使用Apache HttpClient进行抢占式基本身份验证4

3回答

FFIVE

如果没有每次传递上下文都很难做到这一点，但你可以通过使用请求拦截器来做到这一点。这是我们使用的一些代码（从他们的JIRA，iirc中找到）：// Pre-emptive authentication to speed things upBasicHttpContext localContext = new BasicHttpContext();BasicScheme basicAuth = new BasicScheme();localContext.setAttribute("preemptive-auth", basicAuth);httpClient.addRequestInterceptor(new PreemptiveAuthInterceptor(), 0);(...)static class PreemptiveAuthInterceptor implements HttpRequestInterceptor {     public void process(final HttpRequest request, final HttpContext context) throws HttpException, IOException {         AuthState authState = (AuthState) context.getAttribute(ClientContext.TARGET_AUTH_STATE);         // If no auth scheme avaialble yet, try to initialize it         // preemptively         if (authState.getAuthScheme() == null) {             AuthScheme authScheme = (AuthScheme) context.getAttribute("preemptive-auth");             CredentialsProvider credsProvider = (CredentialsProvider) context.getAttribute(ClientContext.CREDS_PROVIDER);             HttpHost targetHost = (HttpHost) context.getAttribute(ExecutionContext.HTTP_TARGET_HOST);             if (authScheme != null) {                 Credentials creds = credsProvider.getCredentials(new AuthScope(targetHost.getHostName(), targetHost.getPort()));                 if (creds == null) {                     throw new HttpException("No credentials for preemptive authentication");                 }                 authState.setAuthScheme(authScheme);                 authState.setCredentials(creds);             }         }     }}

0 0

胡说叔叔

如果您希望强制HttpClient 4通过单个请求进行身份验证，则以下内容将起作用：String username = ...String password = ...UsernamePasswordCredentials creds = new UsernamePasswordCredentials(username, password);HttpRequest request = ...request.addHeader(new BasicScheme().authenticate(creds, request));

0 0

眼眸繁星

这与Mat的Mannion相同，但您不必将localContext放到每个请求中。它更简单，但它为所有请求添加了身份验证。如果您无法控制单个请求，则非常有用，就像我在使用内部使用HttpClient的Apache Solr时一样。import org.apache.http.HttpException;import org.apache.http.HttpHost;import org.apache.http.HttpRequest;import org.apache.http.HttpRequestInterceptor;import org.apache.http.auth.AuthScope;import org.apache.http.auth.AuthState;import org.apache.http.auth.Credentials;import org.apache.http.client.CredentialsProvider;import org.apache.http.client.protocol.ClientContext;import org.apache.http.impl.auth.BasicScheme;import org.apache.http.protocol.ExecutionContext;import org.apache.http.protocol.HttpContext;httpClient.addRequestInterceptor(new PreemptiveAuthInterceptor(), 0);(...)static class PreemptiveAuthInterceptor implements HttpRequestInterceptor {     public void process(final HttpRequest request, final HttpContext context) throws HttpException, IOException {         AuthState authState = (AuthState) context.getAttribute(ClientContext.TARGET_AUTH_STATE);         // If no auth scheme available yet, try to initialize it         // preemptively         if (authState.getAuthScheme() == null) {             CredentialsProvider credsProvider = (CredentialsProvider) context.getAttribute(ClientContext.CREDS_PROVIDER);             HttpHost targetHost = (HttpHost) context.getAttribute(ExecutionContext.HTTP_TARGET_HOST);             Credentials creds = credsProvider.getCredentials(new AuthScope(targetHost.getHostName(), targetHost.getPort()));             if (creds == null) {                 throw new HttpException("No credentials for preemptive authentication");             }             authState.setAuthScheme(new BasicScheme());             authState.setCredentials(creds);         }     }}当然，您必须设置凭证提供程序：httpClient.getCredentialsProvider().setCredentials(                 new AuthScope(url.getHost(), url.getPort()),                 new UsernamePasswordCredentials(username, password))将AuthScope不能包含的境界，因为它是事先不知道。

0 0