HTMLUnit:确定“登录"是否正确那是成功的 [英] HTMLUnit : Determine if the "login" was successful

问题描述

我开发了一个脚本，其唯一目的是检查网站/服务是否已启动并正在运行.它这样做的方式是，它使用其 url 连接到页面，并使用用户凭据登录到站点.如果登录成功，则服务运行良好.

I have developed a script whose sole purpose is to check if the website/service is up and running. The way it does that is ,it connects to the page using its url and logs in to the site using the user credentials. If the login is successful then the service is running fine.

此脚本是用 Java 编写的，并使用 HTMLUnit.这就是我的问题.我如何确保登录后返回的HTML页面(填写表单后单击登录/登录按钮)是登录后的帐户主页".换句话说，我如何确定登录操作是否成功.

This script has been written in Java and uses HTMLUnit. Here lies my problem. How do i ensure the HTML page returned after logging in(clicking the login/sign in button after filling out the form) is the post-login "Account home page".In other words how do i determine if the login operation was successful.

这是我现在的做法.帐户页面通常有一些与用户相关的信息.例如，如果我登录到 yahoo 邮件，它会在页面的右上角显示欢迎，用户名"，或者页面上将始终显示撰写"或收件箱".我正在使用此逻辑来测试是否成功.

Here is how i am doing it right now. Account pages usually have some user related info. For instance if i log in to yahoo mail it will have "Welcome , Username" on the top right corner of the page Or page will always have "Compose" or "inbox" on it. I am using this logic to test for success.

这是我在测试此脚本时的观察结果.我遇到过这条规则崩溃的情况.

This has been my observation while testing this script. I have come across cases where this rule falls apart.

• 有时登录后返回的页面是一个错误页面，要求您
  检查您输入的凭据.

• Some times the page returned after login is an error page asking you to
  check your entered credentials.

有时返回的页面可能会要求您打开 JavaScript 或
在您的浏览器中启用 cookie.

There are times where page returned may ask you to turn on your javascript or
enable cookie in your browser.

我遇到过服务器返回的页面被相同的登录前页面(没有解释原因)

I have come across a case where the page returned by the server has been the same pre-login page (no explanation given as to why)

有些网页本质上是动态的，因此内容会发生变化时.在这种情况下，关键字搜索可能会导致错误
否定.这就是为什么这种搜索字符串铰链存在的逻辑
完全取决于搜索字符串/关键字"的选择.

Some web pages are dynamic in nature hence the content changes from time to time. In such cases key-word search may result in false
negatives.Which is why this logic of searching for presence of a string hinges
purely on the choice of "search string/keywords".

我想说明的一点是，预先为这些案例编码是不现实的.

The point that i am trying to make is that coding for these cases upfront is not realistic.

我尝试比较登录前和登录后页面的网址，但发现
很多情况下两者是相同的.因此即使这种方法也没有定论.

I tried comparing urls of the pre-login and post-login pages but found out
that there are many cases where both are the same.Hence even this method is not conclusive.

我需要一种确定登录是否成功的可靠方法.我不是专业的 Web 开发人员.服务器是否返回任何可以解决的新页面的状态代码?HTMLUnit 是否具有测试成功和失败的能力.

I need a sure shot way of determining if the login was successful. I am not a professional web developer. Does the server return any status code with the new page, that can be resolved? Does HTMLUnit have some ability to test for success and failure.

感谢您的帮助/评论.谢谢！！！

I appreciate your help/comments.Thank you!!!

推荐答案

嗯……这是一个棘手的问题.这是因为您无法控制服务器.如果您要求 A，您可能会收到 A，但您应该准备好收到 B、C 和 D……而您可能会错过 E.

Well... this is kind of a tricky question. This is because you've no control of the server. I you ask for A you might probably receive A but you should be prepared to receive B, C and D... and you will probably miss E.

我需要一种确定登录是否成功的可靠方法.

I need a sure shot way of determining if the login was successful.

根据您的评论，寻找欢迎<用户名>"字符串应该是相当肯定的出手.换句话说(更程序化的)，如果您在结果页面中有该字符串，那么您就已登录.这是您的必经之路.

Based on your comments, looking for the "Welcome <Username>" string should be quite sure shot. In other (more programmatic) words, if you you have that string in the result page then you are logged in. There is your sure shot.

现在，您已经提到在某些情况下您尝试登录但没有收到该字符串.在这些情况下，根据您的示例，您应该几乎始终不要登录.

Now, you've mentioned that there are cases in which you try to log in and you don't receive that string. In those cases, and based on your examples, you should almost always not be logged in.

但是，正如您所说，他们可以将字符串从欢迎，<用户名>"更改为到你又来了！"你会得到假阴性.但是，应用该逻辑时，您不太可能得到误报.

However, as you said, they can change that string from "Welcome, <Username>" to "There you are again!" and you will be getting false negatives. It is unlikely, however, that you ever get false positives applying that logic.

那么，有没有什么办法可以 100% 成功猜测用户是否登录，如果用户未登录，也可以 100% 成功猜测?不，没有.理解这一点的最简单方法是以类人的方式使用网络:

So, is there any way to have a 100% success on guessing if the user is logged in and also 100% success on guessing if the user is not logged in? No, there isn't. The simplest way to understand this is using the web in a human-like way:

场景 1:

1. 尝试登录
2. 您看到一个红色标签，上面写着用户和密码不正确
3. 你推断你没有登录.你是对的

场景 2:

1. 尝试登录
2. 您会看到欢迎<用户名>"
3. 您推断您已登录.您是对的

场景 3:

1. 尝试登录
2. 您会收到启用 javascript"消息
3. 您推断您没有登录.然而，这恰好是来自服务器的建议，您实际上已登录.您刷新页面，然后您看到欢迎.所以在这里您即使作为人类也失败了

场景 4:

1. 尝试登录
2. 超时
3. 您推断您没有登录.但是，登录请求到达了让您登录的服务器，当服务器回复 HtmlPage 时，您的互联网连接、ISP 或只是 互联网 中断了关闭一毫秒，您的数据包丢失了.所以在这里你即使作为人类也失败了

1. Try to log in
2. You get a timeout
3. You infer you are not logged in. However, the login request got to the server logged you in and when the server answered back with the HtmlPage your internet connection, ISP, or just the Internet broke down for a millisecond and your packet got lost. So here you failed even as a human

这些只是几个场景，但还有更多.现在想一想:即使是人头骗子也不能 100% 确定登录试验的结果……我们怎么能期望无头浏览器呢?:)

Those are just a few scenarios but there are many more. Now think of this: even a human head con not be 100% sure of the result of a log in trial... how can we expect a headless browser to be? :)

这篇关于HTMLUnit:确定“登录"是否正确那是成功的的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！