发表新帖
发表新帖

Authentication error: Unable to respond to any of these challenges: {} Android - 401 Unauthorized

后端 未结
关注
4 1576
情书的邮戳
情书的邮戳 2021-02-05 18:09

Authentication error: Unable to respond to any of these challenges: {} Android - 401 Unauthorized

I have taken reference from this link Authentication Error when usi

4条回答
  • 执念已碎
    执念已碎 (楼主)
    2021-02-05 18:29

    How come it works from the PhoneGap but not Java. PhoneGap runs the app in a web container and so already has been authenticated - and you have all the right cookies. AJAX will share the same session that and everything 'just works'.

    However HTTPClient is a completely different - you are initiating a brand new HTTP session and everything has to be right.

    A few comments on how HTTP Auth works:

    There are several HTTP authentication methods - and it's the web server that chooses which. Before going any further, check your Drupal configuration to work out whether it is:

    • Basic Auth (username and password). Everyone and their dog supports this, but it's very insecure. See http://en.wikipedia.org/wiki/Basic_access_authentication for more details
    • Digest (username and challenge/response hash with MD5. This is more secure but much more complex. Note that MD5 is generally considered weak now. Many libraries support it, including Apache. See http://en.wikipedia.org/wiki/Digest_access_authentication for more details
    • NTLM (a variant of Kerberos/SPEGNO) which is implemented on IIS. This is not generally supported from Java, although HTTPClient does profess to - but using a different Credentials object. See http://hc.apache.org/httpclient-3.x/authentication.html#NTLM

    (Note also that the web container has the 'smarts' to be able to try different authentication methods as requested by the server, all behind the scenes)

    Also check the Drupal web logs. A few pointers:

    • Did you see the HTTPClient connect at all. And is the URL going to the correct resource. Always worth checking from the server's perspective...
    • Did it go to the right server? One example of what could go wrong: Are you using IP addresses in the URL against a multi-homed web server, so the request goes to the wrong server?
    • Check that the authentication sent by the client pre-emptively is the correct type (basic, digest, NTLM)

    Let me know if this helps. If not, and you can give more details as per this post, I can follow up with more advice.

    0 讨论(0)
 看不清?
提交回复
热议问题