Enterprise Java

How to handle HTTP 403 forbidden error in Java

Photo of Hussein Terek Hussein TerekMay 7th, 2018Last Updated: May 7th, 2018
2 2,992 1 minute read

Sometimes when trying to consume a web service from a java client, you get a 403 forbidden HTTP response code, even though the service is accessible normally from web browsers.

The HTTP 403 forbidden error doesn’t necessarily occur due to missing authentication attributes, some web services would only authorize web browsers or some specific clients to access them, while they deny any requests coming from third-party clients.

# Problem

I am getting HTTP 403 error when retrieving some data from a public web service, while i am able to retrieve them successfully when running the same URL link in web browsers.

This is indeed a very common problem which most developers face when consuming a web service.

# Resolution

This problem is normally resolved by imitating the web browser request so that the web service deals with the java client as if it was a web browser.

The first thing to do is to run the service URL on a web browser and use “live http headers” plugin (or any equivalent) to log the passed header attributes from the browser. Below is a typical request logged from a browser:

GET /feeds HTTP/1.1
Host: publicservice.com:443
Accept: */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: OGP=-4061129:; SID=FAYIU7tO....
Referer: https://clients5.google.com/pagead/drt/dn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
X-Client-Data: CIa2yQEIpLbJAQjBtskBCKmdygEIqKPKARiSo8oB

As noticed, the “User-Agent” header specifies the name and the type of the client which is trying to access the service, so in order to imitate the web browser we need to add this header to our request. Following is how to add it using HttpUrlConnection:

String url = "https://publicservice.com/feeds";
URL obj = new URL(url);
HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();
con.setRequestMethod("GET");
con.setRequestProperty("Content-Type", "application/json");
con.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36");
Published on Java Code Geeks with permission by Hussein Terek, partner at our JCG program. See the original article here: How to handle HTTP 403 forbidden error in Java

Opinions expressed by Java Code Geeks contributors are their own.

Photo of Hussein Terek Hussein TerekMay 7th, 2018Last Updated: May 7th, 2018
2 2,992 1 minute read
Photo of Hussein Terek

Hussein Terek

Hussein is a senior software engineer with 5 years of experience in software design, development and integration. He is the author and founder of Programmer Gate (www.programmergate.com) blog.
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

2 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
5 years ago

nice~

2
Reply
yasemin
yasemin
3 years ago

thank you

0
Reply
Back to top button