URL usage with authentification


#1

Hi Guys,

Kinda Juce related questions.

I’m trying to access an URL which require a login/password.

for example
https://www.bobo.com
login: bob
paswword: toto

I know that you can write the url like that but it looks like this doesn’t work in Juce (on Window at least)
https://bob:toto@www.bobo.com

might be related to IE forbidden this. (http://support.microsoft.com/kb/834489)

I checked on google and it seems possible to put that kind of info in the header so I tried to do this in Juce as well
http://en.wikipedia.org/wiki/Basic_access_authentication

juce::URL url("https://www.bobo.com");
juce::String str(bob:toto);
juce::MemoryBlock block(str.toUTF8().getAddress(), str.getNumBytesAsUTF8());
juce::String headers = "Authorization: Basic " + block.toBase64Encoding();
juce::InputStream *pIStream = url.createInputStream(false, 0, 0, headers, 0, 0);

This doesn’t work either.

Am I missing something ?

Thanks,


#2

Does the server you’re connecting to support basic auth?

When you connect to the site in a browser, how does it work? Are you presented with a normal browser login box, or a web-generated form?

If the login prompt is a browser generated affair, you might benefit from using browser tools to get a feel for what’s going on. Most browsers have debugging tools that let you inspect received and sent headers. Watching how your browser negotiates the session will give you an idea of what you need to do.

There are also tools that can intercept (usually through a proxy) HTTP/S traffic and let you monitor the whole deal. This could be handy when debugging your JUCE output too.

If the site uses a form based login, most likely you simply need to send the params back as urlencoded variables. Note though that you’ll probably need to request the form first, get the form id, and return it along with your user name and password. This is a common idiom for defeating trivial cross site scripting attacks.


#3

normal browser login box not a custom one.

I’ve ended up using libcurl which works pretty fine, so this is not a big deal.


#4

This is quite an old subject, and I find myself needing to access a secure (HTTPS) site, and provding a Username & Password.

I've had a quick look around Juce's documention, and can't find anything  (I thought, perhaps passing a username/password on crating a URL or something)-

Testing some ideas I tried a few examples in JuceDemo - Oddly, I can use the (above mentioned version) HTTPS://<usr>:<pwd>@www.URI.com seemed to work (at one point) in the Browser Component Demo (I'm guessing it uses the system designed browser to do the gruntwork), but the HTTP demo,and it looks like it worked, but the HTTP Demo fails to connect (which, I suppose, I understand - shouldn't really be chucking around unencrpted auth details about )

Anyhow, I wondered if anything had changed since this question was raised?


#5

Ah, I just found this, more recent, post  http://www.juce.com/forum/topic/url-class-doesnt-provide-standard-fields   :(