首頁猿問使用Apache...

使用Apache HttpClient進(jìn)行搶占式基本身份驗(yàn)證4

Java

肥皂起泡泡 2019-08-12 18:06:14

使用Apache HttpClient進(jìn)行搶占式基本身份驗(yàn)證4是否有一種更簡(jiǎn)單的方法來設(shè)置http客戶端以進(jìn)行搶先式基本身份驗(yàn)證，而不是此處描述的內(nèi)容？在以前的版本（3.x）中，它曾經(jīng)是一個(gè)簡(jiǎn)單的方法調(diào)用（例如httpClient.getParams().setAuthenticationPreemptive(true)）。我想避免的主要是將BasicHttpContext添加到我執(zhí)行的每個(gè)方法。

查看完整描述

3 回答

FFIVE

TA貢獻(xiàn)1797條經(jīng)驗(yàn) 獲得超6個(gè)贊

如果沒有每次傳遞上下文都很難做到這一點(diǎn)，但你可以通過使用請(qǐng)求攔截器來做到這一點(diǎn)。這是我們使用的一些代碼（從他們的JIRA，iirc中找到）：

// Pre-emptive authentication to speed things upBasicHttpContext localContext = new BasicHttpContext();BasicScheme basicAuth = new BasicScheme();localContext.setAttribute("preemptive-auth", basicAuth);httpClient.addRequestInterceptor(new PreemptiveAuthInterceptor(), 0);(...)static class PreemptiveAuthInterceptor implements HttpRequestInterceptor {

    public void process(final HttpRequest request, final HttpContext context) throws HttpException, IOException {
        AuthState authState = (AuthState) context.getAttribute(ClientContext.TARGET_AUTH_STATE);

        // If no auth scheme avaialble yet, try to initialize it
        // preemptively
        if (authState.getAuthScheme() == null) {
            AuthScheme authScheme = (AuthScheme) context.getAttribute("preemptive-auth");
            CredentialsProvider credsProvider = (CredentialsProvider) context.getAttribute(ClientContext.CREDS_PROVIDER);
            HttpHost targetHost = (HttpHost) context.getAttribute(ExecutionContext.HTTP_TARGET_HOST);
            if (authScheme != null) {
                Credentials creds = credsProvider.getCredentials(new AuthScope(targetHost.getHostName(), targetHost.getPort()));
                if (creds == null) {
                    throw new HttpException("No credentials for preemptive authentication");
                }
                authState.setAuthScheme(authScheme);
                authState.setCredentials(creds);
            }
        }

    }}

反對(duì) 回復(fù) 2019-08-12

胡說叔叔

TA貢獻(xiàn)1804條經(jīng)驗(yàn) 獲得超8個(gè)贊

如果您希望強(qiáng)制HttpClient 4通過單個(gè)請(qǐng)求進(jìn)行身份驗(yàn)證，則以下內(nèi)容將起作用：

String username = ...String password = ...UsernamePasswordCredentials creds = new UsernamePasswordCredentials(username, password);HttpRequest request = ...request.addHeader(new BasicScheme().authenticate(creds, request));

反對(duì) 回復(fù) 2019-08-12

眼眸繁星

TA貢獻(xiàn)1873條經(jīng)驗(yàn) 獲得超9個(gè)贊

這與Mat的Mannion相同，但您不必將localContext放到每個(gè)請(qǐng)求中。它更簡(jiǎn)單，但它為所有請(qǐng)求添加了身份驗(yàn)證。如果您無法控制單個(gè)請(qǐng)求，則非常有用，就像我在使用內(nèi)部使用HttpClient的Apache Solr時(shí)一樣。

import org.apache.http.HttpException;import org.apache.http.HttpHost;import org.apache.http.HttpRequest;import org.apache.http.HttpRequestInterceptor;import org.apache.http.auth.AuthScope;import org.apache.http.auth.AuthState;import org.apache.http.auth.Credentials;import org.apache.http.client.CredentialsProvider;import org.apache.http.client.protocol.ClientContext;import org.apache.http.impl.auth.BasicScheme;import org.apache.http.protocol.ExecutionContext;import org.apache.http.protocol.HttpContext;httpClient.addRequestInterceptor(new PreemptiveAuthInterceptor(), 0);(...)static class PreemptiveAuthInterceptor implements HttpRequestInterceptor {

    public void process(final HttpRequest request, final HttpContext context) throws HttpException, IOException {
        AuthState authState = (AuthState) context.getAttribute(ClientContext.TARGET_AUTH_STATE);

        // If no auth scheme available yet, try to initialize it
        // preemptively
        if (authState.getAuthScheme() == null) {
            CredentialsProvider credsProvider = (CredentialsProvider) context.getAttribute(ClientContext.CREDS_PROVIDER);
            HttpHost targetHost = (HttpHost) context.getAttribute(ExecutionContext.HTTP_TARGET_HOST);
            Credentials creds = credsProvider.getCredentials(new AuthScope(targetHost.getHostName(), targetHost.getPort()));
            if (creds == null) {
                throw new HttpException("No credentials for preemptive authentication");
            }
            authState.setAuthScheme(new BasicScheme());
            authState.setCredentials(creds);
        }

    }}

當(dāng)然，您必須設(shè)置憑證提供程序：

httpClient.getCredentialsProvider().setCredentials(
                new AuthScope(url.getHost(), url.getPort()),
                new UsernamePasswordCredentials(username, password))

將AuthScope不能包含的境界，因?yàn)樗鞘孪炔恢馈?/p>

反對(duì) 回復(fù) 2019-08-12