How to add HTTP authentication in Qt C++
This article shows how to add HTTP authentication to a Qt C++ application using QNetworkAccessManager.
Article Metadata
Article
Overview
Many mobile apps are heavy users of web services. Often you will create your web backed using a web framework, for example Pyramid or Django which will enable you to support HTTP basic authentication over SSL (useful if you want to enable your users to log in securely to their cloud account from your Qt app).
Getting authenticated against the web back end could not be easier using QNetworkAccessManager. This class is a higher level abstraction on top of network resources, allowing you to quite easily make your app network aware. You get SSL support for free by just using an "https://" prefixed URL, given that the remote certificate is signed by a known CA.
When an authentication is required, a signal is emitted for you to connect to and fill the authentication credentials in your slot. This will in quick look even more simple once a glance over the example code is given. To make this "interactive" you just need to take your creds from some input fields.
Source code
The code is shown below. First we need to create a QNetworkAccessManager instance and connect to its signals, the important one here for authentication is the authenticationRequired signal, which is dispatched as soon as the servers asks for authentication to complete our request.
QNetworkAccessManager *manager = new QNetworkAccessManager();
connect(manager, SIGNAL(authenticationRequired(QNetworkReply*,QAuthenticator*)),
SLOT(provideAuthenication(QNetworkReply*,QAuthenticator*)));
connect(manager, SIGNAL(finished(QNetworkReply*)), this, SLOT(httpReply(QNetworkReply*)));
QNetworkRequest req(QUrl("https://api.mydomain.tld/about"));
manager->get(req);
The slot code for filling the credentials for the authentication will look something like:
void MainWindow::provideAuthenication(QNetworkReply *reply, QAuthenticator *ator)
{
qDebug() << reply->readAll(); // this is just to see what we received
ator->setUser(QString("USERNAME"));
ator->setPassword(QString("MYPASSWORD"));
}
Note that on Symbian, if your application is self signed, there may be an error. See this for more information -this was found quite useful and a nice intro to Qt networking stack that now days mostly encourages using higher level abstractions than dealing with sockets and bytes.
NielsMayer - Additional issues arise with self-signed certs and SSL w/ Qt 4.7
See also http://code.google.com/p/qtzibit/source/browse/trunk/main.cpp
NPM: HACK/WORKAROUND FOR QT 4.7. Need to setup networking to not puke on SSL errors, which prevented Bugzibit example from working with https://bugs.meego.com due to its SSL implementation and certificate. This workaround will not be necessary at some point per Thiago's comment "QSslSocket does not send the Server Name Identification SSL extension [in Qt 4.7] ... QSslSocket in Qt 4.8 does send SNI now." ( http://lists.meego.com/pipermail/meego-dev/2011-May/482965.html http://lists.meego.com/pipermail/meego-dev/2011-May/482968.html ). For details on technique, see http://www.developer.nokia.com/Community/Wiki/Why_does_QML_require_QDeclarativeNetworkAccessManagerFactory http://www.qtcentre.org/threads/21470-SSL-Problem
Hamishwillee - @NielsMayer - Thanks for the update
If possible, could you integrate this into the main body of the documentation, and update the ArticleMetaData with information about platforms and devices this was tested against?hamishwillee 03:12, 27 October 2011 (EEST)