I have a WebView embedded in my application. I am trying to view a webpage that uses NTLM authentication. How can I perform the NTLM authentication using the WebView and view this page?
I was successfully able to authenticate to this page using DefaultHttpClient and the JCIFS Library. But how can I do it for the WebView?
It has been two years since I asked this question. In the meantime, I figured out the answer to this question -
WebView supports NTLM authentication out-of-the-box. The onReceivedHttpAuthRequest callback in WebViewClient has a method parameter a method parameter named handler. This is of the type HttpAuthHandler. handler.proceed(username, password) will automatically authenticate to the web server using NTLM protocol. This handler abstracts the authentication protocol used. Both Basic and NTLM authentication work using the same line of code.
I'm having the same problem! There is another indirect way. You get the HttpResponse and then save the html file to the internal storage and then load the file into the WebView. I never tried this before, though.
Related
Is it possible to use Android Account Manager using Cookie-based authentication? How (a code with a explanation would be much appreciated)?
I have seen many examples regarding authentication token, but that is not the case. I have just implemented cookie-based authentication on Python FLASK.
OBS.: I'm using Android Volley for the requests of the application.
All you need to do is to add this line in onCreate in your Application class:
CookieHandler.setDefault(new CookieManager());
this line will make your HttpUrlConnection hold cookies like browser, and since most of the http agents like Volley or okHttp are based on HttpUrlConnection they also will hold your cookies )
I have created my own webservice which is protected by Oauth2. I am currently using restlet for this. It makes sense providing a redirect url when you are developing a javascript client on a certain url, but what redirect uri do you provide when you are calling from a WebView.
I currently just make it redirect to localhost and register that to the oauth authorization server. Can anyone tell me if that is the correct way of handling this or am I getting this completely wrong? The redirect page can ofcourse not be found on the android device, but you can fetch the token from the url which was appended to the localhost url.
you can make your own URL schema and use it for redirect URL check this link for customize your schema
I have created an android app that is using a custom-rolled authentication method by calling a web service (webapi on .net mvc 4) with HttpClient. When the user is authenticated, the action method on the server is setting the forms authentication cookie and then returns a user model back to the android client. That user model contains the internal user id and a few other properties.
After the user is authenticated, I'm opening up a WebView on android to serve up a viewport for some simple navigation elements. That WebView needs to be handed the authentication cookie from the webapi call in the previous step. I assume that the forms authentication cookie is being held in the HttpClient (though I can't confirm this) and if so, is there a way to pass that cookie over to the WebView so the web page that is served up in the WebView knows who the user is based on the first step?
If this isn't possible, can someone guide me with some steps to make this work.
TIA
This looks like a very similar problem. Set a cookie to a webView in Android.
Hopefully this can assist you.
Basically I would like to connect to the WCF windows service from android with authentication. I am an android developer. I have tinkered with the WCF Rest service from this article and also configured the https.
Now I need to think about the authentication process (to the username and password in the database) to the WCF service from android. Should I encode username and password in the url and do http post, while returning a token for authorization, for login process and use the token and username for subsequent operation(and also save encrypted username and token in a pref file to avoid logging in next time, thus avoiding password)? Any advice and pointer to any project and document is welcomed.
There is a similar question at the programmers https://softwareengineering.stackexchange.com/questions/93005/designing-authentication-for-rest-api but I want to keep this question open since I would like to add useful code and links here.
Instead of encoding the username and password in url, they should be in the request body. The reason is that even though https encrypt the url, it is not a good practice because if the url is called from browser, the browser will remember it and username/password will be visible there in the browser history. Thus, here is an article to handle http Post http://www.codeproject.com/Tips/150313/Simple-WCF-web-service-to-receive-parameter-from-H
If https is achieved with self-signed certificate, you will need do some extra works
http://blog.antoine.li/2010/10/22/android-trusting-ssl-certificates/
More article on WCF rest and android http://fszlin.dymetis.com/post/2010/05/10/Comsuming-WCF-Services-With-Android.aspx
Creating a custom token in C#
http://msdn.microsoft.com/en-us/library/ms731872.aspx
does this https://webmail.ibs-b.hu/owa/ url uses .htaccess authentication?
if yes how can I authenticate with it in android?
is there any implemented method in httprequest?
thank you
It seems that it uses HTTP based NTLM authentication: http://www.innovation.ch/personal/ronald/ntlm.html
There is no out of the box solution for Http NTLM auth on Android. But since this is all HTTP you can use HttpClient to handle it: http://danhounshell.com/blog/android-using-ntlm-authentication-with-httpclient/