如何使用Java登录web站点
我想访问一些需要使用java进行用户身份验证的网站页面。我们必须先登录才能访问页面。我编写了以下代码如何使用Java登录web站点,java,forms-authentication,httpclient,Java,Forms Authentication,Httpclient,我想访问一些需要使用java进行用户身份验证的网站页面。我们必须先登录才能访问页面。我编写了以下代码 package root; import java.io.IOException; import org.apache.commons.httpclient.HttpClient; import org.apache.commons.httpclient.UsernamePasswordCredentials; import org.apache.commons.httpclient.aut
package root;
import java.io.IOException;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.UsernamePasswordCredentials;
import org.apache.commons.httpclient.auth.AuthScope;
import org.apache.commons.httpclient.methods.PostMethod;
import org.apache.commons.httpclient.params.HttpMethodParams;
public class Url
{
public static void main(String[] args) throws IOException
{
HttpClient client = new HttpClient();
client.getParams().setParameter(
HttpMethodParams.USER_AGENT,
"Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.2) Gecko/20100316 Firefox/3.6.2"
);
client.getState().setCredentials(
new AuthScope("https://myoffice.bt.com", 443, AuthScope.ANY_REALM),
new UsernamePasswordCredentials("username", "password") );
PostMethod get = new PostMethod("https://myoffice.bt.com/youraccount/default.aspx");
get.setDoAuthentication( true );
System.out.println(get.getFollowRedirects());
//get.setFollowRedirects(true);
try {
// execute the GET
int status = client.executeMethod( get );
// print the status and response
System.out.println(status + "\n" + get.getResponseBodyAsString());
} finally {
// release any connection resources used by the method
get.releaseConnection();
}
}
}
但它给出了以下错误
> Jun 22, 2010 12:14:40 PM org.apache.commons.httpclient.HttpMethodDirector isRedirectNeeded
INFO: Redirect requested but followRedirects is disabled
302
如果我取消对get.setFollowerRedirects行的注释,它将给出另一个错误
Exception in thread "main" java.lang.IllegalArgumentException: Entity enclosing requests cannot be redirected without user intervention
at org.apache.commons.httpclient.methods.EntityEnclosingMethod.setFollowRedirects(Unknown Source)
at root.Url.main(Url.java:30)
有人能帮我吗?我们可以使用HttpClient进行基于表单的身份验证吗
谢谢。首先-请不要命名您的
PostMethod
变量get
第二,试试这个:
PostMethod post = new PostMethod("yourUrl")
{
@Override
public boolean getFollowRedirects()
{
return true;
}
};
如果您恰好处于“另一边”,并且希望防止您的用户遭受痛苦,请在将POST
请求重定向到GET
时使用响应代码303(请参阅其他)
,而不是常用的302
和301
(per)。普通浏览器往往很好,违反规则,不要求我们确认这些重定向,但许多移动浏览器仍然这样做
关于您关于基于表单的身份验证的问题-您只需要找出要使用的参数名称(例如,通过查看“正常”登录的网站的源),然后用适当的值填充它们:
post.addParameter("username", username);
post.addParameter("password", password);
我在myoffice.bt.com上使用了登录表单,JavaScript中有一些东西 表格提交至
https://myoffice.bt.com/siteminderagent/forms/login.fcc
提交的表单元素如下(name=value
,一些值为空):
尝试将部分或全部(至少是
用户
和密码
)添加到您的PostMethod
,并确保您提交到正确的URL。如果该网站使用Siteminder身份验证,您将无法像那样登录。Siteminder使用cookies来识别经过身份验证的会话。这些cookie仅在会话处于活动状态时有效。
如果您未登录,则服务器会将您重定向到Siteminder登录页面(因此重定向)。
因此,您需要做的是遵循重定向,发送您的凭据(用户名/密码),然后再次遵循重定向,发送收到的cookie
我已经使用Grinder()记录了回归测试的会话,它能够自动登录到Siteminder保护的网站!所以这绝对是可能的,但是你需要做的不仅仅是发送一个HTTP请求
最好的解决方案是某种其他身份验证,比如基于证书的身份验证(当然,这也必须在服务器端进行配置,因此在这种情况下这可能不是一个选项)。为什么不问问英国电信是否提供其他认证方法
编辑:我刚刚发现:
源代码是用VB编写的,但这篇文章非常优秀,将VB代码翻译成Java应该没有问题…;-) Java版本:与siteminder保护的资源配合使用,使用commons httpClient 4.3.3进行测试
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.List;
import javax.net.ssl.SSLContext;
import org.apache.http.Header;
import org.apache.http.HttpEntity;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.client.methods.RequestBuilder;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.cookie.Cookie;
import org.apache.http.impl.client.BasicCookieStore;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.client.LaxRedirectStrategy;
import org.apache.http.util.EntityUtils;
public class AccessSiteminderProtectedResource {
private static final String PASSWORD = "pwd";
private static final String USER_NAME = "userId";
private static final String SITEMINDER_PROTECTED_RESOURCE = "protectedResource";
private static final String SITEMINDER_LOGIN_URL = "siteMinderLoginUrl?TARGET=-SM-" + SITEMINDER_PROTECTED_RESOURCE;
public static void main(String[] args) throws Exception {
BasicCookieStore cookieStore = new BasicCookieStore();
SSLContext sslcontext = buildSSLContext();
SSLConnectionSocketFactory sslsf = buildSSLConnectionSocketFactory(sslcontext);
CloseableHttpClient httpclient = buildHttpClient(cookieStore, sslsf);
try {
String nextLocation = executeLogin(cookieStore, httpclient);
accessApp(httpclient, nextLocation);
} finally {
httpclient.close();
}
}
private static SSLContext buildSSLContext()
