如何使用Android的httpURLconnection设置授权标头 [英] how to set authorization header with android's httpURLconnection
问题描述
我正在尝试使用基本身份验证连接到服务器,但是当我设置Authorization标头时,它将导致getInputStream引发fileNotFound异常.
I am attempting to connect to my server using basic authentication, but when I set the Authorization header, it causes getInputStream to throw a fileNotFound exception.
以下是相关代码:
URL url = new URL(myurl);
//set up the connection
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setReadTimeout(10000);//this is in milliseconds
conn.setConnectTimeout(15000);//this is in milliseconds
String authHeader = getAuthHeader(userID,pass);
conn.setRequestMethod("GET");
conn.setDoInput(true);
conn.setRequestProperty("authorization", authHeader);
//starts the query
conn.connect();
int response = conn.getResponseCode();
is = conn.getInputStream(); //throws the fileNotFound exception
这是引发的异常:
java.io.FileNotFoundException: http://<myIPaddress>/login/
奇怪的是,我发现如果尝试将request属性设置为"authorization"或"Authorization"或该单词的任何变体,只会引发 异常.如果将其设置为"content-type"或"authosodifjsodfjs"(随机字符串),则不会抛出 ,如下所示:
Weirdly enough, I have found that the fileNotFound exception is only thrown if I try to set the request property to "authorization" or "Authorization" or any variation of that word. it is not thrown if I set it to "content-type" or "authosodifjsodfjs" (a random string), as here:
conn.setRequestProperty("content-type",authHeader)//no exception thrown
conn.setRequestProperty("authosodifjsodfjs",authHeader)//no exception thrown
如果未设置此标头,则可以使用此代码连接到服务器,并获得期望的正确访问拒绝消息. 如果我使用python的请求"模块,我还可以连接到服务器并正确登录,因此服务器不是问题.
If I don't set this header, I am able to connect to the server with this code and get the proper access-denied message that I am expecting. I am also able to connect to the server and login properly if I use python's "requests" module, so it is not a problem with the server.
所以我的问题如下:
1)将request属性设置为"authorization"时,如果做错了什么?如何正确设置auth标头?
1) what, if anything, am I doing wrong when setting the request property as "authorization"? how do I set the auth header properly?
2)如果这是HttpURLConnection的错误,如何提交错误报告?
2) if this is a bug with HttpURLConnection, how do I file a bug report?
谢谢.
建议从以下位置切换:
conn.setRequestProperty("Authorization", authHeader);
收件人:
conn.addRequestProperty("Authorization", authHeader);
这不能解决问题.它仍然抛出相同的异常.
This did not fix the problem. It is still throwing the same exception.
仍然不确定为什么授权"和授权"会导致fileNotFounExceptions,但是使用所有大写字母似乎可以正常工作.这是闪亮的新工作代码:
still not sure why "Authorization" and "authorization" are causing fileNotFounExceptions, but using all caps seems to work properly. here is the shiny new working code:
conn.setRequestProperty("AUTHORIZATION",authHeader);
所以看起来它需要全部大写. "HTTP_"将自动添加到该标头的前面,因此服务器将看到的标头是"HTTP_AUTHORIZATION",即应该是这样.
so it looks like it needs to be all caps. "HTTP_" will be automattically added to the front of this header, so the header that the server will see is "HTTP_AUTHORIZATION", which is what it should be.
推荐答案
这是我的OAuth代码的一部分,该代码设置了Authorization标头:
Here is part of my OAuth code which sets Authorization header:
httpUrlConnection.setUseCaches(false);
httpUrlConnection.setRequestProperty("User-Agent", "MyAgent");
httpUrlConnection.setConnectTimeout(30000);
httpUrlConnection.setReadTimeout(30000);
String baseAuthStr = APIKEY + ":" + APISECRET;
httpUrlConnection.addRequestProperty("Authorization", "Basic " + baseAuthStr);
httpUrlConnection.addRequestProperty("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");
httpUrlConnection.connect();
这篇关于如何使用Android的httpURLconnection设置授权标头的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
