每个请求的Apache HTTP客户端4.3凭据 [英] Apache HTTP client 4.3 credentials per request

问题描述

我一直在查看摘要身份验证示例：

I have been having a look to a digest authentication example at:

http://hc.apache.org/httpcomponents-client-4.3.x/examples.html

在我的场景中，有几个线程发出HTTP请求，并且每个线程都必须使用自己的一组凭据进行身份验证。另外，请考虑这个问题可能非常特定于Apache HTTP客户端4.3以后，4.2可能以不同的方式处理身份验证，虽然我自己没有检查它。那就是实际的问题。

In my scenario the there are several threads issuing HTTP requests and each of them has to be authenticated with their own set of credentials. Additionally, please consider this question is probably very specific for the Apache HTTP client 4.3 onwards, 4.2 handles authentication probably in a different way, although I didn't check it myself. That said, there goes the actual question.

我想只使用一个客户端实例（类的静态成员，即线程安全），并给它一个连接管理器支持多个并发请求。关键是每个请求都将提供不同的凭据，我没有看到为每个请求分配凭据的方法，因为在构建http客户端时设置了凭据提供程序。从上面的链接：

I want to use just one client instance (static member of the class, that is threadsafe) and give it a connection manager to support several concurrent requests. The point is that each request will provide different credentials and I am not seeing the way to assign credentials per request as the credentials provider is set when building the http client. From the link above:

[...]

    HttpHost targetHost = new HttpHost("localhost", 80, "http");
    CredentialsProvider credsProvider = new BasicCredentialsProvider();
    credsProvider.setCredentials(
            new AuthScope(targetHost.getHostName(), targetHost.getPort()),
            new UsernamePasswordCredentials("username", "password"));
    CloseableHttpClient httpclient = HttpClients.custom()
            .setDefaultCredentialsProvider(credsProvider).build();

[...]

检查：

http://hc.apache.org/httpcomponents-client-ga/tutorial/html/authentication.html#d5e600

代码示例在4.4（寻找 4.4.HTTP认证和执行上下文）中，似乎说HttpClientContext被赋予了auth cache和凭证提供者，然后被传递给HTTP请求。在它旁边执行请求，似乎客户端将在HTTP请求中获得主机的凭据过滤。换句话说：如果上下文（或缓存）具有当前HTTP请求的目标主机的有效凭据，则他将使用它们。对我来说问题是不同的线程会对同一主机执行不同的请求。

The code sample in point 4.4 (seek 4.4. HTTP authentication and execution context), seems to say that the HttpClientContext is given the auth cache and the credentials provider and then is passed to the HTTP request. Next to it the request is executed and it seems that the client will get credentials filtering by the host in the HTTP request. In other words: if the context (or the cache) has valid credentials for the target host of the current HTTP request, he will use them. The problem for me is that different threads will perform different requests to the same host.

有没有办法为每个HTTP请求提供自定义凭据？

Is there any way to provide custom credentials per HTTP request?

提前感谢您的时间！ ：）

Thanks in advance for your time! :)

推荐答案

我的问题是不同的线程会对同一主机执行不同的请求。

The problem for me is that different threads will perform different requests to the same host.

为什么这会出现问题？只要你为每个线程使用不同的HttpContext实例，这些线程的执行上下文将完全独立

Why should this be a problem? As long as you use a different HttpContext instance per thread, execution contexts of those threads are going to be completely indepenent

CloseableHttpClient httpclient = HttpClients.createDefault();
CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials("user:pass"));
HttpClientContext localContext = HttpClientContext.create();
localContext.setCredentialsProvider(credentialsProvider);

HttpGet httpget = new HttpGet("http://localhost/");

CloseableHttpResponse response = httpclient.execute(httpget, localContext);
try {
    EntityUtils.consume(response.getEntity());
} finally {
    response.close();
}

这篇关于每个请求的Apache HTTP客户端4.3凭据的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！