Apache HTTP客户端样本无法进行摘要式身份验证
我正在运行样本Apache hc(http客户端)进行摘要式身份验证。我没有改变什么,只是使用所提供的样本:Apache HTTP客户端样本无法进行摘要式身份验证
public static void main(String[] args) throws Exception {
HttpHost target = new HttpHost("httpbin.org", 80, "http");
CredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(
new AuthScope(target.getHostName(), target.getPort()),
new UsernamePasswordCredentials("user", "passwd"));
CloseableHttpClient httpclient = HttpClients.custom()
.setDefaultCredentialsProvider(credsProvider)
.build();
try {
// Create AuthCache instance
AuthCache authCache = new BasicAuthCache();
// Generate DIGEST scheme object, initialize it and add it to the local
// auth cache
DigestScheme digestAuth = new DigestScheme();
// Suppose we already know the realm name
digestAuth.overrideParamter("realm", "[email protected]");
// Suppose we already know the expected nonce value
digestAuth.overrideParamter("nonce", "b2c603bb7c93cfa197945553a1044283");
authCache.put(target, digestAuth);
// Add AuthCache to the execution context
HttpClientContext localContext = HttpClientContext.create();
localContext.setAuthCache(authCache);
HttpGet httpget = new HttpGet("http://httpbin.org/digest-auth/auth/user/passwd");
System.out.println("Executing request " + httpget.getRequestLine() + " to target " + target);
for (int i = 0; i < 3; i++) {
CloseableHttpResponse response = httpclient.execute(target, httpget, localContext);
try {
System.out.println("----------------------------------------");
System.out.println(response.getStatusLine());
System.out.println(EntityUtils.toString(response.getEntity()));
} finally {
response.close();
}
}
} finally {
httpclient.close();
}
}
而且我越来越:HTTP/1.1 401未经授权
如果我直接去找http://httpbin.org/digest-auth/auth/user/passwd在提示我要用户/ passwd文件,然后提供这一页。所以这个网站是正确的。
任何想法是什么错?我有最新版本的图书馆。
的Fiddler验证为浏览器(成功):
无代理授权报头的存在。
认证头存在:文摘名= “用户”, 境界= “[email protected]”,随机数= “8ada87344eb5a10bf810bcc211205c24”, URI = “/消化-AUTH/AUTH /用户/ passwd的”, 响应= “ad22423e5591d14c90c6fe3cd762e64c”, 不透明= “361645844d957289c4c8f3479f76269f”,QOP = AUTH,NC = 00000001, cnonce = “260d8ddfe64bf32e”
提琴手验证了我的代码(失败):
无代理-Authorizati在标题上。
认证头存在:文摘名= “用户”, 境界= “[email protected]”,随机数= “76af6c9c0a1f57ee5f0fcade2a5f758c”, URI =“http://httpbin.org/digest-auth/auth /用户/ passwd的”, 响应= “745686e3f38ab40ce5907d41f91823e6”,QOP = AUTH,NC = 00000001, cnonce = “634b618d5c8ac9af”,算法= MD5, 不透明= “fe84ce11c48a7b258490600800e5e6df”
好吧,我得到它的工作。你也必须设置一个cookie。 Thanks to this post寻求帮助。下面的代码工作 - 但只有当你使用Fiddler时而不是。
public static void main(String[] args) throws Exception {
CookieStore cookieStore = new BasicCookieStore();
BasicClientCookie cookie = new BasicClientCookie("fake", "fake_value");
cookie.setDomain("httpbin.org");
cookie.setPath("/");
cookieStore.addCookie(cookie);
// https://*.com/questions/27291842/digest-auth-with-java-apache-client-always-401-unauthorized
HttpHost target = new HttpHost("httpbin.org", 80, "http");
CredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(
new AuthScope(target.getHostName(), target.getPort()),
new UsernamePasswordCredentials("user", "passwd"));
CloseableHttpClient httpclient = HttpClients.custom()
.setDefaultCookieStore(cookieStore)
.setDefaultCredentialsProvider(credsProvider)
// .setProxy(new HttpHost("127.0.0.1", 8888))
.build();
try {
// Create AuthCache instance
AuthCache authCache = new BasicAuthCache();
// Generate DIGEST scheme object, initialize it and add it to the local
// auth cache
DigestScheme digestAuth = new DigestScheme();
// Suppose we already know the realm name
digestAuth.overrideParamter("realm", "[email protected]");
// Suppose we already know the expected nonce value
digestAuth.overrideParamter("nonce", calculateNonce());
authCache.put(target, digestAuth);
// Add AuthCache to the execution context
HttpClientContext localContext = HttpClientContext.create();
localContext.setAuthCache(authCache);
HttpGet httpget = new HttpGet("http://httpbin.org/digest-auth/auth/user/passwd");
System.out.println("Executing request " + httpget.getRequestLine() + " to target " + target);
CloseableHttpResponse response = httpclient.execute(target, httpget, localContext);
try {
System.out.println("----------------------------------------");
System.out.println(response.getStatusLine());
System.out.println(EntityUtils.toString(response.getEntity()));
} finally {
response.close();
}
} finally {
httpclient.close();
}
}
public static synchronized String calculateNonce() {
Date d = new Date();
SimpleDateFormat f = new SimpleDateFormat("yyyy:MM:dd:hh:mm:ss");
String fmtDate = f.format(d);
Random rand = new Random(100000);
Integer randomInt = rand.nextInt();
return org.apache.commons.codec.digest.DigestUtils.md5Hex(fmtDate + randomInt.toString());
}
如何以编程方式确定领域?此代码适用于将连接到许多服务器的许多计算机上运行的库。所以我不能硬编码。 –