0

I'm attempting to re-create a REST call I use in Ready-API from java but having issues.

If I make a GET request in ReadyAPI with and I use the AUTH tab in the UI, and set it to Basic, with a username and password and I check "USE GLOBAL PREFERENCE" it works without issue. However if I select "Authenticate pre-emptively" it fails.

Also in readyAPI if I insert an Authorization header with the base64 encoded string, instead of using the "Auth" tab, it also fails. This works for other servers I attempt to talk to, but not this one.

I'm trying to find out why it fails with the Authorization Header. As I'm attempting to make the same call from java with restTemplate.

Something like:

    String plainCreds = username + ":" + password;
    byte[] plainCredsBytes = StringUtils.getBytesUtf8(plainCreds);
    String base64Creds = Base64.encodeBase64String(plainCredsBytes);

    httpHeaders = new HttpHeaders();
    httpHeaders.add(HttpHeaders.AUTHORIZATION, "Basic " + base64Creds);

What is ReadyAPI doing differently when using the Auth Tab with "Use Global Preferences" that makes it succeed? How can I do this in Java?

DAC
  • 231
  • 4
  • 12

2 Answers2

0

The authentication scheme for "basic" needs to be passed with the appropriate capitalization of the scheme name:

httpHeaders.add(HttpHeaders.AUTHORIZATION, "Basic " + base64Creds);

https://www.rfc-editor.org/rfc/rfc7617 Section 2. The 'Basic' Authentication Scheme

Community
  • 1
  • 1
cwa
  • 166
  • 2
  • 11
  • Sorry that is a typo, i tried both ways to be sure, does not work. Also tried postman with its basic auth tab and it also fails. Edited post above – DAC Dec 21 '17 at 14:12
  • Can you try and send a curl request with your Basic auth request. Also can you see the actual request being sent (do you have access to the server accepting the request so you can see any differences? – cwa Dec 22 '17 at 08:31
  • I don't have direct access to the server accepting the request, working on it. However when I try curl with the basic auth it also fails to authenticate with HTTP Status 401 - Full authentication is required to access this resource. ReadyApi is doing some auto-magical stuff i guess, since it works fine there – DAC Jan 08 '18 at 18:24
0

I know this is an old question, but I hope this helps somebody.

I had this same scenario and I found the solution here: https://www.baeldung.com/resttemplate-digest-authentication

Basically, you have to create your own RestTemplate bean so the Authorization is by Digest and not Basic:

@Bean(name = "myRestTemplate")
public RestTemplate myRestTemplate(
        final String username,
        final String password) {
    CloseableHttpClient client = HttpClientBuilder.create().
            setDefaultCredentialsProvider(provider(username,password)).useSystemProperties().build();

    HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(client);

    return new RestTemplate(requestFactory);
}

private CredentialsProvider provider(String username, String password) {
    CredentialsProvider provider = new BasicCredentialsProvider();
    UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(username, password);
    provider.setCredentials(AuthScope.ANY, credentials);
    return provider;
}

Then when you want to use the bean

private String getQueryOutput(String query) {
    HttpHeaders httpHeaders = new HttpHeaders();

    httpHeaders.setContentType(MediaType.APPLICATION_FORM_URLENCODED);

    ResponseEntity<String> resp = restTemplate.exchange(
            "https://myURL/to/accept/post",
            HttpMethod.POST,
            new HttpEntity<>(query, httpHeaders),
            String.class);

    return resp.getBody();
}
skw
  • 516
  • 7
  • 19