Android-WebView's onReceivedHttpAuthRequest() not called again

quasiceo 2015-06-24

展开全文

Android-WebView's onReceivedHttpAuthRequest() not called again

up vote 2 down vote favorite

I am using a webview based application where i am rendering a url in the webview. The Url has a HTTP auth .

When i launch the url very first time,its onReceivedHttpAuthRequest() is called and I display a dialog for user to enter the authentication credentials that is auth username and password.

@Override
public void onReceivedHttpAuthRequest(WebView view, HttpAuthHandler handler, String host, String realm) {
        final WebView mView = view;
        final HttpAuthHandler mHandler = handler;

        final EditText usernameInput = new EditText(mActivity);
        usernameInput.setHint("Username");

        final EditText passwordInput = new EditText(mActivity);
        passwordInput.setHint("Password");
        passwordInput.setInputType(InputType.TYPE_CLASS_TEXT | InputType.TYPE_TEXT_VARIATION_PASSWORD);

        LinearLayout ll = new LinearLayout(mActivity);
        ll.setOrientation(LinearLayout.VERTICAL);
        ll.addView(usernameInput);
        ll.addView(passwordInput);

        Builder authDialog = new AlertDialog
                .Builder(mActivity)
                .setTitle("Authentication")
                .setView(ll)
                .setCancelable(false)
                .setPositiveButton("OK", new DialogInterface.OnClickListener() {
                    public void onClick(DialogInterface dialog, int whichButton) {
                        mHandler.proceed(usernameInput.getText().toString(), passwordInput.getText().toString());
                        dialog.dismiss();
                    }
                })
                .setNegativeButton("Cancel", new DialogInterface.OnClickListener() {
                    public void onClick(DialogInterface dialog, int whichButton) {
                        dialog.dismiss();
                        mView.stopLoading();
                        onLoadListener.onAuthCancel((MyWebView)mView, mTitleTextView);
                    }
                });

        if(view!=null)
            authDialog.show();

    }

On Submitting the request proceed well and the url is loaded. But After I exit the app using back button(not sending in background), if i launch it again and tru to load the same url it directly load the url without asking for credentials that is onReceivedHttpAuthRequest() is never called again.

I am also clearing the credentials on app exit using following code:

WebViewDatabase webDB = WebViewDatabase.getInstance(BrowserActivity.this);
    if(webDB!=null){
        if(webDB.hasFormData())
            webDB.clearFormData();
        if(webDB.hasUsernamePassword())
            webDB.clearUsernamePassword();
        if(webDB.hasHttpAuthUsernamePassword())
            webDB.clearHttpAuthUsernamePassword();
    }
webView.clearCache(true);

Also i am clearing all the webview cache, cookies, and application's cache directory and the webview databases:

BrowserActivity.this.deleteDatabase("webview.db");
BrowserActivity.this.deleteDatabase("webviewCache.db");

I don't know why this is happening. Is there anybody who can help me on this. At least on the issue that why onReceivedHttpAuthRequest() is not called?

share|improve this question

asked Dec 5 '13 at 11:54

mohitum007
3232617

Are you certain that the code you have to clear the saved username/password is being executed? – ksasq Dec 6 '13 at 9:07

yes it is executed. Also when i force stop the app and then launch, it asks for auth. – mohitum007 Dec 6 '13 at 9:33

OK, so it sounds like only the case that doesn't work is when you use the back button? When exactly do you run the code that clears the database? – ksasq Dec 6 '13 at 11:19

1. Clearing Webview cache. 2. Delete database. 3. Clear cookies. 4. Deleting cache directory – mohitum007 Dec 6 '13 at 12:53

@Thushara, Not yet, I ahve changed the functionality now. But still searching for the same. – mohitum007 Dec 15 '14 at 11:16

show 3 more comments

1 Answer

active oldest votes

up vote 0 down vote

The reason for this is webview store previous connection cookies. So we need to manually clear them and store new cookie data for the current url. we can do it like this.

HttpURLConnection connection = null;
    try {
        URL urls = new URL(url);
        String authStr = "";
        if (!params.isEmpty()) {
            authStr = params.get(0).getValue() + ":"
                    + params.get(1).getValue();
        }

        String authEncoded = Base64.encodeBytes(authStr.getBytes());

        connection = (HttpURLConnection) urls
                .openConnection();
        connection.setConnectTimeout(5100);
        connection.setReadTimeout(5200);
        connection.setDoOutput(false);
        connection.setRequestProperty("Authorization", "Basic "
                + authEncoded);
        CookieManager cookieManager = CookieManager.getInstance();
        String cookie = cookieManager.getCookie(connection.getURL().toString());
        if (cookie != null) {
            connection.setRequestProperty("Cookie", cookie);
        }
        connection.connect();

        responseCode = connection.getResponseCode();
        InputStream content = connection.getInputStream();
        response = convertStreamToString(content);
        content.close();

        // Get cookies from responses and save into the cookie manager. session is created only in rest call url
        List<String> cookieList = connection.getHeaderFields().get("Set-Cookie");
        if (cookieList != null) {
            for (String cookieTemp : cookieList) {
                cookieManager.setCookie(connection.getURL().toString(), cookieTemp);
            }
        }

    }catch (SocketTimeoutException es){
        response = ConnectionStatus.TIME_OUT.name();
    } catch (Exception e) {
        response = e.getMessage();
        e.printStackTrace();
    }
    finally {
        connection.disconnect();
    }

share|improve this answer