1. 首頁
  2. 問答
  3. HTTP/1.1 401需要授權使用的HttpClient 4.1.1

HTTP/1.1 401需要授權使用的HttpClient 4.1.1

2011-07-01 23 views
1 
Updated Code:- Using SSL, still am getting the same error..

我試圖打開這個URIHTTP/1.1 401需要授權使用的HttpClient 4.1.1

https://some-host/a/getmeta?id=10 (this url is passed to proxi.jsp page)

,這是我proxi.jsp頁,我收到此錯誤HTTP/1.1 401授權要求,當我通過我的憑證。爲什麼會發生這種情況..並且該網站使用siteminder。

<%@ page language="java" import=" 
org.apache.http.HttpEntity, 
org.apache.http.HttpResponse, 
org.apache.http.auth.AuthScope, 
org.apache.http.auth.UsernamePasswordCredentials, 
org.apache.http.client.methods.HttpPost, 
org.apache.http.client.methods.HttpGet, 
org.apache.http.impl.client.DefaultHttpClient, 
org.apache.http.util.EntityUtils, 
java.io.InputStream, 
java.io.InputStreamReader, 
java.io.BufferedReader, 
java.security.KeyStore, 
java.io.FileInputStream, 
java.io.File, 
org.apache.http.conn.ssl.SSLSocketFactory, 
org.apache.http.conn.scheme.Scheme, 
javax.net.ssl.HostnameVerifier, 
org.apache.http.impl.conn.SingleClientConnManager, 
javax.net.ssl.HttpsURLConnection, 
org.apache.http.conn.scheme.SchemeRegistry, 
javax.net.ssl.SSLContext, 
java.security.cert.X509Certificate, 
javax.net.ssl.X509TrustManager, 
javax.net.ssl.TrustManager, 
org.apache.http.conn.ClientConnectionManager, 
java.security.cert.CertificateException, 
org.apache.http.conn.scheme.Scheme" 
contentType="text/html; charset=ISO-8859-1" 
pageEncoding="ISO-8859-1"%> 

    <% 
    String a_Url = request.getParameter("url") ; 

    DefaultHttpClient httpclient = new DefaultHttpClient(); 
    try { 
     httpclient.getCredentialsProvider().setCredentials(
       new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, "realm"), 
       new UsernamePasswordCredentials("test", "pass")); 


     KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); 
     //FileInputStream instream = new FileInputStream(new File("my.keystore")); 
     InputStream instream = Thread.currentThread().getContextClassLoader().getResourceAsStream("my.keystore"); 
     try { 
      trustStore.load(instream, "nopassword".toCharArray()); 
     } finally { 
      try { instream.close(); } catch (Exception ignore) {} 
     } 
    /* 
     SSLSocketFactory socketFactory = new SSLSocketFactory(trustStore); 
     Scheme sch = new Scheme("https", 443, socketFactory); 
     httpclient.getConnectionManager().getSchemeRegistry().register(sch); 
     */ 



     SSLContext ctx = SSLContext.getInstance("TLS"); 
     X509TrustManager tm = new X509TrustManager() { 

     public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException { 
     } 

     public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException { 
     } 

     public X509Certificate[] getAcceptedIssuers() { 
     return null; 
     } 
     }; 
     ctx.init(null, new TrustManager[]{tm}, null); 
     SSLSocketFactory ssf = new SSLSocketFactory(ctx); 
     ssf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); 
     ClientConnectionManager ccm = httpclient.getConnectionManager(); 
     SchemeRegistry sr = ccm.getSchemeRegistry(); 
     sr.register(new Scheme("https", ssf, 443)); 




     HttpGet httpget = new HttpGet(a_Url); 



     System.out.println("executing request" + httpget.getRequestLine()); 
     HttpResponse res = httpclient.execute(httpget); 

     HttpEntity entity = res.getEntity(); 

     System.out.println("----------------------------------------"); 
     System.out.println(res.getStatusLine()); 
     if (entity != null) { 

