Android authenticating with Kerberos
I am trying to create a Android application that uses an existing web service. However, the existing web service uses Kerberos for authentication and I am having trouble getting Android using the android-xmlrpc library to authenticate with the service. If anyone has any experience with this, please respond.
I am completely new to this kind of stuff, so any advice would be greatly appreciated!
Thanks, Dave
Answer
The information here helped me to get my android app working with kerberos. Here's a link to a project I'm working on. It does kerberos authentication. Here's the pertinent code:
UsernamePasswordCredentials creds =
new UsernamePasswordCredentials(username, password);
DefaultHttpClient client = getHttpClient();
client.getCredentialsProvider().setCredentials(SERVER_AUTH_SCOPE, creds);
boolean authWorked = false;
try{
HttpGet get = new HttpGet(AUTH_URI);
HttpResponse resp = client.execute(get);
authWorked = hasValidCookie();
}
/*catch(AuthenticationException e){
Log.e("TAG", "Auth exceptions");
//TODO maybe do something?
}*/
catch(IOException e){
Log.e("TAG", "IOException exceptions");
//TODO maybe do something?
}
Here's the getHttpClient() method:
public static DefaultHttpClient getHttpClient(){
if(httpClient == null){
httpClient = new DefaultHttpClient();
final HttpParams params = httpClient.getParams();
HttpConnectionParams.setConnectionTimeout(params, REGISTRATION_TIMEOUT);
HttpConnectionParams.setSoTimeout(params, REGISTRATION_TIMEOUT);
ConnManagerParams.setTimeout(params, REGISTRATION_TIMEOUT);
}
return httpClient;
}
Here's hasValidCookie()
private static final String LOGIN_COOKIE_NAME = "CGISESSID";
private static boolean hasValidCookie(){
for(Cookie cookie: getHttpClient().getCookieStore().getCookies()){
if(cookie.getName().equals(LOGIN_COOKIE_NAME))
{
return true;
}
}
return false;
}