MD5签名HttpServletResponse [英] MD5 Signing a HttpServletResponse
问题描述
我正在寻找一种方法来检查 HttpServletResponse
的内容,并使用MD5哈希对它们进行签名。
伪代码可能看起来像这样
process(Response response,请求请求){
defaultProcessingFor(response,request);
dispatcher.handle(response,request);
//这里我想读取Response对象的内容(现在用数据填充)以创建一个MD5哈希值并将其添加到头中。
$ / code>
这可能吗?
是的,这是可能的。您需要在 HttpServletResponseWrapper
其中您将 ServletOutputStream
与一个自定义实现将字节写入MD5摘要和原始输出流。最后提供一个访问器来获得最终的MD5总和。
更新我只是为了好玩而玩了一下,这是一个开创性的例子: / p>
响应包装:
public class MD5ServletResponse extends HttpServletResponseWrapper {
private final MD5ServletOutputStream输出;
私人最终PrintWriter作家;
public MD5ServletResponse(HttpServletResponse响应)抛出IOException {
super(response);
output = new MD5ServletOutputStream(response.getOutputStream());
writer = new PrintWriter(output,true);
}
public PrintWriter getWriter()抛出IOException {
return writer;
}
public ServletOutputStream getOutputStream()抛出IOException {
return output;
}
public byte [] getHash(){
return output.getHash();
}
}
MD5输出流:
public class MD5ServletOutputStream extends ServletOutputStream {
private final ServletOutputStream output;
private final MessageDigest md5;
{
try {
md5 = MessageDigest.getInstance(MD5);
} catch(NoSuchAlgorithmException e){
抛出新的ExceptionInInitializerError(e);
$ b $ public MD5ServletOutputStream(ServletOutputStream输出){
this.output = output;
}
public void write(int i)throws IOException {
byte [] b = {(byte)i};
md5.update(b);
output.write(b,0,1);
}
public byte [] getHash(){
return md5.digest();
}
}
如何使用它:
//使用它包装原始响应:
MD5ServletResponse md5response = new MD5ServletResponse(response);
//现在只需使用md5response来代替或响应,例如:
dispatcher.handle(request,md5response);
//然后得到散列,例如:
byte [] hash = md5response.getHash();
StringBuilder hashAsHexString = new StringBuilder(hash.length * 2);
for(byte b:hash){
hashAsHexString.append(String.format(%02x,b));
}
System.out.println(hashAsHexString); //示例af28cb895a479397f12083d1419d34e7。
I'm looking for a way to inspect the contents of a HttpServletResponse
to sign them with a MD5 hash.
The pseudocode might look like this
process(Response response, Request request){
defaultProcessingFor(response,request);
dispatcher.handle(response,request);
// Here I want to read the contents of the Response object (now filled with data) to create a MD5 hash with them and add it to a header.
}
Is that possible?
Yes, that's possible. You need to decorate the response with help of HttpServletResponseWrapper
wherein you replace the ServletOutputStream
with a custom implementation which writes the bytes to both the MD5 digest and the "original" outputstream. Finally provide an accessor to obtain the final MD5 sum.
Update I just for fun played a bit round it, here's a kickoff example:
The response wrapper:
public class MD5ServletResponse extends HttpServletResponseWrapper {
private final MD5ServletOutputStream output;
private final PrintWriter writer;
public MD5ServletResponse(HttpServletResponse response) throws IOException {
super(response);
output = new MD5ServletOutputStream(response.getOutputStream());
writer = new PrintWriter(output, true);
}
public PrintWriter getWriter() throws IOException {
return writer;
}
public ServletOutputStream getOutputStream() throws IOException {
return output;
}
public byte[] getHash() {
return output.getHash();
}
}
The MD5 outputstream:
public class MD5ServletOutputStream extends ServletOutputStream {
private final ServletOutputStream output;
private final MessageDigest md5;
{
try {
md5 = MessageDigest.getInstance("MD5");
} catch (NoSuchAlgorithmException e) {
throw new ExceptionInInitializerError(e);
}
}
public MD5ServletOutputStream(ServletOutputStream output) {
this.output = output;
}
public void write(int i) throws IOException {
byte[] b = { (byte) i };
md5.update(b);
output.write(b, 0, 1);
}
public byte[] getHash() {
return md5.digest();
}
}
How to use it:
// Wrap original response with it:
MD5ServletResponse md5response = new MD5ServletResponse(response);
// Now just use md5response instead or response, e.g.:
dispatcher.handle(request, md5response);
// Then get the hash, e.g.:
byte[] hash = md5response.getHash();
StringBuilder hashAsHexString = new StringBuilder(hash.length * 2);
for (byte b : hash) {
hashAsHexString.append(String.format("%02x", b));
}
System.out.println(hashAsHexString); // Example af28cb895a479397f12083d1419d34e7.
这篇关于MD5签名HttpServletResponse的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!