      System.out.println("Response content length: " + entity.getContentLength()); 
      InputStream input = entity.getContent(); 
      BufferedReader reader = new BufferedReader(new InputStreamReader(input)); 
      String ln = ""; 
      while((ln = reader.readLine()) != null) { 
       out.println("During Get - " + ln); 
      } 
      entity.consumeContent(); 
     } 
     EntityUtils.consume(entity); 
    } 

    catch (Throwable t) { 
     StackTraceElement[] x = t.getStackTrace(); 
     for(int k=0;k<x.length;k++) { 
      out.println(x[k].toString()); 
     } 
     //out.println(); 
     t.printStackTrace(); 
    } 


    finally { 
     // When HttpClient instance is no longer needed, 
     // shut down the connection manager to ensure 
     // immediate deallocation of all system resources 
     httpclient.getConnectionManager().shutdown(); 
    } 


    %>

來源

2011-07-01 ferhan

+0

你一定的憑據是正確的? – laz

+0

@拉斯,是的,他們是正確的..任何代碼錯誤..? – ferhan

回答

0

您正在訪問安全站點,但在您的HttpClient代碼中看不到任何SSL處理。你可以看看this page,並填寫適當的差距後在獨立客戶端嘗試嗎?

來源

2011-07-01 18:48:33

+0

我在工作4.1.1而不是3.1。任何其他建議? – ferhan

+0

此鏈接的SSL/TLS自定義部分:http://hc.apache.org/httpcomponents-client-ga/tutorial/html/connmgmt.html#d4e523可能會有所幫助。 –

+0

沒有太大的幫助:( – ferhan

0

首先從您發佈的代碼看來,您似乎沒有配置http客戶端來使用HTTPS。
你缺少類似於下面的代碼(至少org.apache.http.client.HttpClient):

SSLSocketFactory sf = new SSLSocketFactory(sslcontext); 
Scheme https = new Scheme("https", sf, 443); 
httpclient.getConnectionManager().getSchemeRegistry().register(https);

你必須檢查出DefaultHttpClient
教程在任何情況下,看看發生了什麼事情,你可以像使用嗅探工具Wireshark的。
SSL握手是可見的,您將能夠看到連接失敗並理解原因。

來源

2011-07-01 21:36:02 Cratylus

+0

所以如何使用wireshark的..任何建議將不勝感激..? – ferhan

+0

你是什麼意思?啓動wireshark(http://www.wireshark.org/download.html),開始捕獲,過濾你的客戶端和服務器的IP,並看到交通。但你的問題已經是錯誤的。你沒有在客戶端 – Cratylus

+0

的連接中使用SSL,並且該站點還需要siteminder身份驗證..因此沒有任何相關與?? – ferhan

0

除非您確定"realm"是該構造函數中的適當值,否則建議將其除去或確定實際值應爲多少。

來源

2011-07-01 23:43:07 laz

+0

我有一個模式懷疑..如果我不想使用我的用戶名並在該jsp頁面的密碼..那麼是否有任何其他方式來傳遞憑據登錄到該頁面...作爲傳遞用戶名和passowrd在該jsp頁面不是最好的方式......對嗎?任何人都可以打開文件並查看用戶名和密碼??讓我知道什麼可以是另一種選擇... – ferhan

+0

不知道更多關於你正在努力完成什麼,我只能說,還有其他的方式來提供用戶名和密碼。您也將相當多的Java代碼放入JSP中,這很快就會變得難以維護。 – laz

+0

我想要做的只是嘗試使用我的上述jsp頁面獲取一個頁面的內容,並且該頁面需要身份驗證。因此,在該jsp頁面中傳遞用戶名和密碼不是一個好方法。所以任何其他方式..像會議某種?因爲任何人都可以通過打開該文件來查看用戶名和密碼。 – ferhan

0

更改以下行:new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, "realm")

以下行:

new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, AuthScope.ANY_REALM)

來源

2012-03-24 01:33:33 bytebiscuit

相關問題

 相關問題