[whickie]

I have a client that runs on the blackberry. It connects to a webservice via MDS Simulator, and attempts to pass along authorization via the HttpRequest headers. I'm using Basic authentication for now.

I keep getting 401 Unauthorized. I run a packet sniffer on the web server hosting my webservice and the Authorization headers are being stripped from the Http Request before they get to my server!

If I provide malformed or unencoded Authorization headers (Basic Joe:NoSuchPass) the headers strangley make it through to the server (though are rejected, since they're not legal).

Why is MDS Simulator stripping the Authorization headers? Is this normal? Why is the BlackBerry browser able to send Basic authentication to the server and not my application?

How can I get my app to send Authorization data to a webserver without MDS interfering?

Will

[whickie]

I took a break, came back, ran the program again (this time without shutting down the blackberry simulator) and the thing ran fine.....

I didn't recompile or anything-- just re-ran my application from the device simulator..

What the heck?!?!?

Will

[fbrimm]

whickie,

Not sure if this is your problem or not, but I read somewhere in the RIM documentation that its best if you fire up the browser on the simulator and just hit a normal page (ie, google.com). After that it should work with your app. Apparently you have to "prime the pump".

I have not run into the problems you are seeing, and am able to authenticate to an external web server through the MDS simulator just fine. I have not tried to authenticate with a web server running on the same machine. Have you tried running your web server on a different machine than where your MDS simulator and device simulator are running?

Can you post the section of your code where you are trying to do the authentication from? It might be helpful to see exactly what you are doing.

Here is a snipet of code that I use to authenticate and read a file from a url.

fbrimm

Code:

String login = "username:password";
String url = "http://myurl.com/mypage;deviceside=false";
HttpConnection c = null;
InputStream dis = null;
String userData = "";
boolean keepGoing = true;
int response;

try {
    // Encode the login information in Base64 format.
    byte[] encoded = Base64OutputStream.encode(login.getBytes(), 0, login.length(), false, false);
    
    c = (HttpConnection)Connector.open(url);
    
    while (keepGoing) {
        int status = c.getResponseCode();
        switch (status) {
            case (HttpConnection.HTTP_OK):
                // Connection is 200 OK.
                // Download and process data.
                keepGoing = false;
                break;
                        
            case (HttpConnection.HTTP_UNAUTHORIZED):
                // Connection is 401 UnAuthorized.
                // A login and password is required.
                c.close();
                        
                // Open a new connection.
                c = (HttpConnection)Connector.open(url);
                        
                // Add the authorized header.
                c.setRequestProperty("Authorization", "Basic " + new String(encoded));
                break;
                        
            case (HttpConnection.HTTP_NOT_FOUND):
                // File not found
                Dialog.inform("File not found\n"+url);
                System.exit(-1);
                break;
                        
            default:
                // The connection failed for some other reason.
                        
                Dialog.inform("Connection failed\nStatus = "+status+"\nClosing app");
                System.exit(-1);
                break;
        }
    }

    // You can now read your file...

    dis = c.openDataInputStream();

    StringBuffer sb = new StringBuffer();
    int ch;
    while ((ch = dis.read()) != -1) {
        sb.append((char) ch);
    }
    userData = sb.toString();
} catch (IOException ioe) {
    System.out.println(ioe.toString());
} finally {
    if (dis != null) {
        try {
            dis.close();
        } catch (Exception e) {
        }
    }
    if (c != null) {
        try {
            c.close();
        } catch (Exception e) {
        }
    }
}

[whickie]

I'll see what I can do about posting the code. I don't do the connection, parameters, and response all in one place.

I think you are right about something needing priming. I'll keep experimenting with it today and see what happens.

Will

[whickie]

fbrimm: I tried the code you posted, and it gets the same results as mine-- repeatedly getting 401 as a result.

My webserver is already on a different machine. It's IIS, but that shouldnt matter, since a packet sniffer shows the Authorization headers don't even get there.


If I log in via the BB Browser, as Administrator, my application starts working, but uses the Administrator account to authenticate!!

It is certain: MDS is stripping authentication data from the HTTP Request.

But why??? How come the browser can authenticate and not my Java app?


Will

[fbrimm]

What are your default browser settings on the BlackBerry? You have to get into Options from the main BB screen (depending the device and the OS you have, you may have to click on Settings first). Next you have to get into Browser (again depending on the device and OS you may have to click on Advanced Options first). The first 2 fields should say BlackBerry Browser, change if necessary.

I'm not sure if any of this matters with the simulator, but this is a common problem I've seen on real devices. When it isn't set to BlackBerry Browser, you are not able to access your internal network.

fbrimm

[whickie]

In the simulator, both fields are set to 'Browser', and are the only available options.

I'm tempted to open my own socket connection to the web server, but then I'd have to worry about an HTTPS implementation as well... :(

Will

[saracen]

I just want to say that I am experiencing this as well and have not found a solution. I am authenticating with basic auth just like you. It's very strange.