简体繁体 English

维护客户端HTTP客户端-服务器连接的正确方法？

[英]Proper way to maintain client http client-server connection?

原文 2012-04-12 16:45:34 2 3 java/ android/ google-app-engine/ servlets/ client-server

I'm trying to build an Android application in which the client authenticating to the server from the application and after the auth the client sends and receives messages from the server. 我正在尝试构建一个Android应用程序，在该应用程序中，客户端从应用程序向服务器进行身份验证，并且在身份验证后，客户端从服务器发送和接收消息。 my server is google app engine server so i'm using Http request (doPost) for communication. 我的服务器是Google App Engine服务器，所以我正在使用Http请求（doPost）进行通信。

the goals I have already completed are: 我已经完成的目标是：
1. creating client profile. 1.创建客户资料。
2. sending to the server profile data 2.向服务器发送配置文件数据
3. storing the profile at the server 3.将配置文件存储在服务器上
4. log-in registered profile from the db at the server 4.从服务器上的数据库登录注册的配置文件
5. sending the client ok message for good auth. 5.发送客户端ok消息以获取良好的身份验证。

now my question is how do I maintain this connection? 现在我的问题是如何维持这种联系？
because it is http connection after a minute or two i'm not sure the connection will be timed-out. 因为一两分钟后是http连接，所以我不确定连接是否会超时。 and doing the auth again include accessing the db again seems wrong.. what is the proper way to do this. 并再次进行身份验证，包括再次访问数据库似乎是错误的..什么是正确的方法 code examples or good tutorials will be appreciated. 代码示例或良好的教程将不胜感激。
Thanks. 谢谢。

3 个解决方案

you can create Http session on server for each client on successful login and for every subsequent request from client just get session already created. 您可以在服务器上为成功登录的每个客户端创建Http会话，并且对于客户端的每个后续请求，只需获取已创建的会话即可。 Furthermore, you can persist client specific data in session.Here the link http://www.apl.jhu.edu/~hall/java/Servlet-Tutorial/Servlet-Tutorial-Session-Tracking.html . 此外，您可以将特定于客户端的数据保留在会话中。此处为链接http://www.apl.jhu.edu/~hall/java/Servlet-Tutorial/Servlet-Tutorial-Session-Tracking.html 。 Then you can specify timeout in web.xml on server side. 然后，您可以在服务器端的web.xml中指定超时。 Hope this will help 希望这会有所帮助

HTTP is not a session-based protocol. HTTP不是基于会话的协议。 Maintaining an open connection is purely an efficiency improvement; 保持开放连接纯粹是效率的提高； it doesn't provide you with any intrinsic way to associate requests with each other, and shouldn't be used as such. 它不会为您提供任何将请求彼此关联的内在方式，因此不应将其本身使用。

Instead, use cookie-based sessions, as Ganesh suggests. 相反，请按照Ganesh的建议，使用基于cookie的会话。

A solution is to use Https. 一个解决方案是使用Https。 It has a challenging mechanism to secure a communication channel between a client and a server. 它具有挑战性的机制来保护客户端和服务器之间的通信通道。

You can also do like the OAuth protocole. 您也可以像OAuth协议那样使用。 On good OAuth, server provides the client with a token that the client has to resend with every request. 在良好的OAuth上，服务器为客户端提供一个令牌，客户端必须在每次请求时重新发送该令牌。

There is an android library for OAuth , and pretty sure there is one to integrate at low cost in your server. 有一个用于OAuth的android库，可以肯定的是，有一个库可以低成本集成到您的服务器中。

Just ideas, I am really not a web specialist :) 只是想法，我真的不是网络专家:)