堆栈内存溢出
  简体   繁体   English

如何设置java.net.URLConnection对象以确保后续对同一URL的调用不会共享会话数据?

[英]how to dispose a java.net.URLConnection object in order to ensure that subsequent calls to the same URL don't share session data?

 原文  2013-07-24 17:59:11       java/ session/ https/ http-status-codes/ urlconnection

问题描述

I am having a problem calling the same https URL several times in a row. 我在连续多次调用相同的https URL时遇到问题。 The first requests are successful, but after an indeterminate amount of time, a 401 HTTP error code exception is thrown, suggesting that the user credentials are invalid. 最初的请求成功,但是经过一段不确定的时间后,抛出401 HTTP错误代码异常,表明用户凭据无效。

I discussed this problem with the person in charge of the database/server and he told me that the problem I was experiencing was normal because after some fixed amount of time, the server invalidates session data, causing subsequent calls to the same URL with the same user credentials to result in a 401 HTTP error code. 我与数据库/服务器负责人讨论了这个问题,他告诉我我遇到的问题是正常的,因为经过一段固定的时间后,服务器使会话数据无效,从而导致随后使用相同的URL调用相同的URL用户凭据以生成401 HTTP错误代码。

He indicated that if I let different URLConnection objects handle all the calls that need to be made, then I should not have to worry about expired session data. 他指出,如果我让不同的URLConnection对象处理所有需要进行的调用,那么我不必担心会话数据过期。

His explanation seems to make sense, but as the snippet of code below shows, I am already using a brand new URLConnection object for each request to the same url with the same user credentials. 他的解释似乎是有道理的,但是正如下面的代码片段所示,我已经在使用相同用户凭证的相同URL的每个请求中使用了全新的URLConnection对象。 So if what I was told is correct, then I guess that the problem is that the URLConnection objects are all using the same underlying connection and for that reason sharing the same session data. 因此,如果我被告知是正确的,那么我想问题是URLConnection对象都使用相同的基础连接,因此共享相同的会话数据。

Assuming that I am on the right track, how should I modify my code so that each time I make a new request to the same URL with the same user credentials I don't run into problems caused by expired session data? 假设我走了正确的路,应该如何修改代码,以便每次使用相同的用户凭据向相同的URL发出新请求时,我都不会遇到会话数据过期引起的问题? Is it just a matter of calling disconnect() on the underlying HttpsURLConnection object? 仅仅是在基础HttpsURLConnection对象上调用disconnect()的问题吗? 

public static void main(String[] args)
{
    String url = "https://...";//some https url
    int x = 0;
    while(true)
    {
        try
        {
            System.out.print("call#: " + (++x));

            //call download() with a valid username & password
            String result = download(url, "some-valid-username", "some-valid-password");
            System.out.println(result);
        }
        catch(Throwable e)
        {
            //after hundreds of successful calls,
            //a 401 HTTP error code exception
            e.printStackTrace();
            break;
        }
    }
}

public static String download(String url, String user, String pass) throws IOException
{
    //new URLConnection object
    java.net.URLConnection connection = new java.net.URL(url).openConnection();
    connection.setRequestProperty("Authorization",
            "Basic " +
                javax.xml.bind.DatatypeConverter.printBase64Binary(
                        (user + ":" + pass).getBytes("UTF-8")));

    //get response
    InputStream is = null;
    byte[] response = null;
    try
    {
        is = connection.getInputStream();
        ByteArrayOutputStream stream = new ByteArrayOutputStream();
        byte[] bytes = new byte[16384];
        int x = 0;
        while((x = is.read(bytes, 0, bytes.length)) != -1){
            stream.write(bytes, 0, x);
        }
        stream.flush();
        response = stream.toByteArray();
    }
    finally
    {
        if (is != null)
        {
            is.close();
        }
    }
    //((javax.net.ssl.HttpsURLConnection)connection).disconnect();// ?

    return response != null ? new String(response, "UTF-8") : null;
}

1 个解决方案

解决方案1
 1 已采纳  2013-07-24 18:36:55

Based on your login credentials server will create the session id and that will maintain by the server. 服务器将根据您的登录凭据创建会话ID,并由服务器维护。 Your subsequent calls will be validated against the session id not by your credentials. 您的后续通话将根据会话ID而不是您的凭据进行验证。 You need to get the session id at first time and maintain with in your application. 您需要在第一时间获取会话ID并在您的应用程序中进行维护。 Pass that to server for subsequent calls. 将其传递给服务器以进行后续调用。 The session will be expired after certain predifined time period if no request sent to the server. 如果没有任何请求发送到服务器,则该会话将在特定的预定时间段后过期。

Please read it 请阅读

http://en.wikipedia.org/wiki/Session_%28computer_science%29 http://en.wikipedia.org/wiki/Session_%28computer_science%29

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用java.net.URLConnection设置会话属性? - how do you set session attributes with java.net.URLConnection? 使用带有GET的java.net.URLConnection,如何获取重定向URL? - Using java.net.URLConnection with a GET, how to get redirect URL? java.net.URL和java.net.URLConnection的奇怪问题 - strange problem with java.net.URL and java.net.URLConnection 无法使用java.net.URLConnection在一个会话中使用不同的NTLM凭据进行身份验证 - Can't authenticate with different NTLM credentials in one session with java.net.URLConnection 如何使用 java.net.URLConnection 来触发和处理 HTTP 请求 - How to use java.net.URLConnection to fire and handle HTTP requests 如何在java.net.URLConnection上指定本地地址? - How can I specify the local address on a java.net.URLConnection? 等效于.NET中的java.net.URLConnection - Equivalent of java.net.URLConnection in .NET 设置java.net.URLConnection的最大超时 - Setting maximum timeout of java.net.URLConnection 帮助java.net.URLConnection超时? - Help with java.net.URLConnection timeout? java.net.URLConnection在做什么? - What is a java.net.URLConnection doing?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM