Digest on Android get 401

Question

I'm trying to do a digest authentication to this server http://52.16.207.138/api/v0.1/device/999 user = 5588031263bf4457a7641c07 and pass = 5588031263bf4457a7641c08 over web browser, i get a 200 http code and a json of some status.

My android code:

private JSONObject POST() throws JSONException {
    JSONObject response = null;

    Authenticator.setDefault(new Authenticator() {
        @Override
        protected PasswordAuthentication getPasswordAuthentication() {
            return new PasswordAuthentication("5588031263bf4457a7641c07", "5588031263bf4457a7641c08".toCharArray());
        }
    });

    try {

        URL url1 = new URL("http://52.16.207.138/api/v0.1/device/999");
        HttpURLConnection conn = (HttpURLConnection) url1.openConnection();
        conn.setRequestMethod(GET);
        conn.connect();

        int status = conn.getResponseCode();
        InputStream is;

        if(status >= HttpURLConnection.HTTP_BAD_REQUEST)
            is = conn.getErrorStream();
        else
            is = conn.getInputStream();

        Log.d("RespuestaHTTP",String.valueOf(status));

        byte[] buffer = new byte[8196];
        int readCount;
        StringBuilder builder = new StringBuilder();
        while ((readCount = is.read(buffer)) > -1) {
            builder.append(new String(buffer, 0, readCount));
        }
        response = new JSONObject(builder.toString());
        Log.d("Respuesta",response.toString());

        conn.disconnect();

    } catch (MalformedURLException e) {
        e.printStackTrace();
    } catch (IOException e) {
        e.printStackTrace();
    }

    return response;
}

But I always get 401 response, and I don't know what i'm doing bad.

Someone can help me???

06-22 18:57:17.797 1708-1750/com.example.urbanclouds.pruebasdigest D/RespuestaHTTP﹕ 401

Answer 1

Copied my answer to another HTTP digest question:

HttpUrlConnection does not support Digest authentication. If your client must authenticate using Digest, you have a few options:

• Write your own HTTP Digest implementation. This can be a good option if you know which servers that you need to authenticate with and can ignore the parts of the the digest specification that you do not need. Here is an example where a subset of digest is implemented: https://gist.github.com/slightfoot/5624590.
• Use the external lib bare-bones-digest, which is a Digest lib for Android. You can use it to parse Digest challenges and generate responses to them. It supports the common digest use cases and some of the rarely used ones and can be used on top of HttpURLConnection.
• Use OkHttp together with okhttp-digest, which is a plugin that adds Http Digest support to OkHttp. Supporting Digest with OkHttp is easy, just add okhttp-digest as an authenticator and you will have transparent Http digest support. If you already use OkHttp or are OK with switching to it this can be an attractive option.
• Use the Apache HttpClient which supports Digest. This option is included mostly for completion's sake since Google does not recommend using HttpClient and has deprecated it.