Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

javafx Restful client taking password and convert to basic autho

 
Aron Simbaba
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
i made a java client that can connect to an api.  I can use basic authorize to login and access the api (hard coded)i.  I would like to know how can I create a javaFx login username and password field that will allow me (or anyone with the right log in information) to log into the api without hard coding ? (using only basic autho)  i know HOW to make a javafx login password window, but i do not know how to pass that information into the client and have it converted in an automatic fashion.
 
Tim Moores
Bartender
Posts: 3134
50
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You can either use the client code of a REST library such as Jersey -that would support Basic Auth out of the box-, or roll your own using the java.net package. In the latter case, the HttpURLConnection (or HttpsURLConnection) class is what you need to use. For Basic Auth, you would add an HTTP header called Authorization (via the URLConnection.addRequestProperty method) that contains the base64-encoded string value of username+":"+password. Since Basic Auth sends the password unencrypted, you really should use HTTPS for this, rather than HTTP.
 
Aron Simbaba
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
i do not know how to pass that information into the client and have it converted in an automatic fashion.   If you have a link or someway to demonstrate? idk how to do it.  reading suggestions?
 
Tim Moores
Bartender
Posts: 3134
50
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I don't quite understand what you're struggling with. You already have the client -a JavaFX app-, yes? It just needs to call the WS either via a REST library or the java.net classes - which approach do you want to take? Please elaborate what, precisely, you have, and what, precisely, is still missing.
 
Aron Simbaba
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
When the HTTPUrl is using basic authentication to authenticate the username and password, is the username and password being encrypted? Would by chance a packet sniffer be able to detect what the username and password was if it was sent along the server?
 
Tim Moores
Bartender
Posts: 3134
50
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Basic Auth does not encrypt the password, it merely encodes it. So you need to use HTTPS rather than HTTP to encrypt the password in transit.
 
Aron Simbaba
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thank you will do!
 
Aron Simbaba
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Here is my log in code that uses Basic authentication:



Let's assume there is no preset password for the login and it is based on a signed in users user name and password. Would the text being put into the Text and Password field be encoded to 64 bytes since I am using? Help on understanding this would be greatly appreciated!
 
Tim Moores
Bartender
Posts: 3134
50
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Well, if it doesn't do base-64 it's not much of a Basic Auth implementation :-). But seriously, if you're interested in the details, you could peruse its source code to see precisely what it does.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic