Authentication from url in Restlet

Posted by DutrowLLC on Stack Overflow See other posts from Stack Overflow or by DutrowLLC
Published on 2010-06-17T16:09:26Z Indexed on 2010/06/17 16:13 UTC
Read the original article Hit count: 284

I've been using Restlets "ChallengeResponse" mechanism to authenticate users so far.

ChallengeResponse challengeResponse = getRequest().getChallengeResponse();
if( challengeResponse == null ){
     throw new RuntimeException("not authenticated");
}
String login = challengeResponse.getIdentifier();
String password = new String(challengeResponse.getSecret());

From my understanding, "ChallengeResponse" requires that the username and password are put into headers. However a client needs to put the credentials into the url like so:

https://username:[email protected]/my_secure_document

When I looked at what was actually sent, it looks like the password is being hashed.

What is the proper way to authenticate in this fashion using Restlet?

© Stack Overflow or respective owner

Related posts about java

Related posts about authentication