每个请求的 Apache HTTP 客户端 4.3 凭据 [英] Apache HTTP client 4.3 credentials per request

问题描述

我一直在查看摘要式身份验证示例:

I have been having a look to a digest authentication example at:

http://hc.apache.org/httpcomponents-client-4.3.x/examples.html

在我的场景中，有多个线程发出 HTTP 请求，每个线程都必须使用自己的一组凭据进行身份验证.此外，请考虑这个问题对于 Apache HTTP 客户端 4.3 以后可能非常具体，4.2 可能以不同的方式处理身份验证，尽管我自己没有检查.话虽如此，但实际问题来了.

In my scenario the there are several threads issuing HTTP requests and each of them has to be authenticated with their own set of credentials. Additionally, please consider this question is probably very specific for the Apache HTTP client 4.3 onwards, 4.2 handles authentication probably in a different way, although I didn't check it myself. That said, there goes the actual question.

我只想使用一个客户端实例(类的静态成员，即线程安全)并为其提供一个连接管理器以支持多个并发请求.关键是每个请求都将提供不同的凭据，并且我没有看到为每个请求分配凭据的方法，因为在构建 http 客户端时设置了凭据提供程序.来自上面的链接:

I want to use just one client instance (static member of the class, that is threadsafe) and give it a connection manager to support several concurrent requests. The point is that each request will provide different credentials and I am not seeing the way to assign credentials per request as the credentials provider is set when building the http client. From the link above:

[...]

    HttpHost targetHost = new HttpHost("localhost", 80, "http");
    CredentialsProvider credsProvider = new BasicCredentialsProvider();
    credsProvider.setCredentials(
            new AuthScope(targetHost.getHostName(), targetHost.getPort()),
            new UsernamePasswordCredentials("username", "password"));
    CloseableHttpClient httpclient = HttpClients.custom()
            .setDefaultCredentialsProvider(credsProvider).build();

[...]

检查:

http://hc.apache.org/httpcomponents-client-ga/tutorial/html/authentication.html#d5e600

点 4.4 中的代码示例(寻求 4.4. HTTP 身份验证和执行上下文)，似乎是说 HttpClientContext 被赋予身份验证缓存和凭据提供程序，然后传递给 HTTP 请求.在它旁边执行请求，似乎客户端将在 HTTP 请求中获得主机过滤的凭据.换句话说:如果上下文(或缓存)具有当前 HTTP 请求的目标主机的有效凭据，他将使用它们.我的问题是不同的线程会对同一个主机执行不同的请求.

The code sample in point 4.4 (seek 4.4. HTTP authentication and execution context), seems to say that the HttpClientContext is given the auth cache and the credentials provider and then is passed to the HTTP request. Next to it the request is executed and it seems that the client will get credentials filtering by the host in the HTTP request. In other words: if the context (or the cache) has valid credentials for the target host of the current HTTP request, he will use them. The problem for me is that different threads will perform different requests to the same host.

有没有办法为每个 HTTP 请求提供自定义凭据?

Is there any way to provide custom credentials per HTTP request?

提前感谢您的时间！:)

Thanks in advance for your time! :)

推荐答案

我的问题是不同的线程会对同一主机执行不同的请求.

The problem for me is that different threads will perform different requests to the same host.

为什么会出现这个问题?只要您为每个线程使用不同的 HttpContext 实例，这些线程的执行上下文将完全独立

Why should this be a problem? As long as you use a different HttpContext instance per thread, execution contexts of those threads are going to be completely indepenent

CloseableHttpClient httpclient = HttpClients.createDefault();
CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials("user:pass"));
HttpClientContext localContext = HttpClientContext.create();
localContext.setCredentialsProvider(credentialsProvider);

HttpGet httpget = new HttpGet("http://localhost/");

CloseableHttpResponse response = httpclient.execute(httpget, localContext);
try {
    EntityUtils.consume(response.getEntity());
} finally {
    response.close();
}

这篇关于每个请求的 Apache HTTP 客户端 4.3 凭据的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！