• 4

A PHP Error was encountered

Severity: Notice

Message: Undefined index: userid

Filename: views/question.php

Line Number: 191


File: /home/prodcxja/public_html/questions/application/views/question.php
Line: 191
Function: _error_handler

File: /home/prodcxja/public_html/questions/application/controllers/Questions.php
Line: 433
Function: view

File: /home/prodcxja/public_html/questions/index.php
Line: 315
Function: require_once

I am trying to send a GET via Android's HttpURLConnection (imported from org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnection), and upon receiving the response, an IOException is thrown:

in doRequestInternal(): "Received authentication challenge is null"

What does this error mean, and what is causing this? I am writing OAuth parameters to the Authorization header, but I do this on other occasions, too, without problems.

    if (connection == null) {
        connection = (HttpURLConnection) new URL(endpointUrl).openConnection();

    //... do some OAuth message signing


    int statusCode = connection.getResponseCode(); // throws IOException

I found out the reason.

First of all, to all who aren't aware of what this error means (I sure wasn't): This exception is thrown if the server replies with a 401. Very intuitive, considering that it was thrown in getResponseCode() (i.o.w. you are never able to check for 401s yourself, but have to catch this IOException instead...).

The actual cause for the 401 was that I didn't send an OAuth verifier code where it was expected at this point.

  • 50
Reply Report
      • 2
    • no I ran into this problem as part of the DefaultOAuthProvider implementation for Signpost, which uses HTTPUrlConnection instead of Apache HttpClient.
      • 1
    • yes -- I developed it! This question is about a year old, meanwhile I added a CommonsHttpOAuthProvider which doesn't suffer from this issue. i.o.w. you can now use Signpost without any of the java.net classes, which are buggy in Harmony/Android.

Maybe will be useful for somebody...

This exception just means malformed answer headers: the "WWW-Authenticate" header was not found. Also, chunked answers with 401 code are not supported, so you'll need "Content-Length" header (can be zero).

  • 13
Reply Report
      • 1
    • Client needs to send "Authorization" header and if server didn't like credentials it needs to send back WWW-Authenticate. In my case it's our server and it was sending WWW-Authenticate only when Authorization header was missing. To fix error in subject we made a change on server-side to send WWW-Authenticate when Authorization fails.

Please note that there are two authentication approaches: HTTP Authentication and token-based authentication. If you are using HTTP Authentication then you have to follow referenced specification: include WWW-Authenticate header field on server side, use java.net.Authenticator locally, etc. If you are using token-based authentication then obviously you have to use cookies to store the token and make able to keep long lived sessions alive. In such case put the next code into android.app.Application.onCreate()

CookieManager cookieManager = new CookieManager();

and you won't have troubles when receiving HTTP 401 from the server without WWW-Authenticate header field.

  • 2
Reply Report