[英]Jersey-client basic authentication
I'm trying to send a REST-request over HTTPS that includes basic authentication in the HTTP header, the problem seem to be that the authentication does not get inserted into the header.我正在尝试通过 HTTPS 发送 REST 请求,其中包括 HTTP 标头中的基本身份验证,问题似乎是身份验证没有插入到标头中。
HttpAuthenticationFeature feature = HttpAuthenticationFeature
.basicBuilder().build();
Client client = ClientBuilder.newBuilder().sslContext(getSSLContext())
.hostnameVerifier(getHostNameVerifier()).build();
client.register(feature);
client.register(new LoggingFilter());
try
{
String entity = client
.target(url)
.request(MediaType.APPLICATION_XML)
.property(
HttpAuthenticationFeature.HTTP_AUTHENTICATION_BASIC_USERNAME,
"username")
.property(
HttpAuthenticationFeature.HTTP_AUTHENTICATION_BASIC_PASSWORD,
"password").get(String.class);
System.out.println(entity);
} catch (WebApplicationException e)
{
ByteArrayInputStream in = (ByteArrayInputStream) e.getResponse()
.getEntity();
int n = in.available();
byte[] bytes = new byte[n];
in.read(bytes, 0, n);
String entity = new String(bytes, StandardCharsets.UTF_8);
System.out.println(entity);
}
What the log says:日志说的是:
Jun 16, 2015 2:06:53 PM org.glassfish.jersey.filter.LoggingFilter log
INFO: 1 * Sending client request on thread JavaFX Application Thread
1 > GET https://url
1 > Accept: application/xml
Jun 16, 2015 2:06:53 PM org.glassfish.jersey.filter.LoggingFilter log
INFO: 2 * Client response received on thread JavaFX Application Thread
2 < 403
2 < Connection: Keep-Alive
2 < Content-Length: 240
2 < Content-Type: text/html; charset=iso-8859-1
2 < Date: Tue, 16 Jun 2015 12:06:53 GMT
2 < Keep-Alive: timeout=15, max=100
And the result code is just 403 Forbidden.结果代码只是 403 Forbidden。
If I remove the line client.register(feature);
如果我删除行client.register(feature);
the line 2 < WWW-authenticate: basic realm="/"
gets added to the end of the log and the result code is 401 Authorization Requried instead of 403.第2 < WWW-authenticate: basic realm="/"
行2 < WWW-authenticate: basic realm="/"
被添加到日志的末尾,结果代码是 401 Authorization Requried 而不是 403。
The REST-request works fine when using HTTP Requester in FireFox.在 FireFox 中使用 HTTP 请求程序时,REST 请求工作正常。
I guess I'm just missing something somewhere?我想我只是在某处丢失了一些东西?
If you are required to use Pre-Jersey 2.X this is quite difficult, as is apparent.如果您需要使用 Pre-Jersey 2.X,这很困难,这很明显。 If you need to do HTTPS (SSL) Basic Authentication then it gets ridiculously easy with Jersey 2.X onwards.如果您需要进行 HTTPS (SSL) 基本身份验证,那么从 Jersey 2.X 开始,它变得非常容易。
These instructions are using Jersey 2.25.1:这些说明使用 Jersey 2.25.1:
Sample code for building WebTarget and Client with SSLContext:使用 SSLContext 构建 WebTarget 和客户端的示例代码:
HttpAuthenticationFeature auth = HttpAuthenticationFeature.basic("admin", password);
SslConfigurator config = SslConfigurator.newInstance()
.keyStoreFile("C:\Program Files\Java\jdk\jre\lib\security\cacerts")
.keyPassword("changeit");
SSLContext sslContext = config.createSSLContext();
Client client = ClientBuilder.newBuilder()
.sslContext(sslContext)
.register(SseFeature.class)
.register(auth)
.build();
WebTarget target = client.target(sourcePath);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.