Spring RestTemplate receives "401 Unauthorized"
24,626
I found that my issue originally posted above was due to double encryption happening on the auth params. I resolved it by using UriComponentsBuilder and explicitly calling encode() on the the exchange().
SyncResponse retrieveData(UriComponentsBuilder builder) {
RestTemplate restTemplate = new RestTemplate();
HttpHeaders headers = new HttpHeaders();
headers.set("Accept", MediaType.APPLICATION_JSON_VALUE);
HttpEntity<String> request = new HttpEntity<String>(headers);
ResponseEntity<SyncResponse> response = restTemplate.exchange(builder.build().encode().toUri(), HttpMethod.GET, request, SyncResponse.class);
return response.getBody();
}
My UriComponentsBuilder was built using:
UriComponentsBuilder buildUrl(String urlString) {
UriComponentsBuilder builder = UriComponentsBuilder.fromHttpUrl(urlString);
return auth.appendAuth(builder);
}
(The auth.appendAuth() adds additional .queryParams() needed by the target service in urlString.)
The call to execute this was retrieveData(buildUrl(urlString));.
Author by
Squigglylot
Updated on March 01, 2020Comments
-
Squigglylot about 4 years
I am using the following to retrieve JSON via RestTemplate in Spring 4:
protected DocInfoResponse retrieveData(String urlWithAuth) { RestTemplate restTemplate = new RestTemplate(); HttpHeaders headers = new HttpHeaders(); headers.add("Authorization", "Basic " + auth.getSig()); HttpEntity<String> request = new HttpEntity<String>(headers); ResponseEntity<DocInfoResponse> response = restTemplate.exchange(urlWithAuth, HttpMethod.GET, request, DocInfoResponse.class); return response.getBody(); }I used the same code (with different response class) to successfully get a JSON doc from the same site (with different parameters to get a different doc).
When I execute the above code I receive the following stack trace (in part):
Caused by: org.springframework.web.client.HttpClientErrorException: 401 Unauthorized at org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:91) ~[spring-web-4.3.7.RELEASE.jar:4.3.7.RELEASE]Can anyone point me to why this might be receiving the exception?
-
Coder about 7 yearsHave you tried to access the same from browser or postman? Is it working there with this authentication? -
Squigglylot about 7 yearsYes, I have gotten the same URL to successfully return expected results in browsers.
-
Coder about 7 yearsIt surely is an authentication problem. Are you generating digital signatures for authentication? Is the signature URL specific?
-
Squigglylot about 7 yearsDigital signature is being generated. That is in the 'auth.getSig()' call. There is nothing in the site documentation that specifies it is URL specific. The same signature/algorithm is used in both cases (the URL that works and the one that doesn't).
-
Coder about 7 yearsCan you share the other method which is working?
-
Squigglylot about 7 yearsIt is exactly the same, with the following two exceptions: 1) the URL, 2) the response object (SyncResponse.class vs DocInfoResponse.class -- the former is working, the latter is the problem).
-
Coder about 7 yearsSome digital signatures are URL specific. That being said resttemplate encodes the URL making it a bit difficult when you have a digital signature which most of the times is specifc to the URL. I am not sure how
auth.getSig()generated a digital signature as in most of the cases it is validated against the client information provided in the URL -
avi.elkharrat almost 7 yearsHi I'm having the exact same problem. I am able to connect to the target URL using FireFox RESTClient in Basic Authentication. However, I'm getting a "401 Unauthorized" while usint Spring RestTemplate
-
-
Squigglylot almost 7 yearsIn my case, the authorization string was being double encrypted. I resolved this by doing something similar to your suggestion of manual encryption ... using 'UriComponentsBuilder'.
-
avi.elkharrat almost 7 yearsglad this helped! your question was helpful too :)