The answer is, that HttpUrlConnection does not support digest. You therefore have to implement RFC2617 by yourself. You can use the following code as a baseline implementation: HTTP Digest Auth for Android. The steps involve (see RFC2617 for reference): If you get a 401 response, iterate over all WWW-Authenticate headers and parse them: Check if … Read more
The main difference is that it doesn’t require sending the username and password across the wire in plaintext. It is also immune to replay-attacks, as it uses a one-time number from the server. The server gives the client a one-time use number (a nonce) that it combines with the username, realm, password and the URI … Read more
This code snippet worked for me. You have to provide the realm which you can get by looking at the 401 response header you get from the host. val credsProvider = new BasicCredentialsProvider(); credsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(user, password)); val authCache = new BasicAuthCache(); val digestScheme = new DigestScheme(); digestScheme.overrideParamter(“realm”, “**Name of the Realm**”); // Nonce value … Read more
The JsonObjectRequest is extended JsonRequest which override getBody() method directly, so your getParam() would never invoke, I recommend you extend StringRequest instead of JsonObjectRequest. your can check this answer for more details. by the way, you’ve another choice : Netroid, that based Volley, offered more features at all.
From RFC 1945 (HTTP/1.0) and RFC 2617 (HTTP Authentication referenced by HTTP/1.1) The realm attribute (case-insensitive) is required for all authentication schemes which issue a challenge. The realm value (case-sensitive), in combination with the canonical root URL of the server being accessed, defines the protection space. These realms allow the protected resources on a server … Read more