Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Java Development

Reply
New Contributor
Posts: 4
Registered: ‎03-01-2010
My Device: Curve 8320
My Carrier: T-mobile

Basic Authentication problems

Hi, I'm developing an app for OS 4.5 using the BB plugin for Eclipse 3.4.  My application is required to make an http call that requires Basic Authentication. 

 

Problem 1:  The BES server that my test device is connected to was stripping off the Authentication header, which in turn was causing Authentication to fail at the desired endpoint.  Solution: There is a rimpublic.properties file that has BES configuration properties in it.  To stop BES from stripping it, I had to set the property "application.handler.http.AuthenticationSupport=false".  Currently testing my other apps to see what impact this may have on them. 

 

Question 1: For my external users(not connected to a BES) I was hoping to use WAP2 to make the Authentication call.  I've heard that some WAP2 gateways actually do the same stripping of the header that my BES was doing.  Does anyone know if that's true or widespread?  And are there any ways around it?

 

Question 2: If WAP2 does not end up being a suitable protocol to authenticate my non-BES users, then I think directTCP is probably my only other option.  The problem with directTCP is that I may need each carriers APN / Username / Password information to build my URL suffix.  Do carriers typically push that information out to non-BES managed devices?

Developer
Posts: 4,764
Registered: ‎07-21-2008
My Device: Not Specified

Re: Basic Authentication problems

In my experience, you can control this behavior by setting the correct HTTP headers.

 

What headers are you setting (if any)?

 

Also make sure that you only send the authentication when you are challenged for it.

 

And you make find that you'll need to handle your own cookies (if your server authentication is session-based).

 

 

 

 

 

New Contributor
Posts: 4
Registered: ‎03-01-2010
My Device: Curve 8320
My Carrier: T-mobile

Re: Basic Authentication problems

Yes, I'm setting my basic auth information in the "Authorization" header. See http://en.wikipedia.org/wiki/Basic_access_authentication for Basic auth definition.

 

After changing the aformentioned BES setting, my code works just fine on the BES connected device.  So I think my code is sending and receiving things correctly.  I'm just worried that when i try to roll this out to someone who isn't connect to my BES, their WAP2 gateway is going to strip the "Authorization" header just like my BES used to.

 

 

New Contributor
Posts: 4
Registered: ‎03-01-2010
My Device: Curve 8320
My Carrier: T-mobile

Re: Basic Authentication problems

Forgot to mention in my last post--- Yes, my server is session based, and I am handling the cookies successfully.

 

thx.