I got the impression that url.el was designed primarily for interactive operations, i.e. you make a call without authorization, the server responds 403 with “authorization required” (correct code?), and url.el will ask for a user for a username and password.
You can see my code at http://github.com/hdurer/fluiddb.el , where I am trying to do something programmatically.
Basically, I create the HTTP author’s header myself (base64 encodes a correctly formatted string and adds the correct header to url-request-extra-headers ). Then, in the second step, I need to add the url-http-handle-authentication tip so that it doesn’t ask the user that the credentials transferred are not acceptable.
This is very similar to raping url.el , but it works for me, and this is the only way to make it work.
So your code would look something like this:
(defvar xyz-user-name "admin") (defvar xyz-password "admin") (defvar xyz-block-authorisation nil "Flag whether to block url.el usual interactive authorisation procedure") (defadvice url-http-handle-authentication (around xyz-fix) (unless xyz-block-authorisation ad-do-it)) (ad-activate 'url-http-handle-authentication) (defun login-show-posts () (interactive) (let ((xyz-block-authorisation t) (url-request-method "GET") (url-request-extra-headers `(("Content-Type" . "application/xml") ("Authorization" . ,(concat "Basic " (base64-encode-string (concat xyz-user-name ":" xyz-password))))))) (url-retrieve "http://localhost:3000/essay/1.xml" (lambda (status) (switch-to-buffer (current-buffer)) ))))