search

ramykort / ksoap2-android

Automatically exported from code.google.com/p/ksoap2-android
0 stars 0 forks source link

Basic authentication fails on long username/password combinations. #192

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago 
What steps will reproduce the problem?

1. Setup a basic auth realm with a long username and password combination
2. Add a authorization header to the transport call. 

headerList.add(new HeaderProperty("Authorization", "Basic " + 
org.kobjects.base64.Base64.encode("username:password".getBytes())));

3. Perform a call to the realm, and get a 401 HTTP error.
4. Correct the base 64 encoding in header to:

headerList.add(new HeaderProperty("Authorization", "Basic " + 
android.util.Base64.encodeToString("username:password".getBytes(), 
android.util.Base64.NO_WRAP));

What version of the product are you using? On what operating system?

ksoap 3.2.0

Please provide any additional information below.

The base 64 encoding used in HttpBasicAuth follows the standard base64 
encoding, which wraps the encoded string at character 76. This is not allowed 
for basic authorization, which expects the entire content without any line 
breaks.

This can be fixed by using the standard Base64 encoding from the android 
platform without wrapping being performed.

Original issue reported on code.google.com by dvank...@gmail.com on 23 May 2014 at 12:59

GoogleCodeExporter commented 8 years ago 
The project is migrating to github. If you believe this issue is still valid 
and should be tracked please file a new issue at 
https://github.com/simpligility/ksoap2-android/issues

Original comment by mosa...@gmail.com on 7 Aug 2015 at 5:35