Basic authentication is one of the simplest and thus the least secure authentication mechanism. It sends a combined string, which contains username and password encoded with base64 encoding, inside a special HTTP header. Password and username can be very easily discovered, if the HTTP request is intercepted by an attacker. On the other hand, if a request goes through using the HTTPS protocol, then header discovery is less likely to happen. The combination of HTTPS and basic authentication makes a rather popular choice as a starting security scheme for web services.
In this recipe, we will demonstrate how to use the HTTPBuilder
library, which we already covered in previous recipes (for example, the Issuing a SOAP request and parsing a response recipe), to achieve the basic request authentication.
The following steps present how simple it is to inject basic authentication credentials into your requests:
HTTPBuilder
pointing to our service URL:def service = new HTTPBuilder('https://localhost:5000/')
groovy
) and password (cookbook
) values can be set in the following way:service.auth.basic('groovy', 'cookbook')
def response = service.get(path: 'secret-service')