HTTP Basic Authentication issue on Android Jelly Bean 4.1 using HttpURLConnection

Question

We are making HttpURLConnection based request to the Web server using HTTP Basic Authentication. Code works great on Android versions 2.x, 3.x., 4.0.x Now with Jelly Bean an

Answer 1

For a 401 UNAUTHORIZED response with Android's httpURLConnection your server must send back a authenticate header like this...
WWW-Authenticate: Bogus realm="blahblah", comment="use form to log in"
as per
http://tools.ietf.org/html/rfc2616 search "10.4.2 401 Unauthorized"

Answer 2

We were able to solve Jelly Bean not calling getPasswordAuthentication() of the Authenticator via the following new method:

@TargetApi(Build.VERSION_CODES.FROYO) 
private void setJellyBeanAuth(HttpURLConnection httpConn) {
    if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN) {
        byte[] auth = (USER + ":" + PASSWORD).getBytes();
        String basic = Base64.encodeToString(auth, Base64.NO_WRAP);
        httpConn.setRequestProperty("Authorization", "Basic " + basic);
    }
}

Then just call this function after opening the connection:

httpURLConn = (HttpURLConnection) url.openConnection();
setJellyBeanAuth(httpURLConn);

The @TargetApi for Froyo annotation is only necessary since we are still supporting API 7 while Base64 was added in API 8