HTTPS鏈接的REST Web服務調用-400錯誤的請求錯誤

Question

使用SOAP UI，我能夠使用基本身份驗證成功調用REST GET調用

GET https://app.test.com/testing/rest/authentication-point/authentication HTTP/1.1
Accept-Encoding: gzip,deflate
Authorization: Basic aPOjYVclOmIzABFhZjVpJES=
Host: app.test.com
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)

我收到的響應代碼為200。

類似的請求，當我嘗試通過java客戶端調用時，它給出了400狀態代碼。

CredentialsProvider credsProvider = new BasicCredentialsProvider();
    credsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials("User", "Password"));
final HttpClientContext context = HttpClientContext.create();
context.setCredentialsProvider(credsProvider);

HttpClient client = HttpClientBuilder.create().build();
HttpResponse response = null;

response = client.execute(
                new HttpGet("https://app.test.com/testing/rest/authentication-point/authentication"),
                context);

int statusCode = response.getStatusLine().getStatusCode();

當主機為HTTP時，此代碼可以正常工作。 最近，VIP已添加並設置為HTTPS，此后將無法使用。 請為此提出建議。

Answer 1

您需要在http客戶端上使用ssl：

    TrustStrategy acceptingTrustStrategy = (cert, authType) -> true;
SSLSocketFactory sf = new SSLSocketFactory(
  acceptingTrustStrategy, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("https", 8443, sf));
ClientConnectionManager ccm = new PoolingClientConnectionManager(registry);

CredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials("User", "Password"));
final HttpClientContext context = HttpClientContext.create();
context.setCredentialsProvider(credsProvider);

DefaultHttpClient httpClient = new DefaultHttpClient(ccm);

HttpGet getMethod = new HttpGet(new HttpGet("https://app.test.com/testing/rest/authentication-point/authentication"),context);

HttpResponse response = httpClient.execute(getMethod);

int statusCode = response.getStatusLine().getStatusCode();

Answer 2

在嘗試了很多選擇之后，下面的代碼對我有用。

HttpHost targetHost = new HttpHost("app.test.com", 443, "https");
AuthCache authCache = new BasicAuthCache();
authCache.put(targetHost, new BasicScheme());

CredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials("User", "Password"));

final HttpClientContext context = HttpClientContext.create();
context.setCredentialsProvider(credsProvider);
context.setAuthCache(authCache);

HttpClient client = HttpClientBuilder.create().build();
HttpResponse response = null;

response = client.execute(
            new HttpGet("https://app.test.com/testing/rest/authentication-point/authentication"),
            context);

在將方案的HTTP主機定義為https，並使用AuthCache將它們設置為上下文之后，調用成功進行。