I am working on a JAVA Swing application, where I want to add a button, which when clicked should open the system’s default web-browser with a webpage. I was able to achieve this, however the web page that I am intended to open has a Digest Authentication(with nonce,realm and MD-5 sess), so when the page is opened it asks for username and password. I want to do away with the login prompt every time I open the page from the JAVA application(username & password is known). I am wondering if its possible with the JAVA application to communicate to the webserver till the authentication and somehow transfer that HTTP session to a web browser.
I have been trying out the HTTPclient from the apache commons, it works fine however I don’t see how I can transfer the webpage to the web browser (No, I don’t have access to the web server and I cannot change the authentication mechanism).
If we reduce your question, you’re essentially asking, “can I subvert the authentication mechanism from outside the server”. The answer to this is, “thankfully no.” However, you can give the browser a helping hand by telling it what username and password to send.
If you’re opening the following URL:
Change your URL to:
Note that in some browsers, the password will be obscured, but you shouldn’t rely on it. So you’re damned to giving away the password.