I have tried so far.

class="org.springframework.ws.transport.http.HttpComponentsMessageSender">
                <property name="connectionTimeout" value="900000" />
                <property name="readTimeout" value="0" />
                <property name="httpClient" ref="httpClient" />
                <property name="credentials" ref="credentials"/>
            </bean>
        </property>



<bean id="httpClient" class="org.apache.http.client.HttpClient">
        <!-- Not Sure what configuration to add here -->
    </bean>

    <bean id="credentials" class="org.apache.http.auth.UsernamePasswordCredentials">
        <constructor-arg value="${userName}:${password}" />
    </bean>

score 0 · Answer 1 · answered Feb 02 '17 at 12:07

Creating the http client with a credentials provider, which need UsernamePasswordCredentials and AuthScope. AuthScope is created with default values and UsernamePasswordCredentials is created with username, password. BasicCredentialsProvider does not take provider and credentials in constructor or setter method. It has to set by invoking setCredentials() method.

    <bean class="org.springframework.ws.transport.http.HttpComponentsMessageSender">
        <property name="connectionTimeout" value="900000"/>
        <property name="readTimeout" value="0"/>
        <property name="httpClient" ref="httpClient"/>
    </bean>

    <bean id="credentialProvider" class="org.apache.http.impl.client.BasicCredentialsProvider" />

    <bean id="methodInvoke" class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
        <property name="targetObject"><ref local="credentialProvider" /> </property>
        <property name="targetMethod" value="setCredentials"> </property>
        <property name="arguments"  >
            <list>
                <ref local="authScope" />
                <ref local="credentials" />
            </list>
        </property>
    </bean>    

    <bean id="authScope" class="org.apache.http.auth.AuthScope">
        <constructor-arg name="host"><null /></constructor-arg>
        <constructor-arg><value>-1</value> </constructor-arg>
        <constructor-arg><null /></constructor-arg>
        <constructor-arg><null /></constructor-arg>
    </bean>

    <bean id="credentials" class="org.apache.http.auth.UsernamePasswordCredentials">
        <constructor-arg name="userName"><value>xxx</value></constructor-arg>
        <constructor-arg name="password"><value>xxx</value></constructor-arg>
    </bean>

    <bean id="httpClient" class="org.apache.http.impl.client.DefaultHttpClient">
        <property name="credentialsProvider" ref="credentialProvider"/>
    </bean>

thanks for this information. I tried this and now getting Connection Closed. From the default implementation: First time I get a [401] Unauthorized basic authentication required and second time it authenticates and proceeds with the request. Below is what I get first time: org.apache.http.impl.client.DefaultHttpClient- Authentication scope: BASIC 'Authentication required'@host:port I wanted to how to provide basic authentication, so that i can avoid [401] unauthorized for the first time — coldy, Feb 03 '17 at 06:41

coldy · Answer 2 · 2017-02-13T06:25:39.860

The configuration which I had to add to the Webservicetemplate are shown below:

   <!--  Custom Interceptor Implementation to WebServiceTemplate -->
         <property name="interceptors">
                 <list>
                        <bean class="com.utils.AddHttpHeaderInterceptor" >

                        </bean>
                </list>
            </property>

And implement the AddHttpHeaderInterceptor class which implements ClientInterceptor as below:

HttpPost postMethod = connection.getHttpPost();
postMethod.addHeader("Authorization", "Basic " + base64Creds);
return true;

And note: base64Creds is nothing but base64.encode(username:pwd)

Getting 401 unauthorized for the first time using [org.apache.http.client] HttpClient 4.1.1

2 Answers2