如何使用 Apache HttpClient 4.2.1 或 > 对网站进行身份验证? [英] How to Authenticate Against Website Using Apache HttpClient 4.2.1 or >?

问题描述

我是 http 编程的新手，我正在尝试针对不使用 API 的网站进行身份验证，但遇到了一些问题.我发现了一些其他问题，似乎与我的相似，但没有一个对我有用.

I'm new to http programming and I'm attempting to authenticate against a website that doesn't use an API and I'm having some trouble. I found a few other questions that seemed to be similar to mine, but none had an answer that worked for me.

我尝试了几种不同的方法，但还没有找到一种有效的方法.实际上，我曾经为我工作过一次，但没有检查该代码(我知道 - 我在想什么?).我无法再次回到那个工作版本.以下是我迄今为止尝试过的一些方法:

I've tried several different approaches but haven't found one that works yet. Actually, I had it work for me once, but didn't check in that code (I know - what was I thinking?). I haven't been able to get back to that working version again. Here are a few things that I've tried so far:

    HttpClient client = new DefaultHttpClient(); //or any method to get a client instance, with a 'threadsafe' connection manager or otherwise
    Credentials credentials = new UsernamePasswordCredentials(userName, passwd);
    ((DefaultHttpClient) client).getCredentialsProvider()
                                .setCredentials(AuthScope.ANY, credentials);

// website is defined as my target website & this constitutes the valid login URL
    HttpPost post = new HttpPost(https + website + "/login");
    HttpEntity entity = new StringEntity("Username="+ userName +"&Password="+ passwd);
    post.setEntity(entity);

    HttpResponse response = client.execute(post);
    EntityUtils.consume(entity);
    entity = response.getEntity();
    EntityUtils.consume(entity);

// the protected part of the site is over http after authentication succeeds
    HttpGet get = new HttpGet(http + website +"/protected");
    response = client.execute(get);
    entity = response.getEntity();
    String content = EntityUtils.toString(entity);

此时我从网站返回的实体"是错误":未经授权的访问".

At this point the 'entity' I get back from the website is "error":"Unauthorized Access."

您会注意到我有一个凭据"实例被传递给了 HttpClient 并且我还把用户名 &HttpPost 实体中的密码.我分别尝试了这些方法中的每一种，它们都返回了错误":未经授权的访问".结果.

You'll notice that I have a 'Credentials' instance being passed to the HttpClient and I'm also putting the user name & password in the HttpPost entity. I tried each of these approaches separately and they both returned the "error":"Unauthorized Access." result.

我尝试过使用单线程连接管理器的 DefaultHttpClient 以及ThreadSafeClientConnManager"，但都没有奏效.

I've tried the DefaultHttpClient, which uses a single thread connection manager, as well as 'ThreadSafeClientConnManager' and neither worked.

推荐答案

首先尝试使用此 url 登录(先将 url 复制到 textpad 或其他内容 - 然后编辑它):

first try to login using this url (copy the url to textpad or something first - then edit it):

https://www.centraldispatch.com/login?uri=%2Fprotected%2F&Username=XXX&Password=YYY

只需用您的真实用户/密码替换 XXX 和 YYY - 确保它有效.

Just replace the XXX and YYY with your real user/pass - make sure it works.

然后使用:

List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>(1);
nameValuePairs.add(new BasicNameValuePair("Username","Your username"));
nameValuePairs.add(new BasicNameValuePair("Password","Your password"));
post.setEntity(new UrlEncodedFormEntity(nameValuePairs));
HttpResponse response = client.execute(post);
BufferedReader rd = new BufferedReader(new InputStreamReader(
   response.getEntity().getContent()));
   String line = "";
   while ((line = rd.readLine()) != null) {
      System.out.println(line);
   }

这篇关于如何使用 Apache HttpClient 4.2.1 或 > 对网站进行身份验证?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！