Access password protected URL with Authenticator

With this example we are going to demonstrate how to access a password protected URL using the Authenticator Class. The class Authenticator represents an object that knows how to obtain authentication for a network connection. Usually, it will do this by prompting the user for information. Applications use this class by overriding getPasswordAuthentication() in a sub-class. This method will typically use the various getXXX() accessor methods to get information about the entity requesting authentication. It must then acquire a username and password either by interacting with the user or through some other non-interactive means. The credentials are then returned as a PasswordAuthentication return value. In short, to access a password protected URL with the Authenticator you should:

  • Create a CustomAuthenticator that extends the Authenticator
  • Override the getPasswordAuthentication() method. There you can get the prompt string given by the requestor, with getRequestingPrompt() method. You can get the hostname of the site or proxy requesting authentication with getRequestingHost() API method. You can get the InetAddress of the site requesting authorization, using getRequestingSite() method. You can also get the port number for the requested connection with getRequestingPort() method. In the method you can create a new username and a new password and return a new PasswordAuthentication from the given user name and password.
  • Set the CustomAuthenticator as the authenticator that will be used by the networking code when a proxy or an HTTP server asks for authentication, with setDefault(Authenticator a) API method of Authenticator.
  • Create a URL object from a String representation.
  • Use openStream() API method to open a connection to this URL and and get the InputStream for reading from that connection. 
  • Create a new BufferedReader, using a new InputStreamReader with the URL input stream.
  • Read the text, using readLine() API method of BufferedReader.

Let’s take a look at the code snippet that follows:

package com.javacodegeeks.snippets.core;


public class AccessPasswordProtectedURLWithAuthenticator {
	public static void main(String[] args) {
		try {
			// Sets the authenticator that will be used by the networking code
		    // when a proxy or an HTTP server asks for authentication.
			Authenticator.setDefault(new CustomAuthenticator());
			URL url = new URL("");
			// read text returned by server
		    BufferedReader in = new BufferedReader(new InputStreamReader(url.openStream()));
		    String line;
		    while ((line = in.readLine()) != null) {
		catch (MalformedURLException e) {
			System.out.println("Malformed URL: " + e.getMessage());
		catch (IOException e) {
			System.out.println("I/O Error: " + e.getMessage());
	public static class CustomAuthenticator extends Authenticator {
		// Called when password authorization is needed
		protected PasswordAuthentication getPasswordAuthentication() {
			// Get information about the request
			String prompt = getRequestingPrompt();
			String hostname = getRequestingHost();
			InetAddress ipaddr = getRequestingSite();
			int port = getRequestingPort();

			String username = "username";
			String password = "password";

			// Return the information (a data holder that is used by Authenticator)
			return new PasswordAuthentication(username, password.toCharArray());


This was an example of how to access a password protected URL using the Authenticator Class in Java.

Ilias Tsagklis

Ilias is a software developer turned online entrepreneur. He is co-founder and Executive Editor at Java Code Geeks.
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments
Back to top button