HTTPS链接的REST Web服务调用-400错误的请求错误

Question

使用SOAP UI，我能够使用基本身份验证成功调用REST GET调用

GET https://app.test.com/testing/rest/authentication-point/authentication HTTP/1.1
Accept-Encoding: gzip,deflate
Authorization: Basic aPOjYVclOmIzABFhZjVpJES=
Host: app.test.com
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)

我收到的响应代码为200。

类似的请求，当我尝试通过java客户端调用时，它给出了400状态代码。

CredentialsProvider credsProvider = new BasicCredentialsProvider();
    credsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials("User", "Password"));
final HttpClientContext context = HttpClientContext.create();
context.setCredentialsProvider(credsProvider);

HttpClient client = HttpClientBuilder.create().build();
HttpResponse response = null;

response = client.execute(
                new HttpGet("https://app.test.com/testing/rest/authentication-point/authentication"),
                context);

int statusCode = response.getStatusLine().getStatusCode();

当主机为HTTP时，此代码可以正常工作。 最近，VIP已添加并设置为HTTPS，此后将无法使用。 请为此提出建议。

Answer 1

您需要在http客户端上使用ssl：

    TrustStrategy acceptingTrustStrategy = (cert, authType) -> true;
SSLSocketFactory sf = new SSLSocketFactory(
  acceptingTrustStrategy, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("https", 8443, sf));
ClientConnectionManager ccm = new PoolingClientConnectionManager(registry);

CredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials("User", "Password"));
final HttpClientContext context = HttpClientContext.create();
context.setCredentialsProvider(credsProvider);

DefaultHttpClient httpClient = new DefaultHttpClient(ccm);

HttpGet getMethod = new HttpGet(new HttpGet("https://app.test.com/testing/rest/authentication-point/authentication"),context);

HttpResponse response = httpClient.execute(getMethod);

int statusCode = response.getStatusLine().getStatusCode();

Answer 2

在尝试了很多选择之后，下面的代码对我有用。

HttpHost targetHost = new HttpHost("app.test.com", 443, "https");
AuthCache authCache = new BasicAuthCache();
authCache.put(targetHost, new BasicScheme());

CredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials("User", "Password"));

final HttpClientContext context = HttpClientContext.create();
context.setCredentialsProvider(credsProvider);
context.setAuthCache(authCache);

HttpClient client = HttpClientBuilder.create().build();
HttpResponse response = null;

response = client.execute(
            new HttpGet("https://app.test.com/testing/rest/authentication-point/authentication"),
            context);

在将方案的HTTP主机定义为https，并使用AuthCache将它们设置为上下文之后，调用成功进行。