throws NoSuchAlgorithmException, KeyManagementException,
KeyStoreException {
SSLContext sslcontext = SSLContexts.custom()
.setSecureRandom(new SecureRandom())
.loadTrustMaterial(null, new TrustSelfSignedStrategy()).build();
return sslcontext;
}
private static SSLConnectionSocketFactory buildSSLConnectionSocketFactory(
SSLContext sslcontext) {
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
sslcontext,
SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
return sslsf;
}
private static CloseableHttpClient buildHttpClient(
BasicCookieStore cookieStore, SSLConnectionSocketFactory sslsf) {
CloseableHttpClient httpclient = HttpClients.custom()
.setSSLSocketFactory(sslsf).setDefaultCookieStore(cookieStore)
.setRedirectStrategy(new LaxRedirectStrategy())
.build();
return httpclient;
}
private static String executeLogin(BasicCookieStore cookieStore,
CloseableHttpClient httpclient) throws URISyntaxException,
IOException, ClientProtocolException {
HttpUriRequest loginPost = RequestBuilder
.post()
.setUri(new URI(SITEMINDER_LOGIN_URL))
.addParameter("USER", USER_NAME)
.addParameter("PASSWORD", PASSWORD).build();
System.out.println("executing request" + loginPost.getRequestLine() + "\n");
CloseableHttpResponse loginResponse = httpclient.execute(loginPost);
String nexLocation;
try {
HttpEntity loginResponseEntity = loginResponse.getEntity();
System.out.println("Login form post Status: " + loginResponse.getStatusLine());
EntityUtils.consume(loginResponseEntity);
System.out.println();
System.out.println("Post logon cookies:");
System.out.println();
displayCookies(cookieStore);
System.out.println();
System.out.println();
System.out.println("Login Post Headers----------------------------------------");
displayHeaders(loginResponse);
System.out.println();
System.out.println();
nexLocation = SITEMINDER_PROTECTED_RESOURCE;
} finally {
loginResponse.close();
}
return nexLocation;
}
private static void accessApp(CloseableHttpClient httpclient, String nextLocation) throws IOException, ClientProtocolException {
HttpGet appGet = new HttpGet(nextLocation);
System.out.println("executing request" + appGet.getRequestLine());
CloseableHttpResponse response = httpclient.execute(appGet);
try {
HttpEntity entity = response.getEntity();
System.out.println("\n\n\n\n---------------------------------------- \n");
System.out.println("App Get Status: " + response.getStatusLine());
System.out.println(EntityUtils.toString(entity));
EntityUtils.consume(entity);
} finally {
response.close();
}
}
private static void displayHeaders(CloseableHttpResponse loginResponse) {
for (Header header : loginResponse.getAllHeaders()) {
System.out.println(header);
}
}
private static void displayCookies(BasicCookieStore cookieStore) {
List<Cookie> cookies = cookieStore.getCookies();
if (cookies.isEmpty()) {
System.out.println("None");
} else {
for (int i = 0; i < cookies.size(); i++) {
System.out.println("- " + cookies.get(i).toString());
}
}
}
}
import java.io.IOException;
导入java.net.URI;
导入java.net.URISyntaxException;
导入java.security.KeyManagementException;
导入java.security.KeyStoreException;
导入java.security.NoSuchAlgorithmException;
导入java.security.SecureRandom;
导入java.util.List;
导入javax.net.ssl.SSLContext;
导入org.apache.http.Header;
导入org.apache.http.HttpEntity;
导入org.apache.http.client.ClientProtocolException;
导入org.apache.http.client.methods.CloseableHttpResponse;
导入org.apache.http.client.methods.HttpGet;
导入org.apache.http.client.methods.HttpUriRequest;
导入org.apache.http.client.methods.RequestBuilder;
导入org.apache.http.conn.ssl.SSLConnectionSocketFactory;
导入org.apache.http.conn.ssl.SSLContexts;
导入org.apache.http.conn.ssl.TrustSelfSignedStrategy;
导入org.apache.http.cookie.cookie;
导入org.apache.http.impl.client.BasicCookieStore;
导入org.apache.http.impl.client.CloseableHttpClient;
导入org.apache.http.impl.client.HttpClients;
导入org.apache.http.impl.client.laxridirectstrategy;
导入org.apache.http.util.EntityUtils;
公共类访问SiteMinderProtectedResource{
私有静态最终字符串PASSWORD=“pwd”;
私有静态最终字符串USER\u NAME=“userId”;
私有静态最终字符串SITEMINDER\u PROTECTED\u RESOURCE=“protectedResource”;
私有静态最终字符串SITEMINDER\u LOGIN\u URL=“siteMinderLoginUrl?TARGET=-SM-”+SITEMINDER\u PROTECTED\u资源;
公共静态void main(字符串[]args)引发异常{
BasicCookieStore cookieStore=新BasicCookieStore();
SSLContext SSLContext=buildSSLContext();
SSLConnectionSocketFactory sslsf=构建SSLConnectionSocketFactory(sslcontext);
CloseableHttpClient httpclient=buildHttpClient(cookieStore,sslsf);
试一试{
String nextLocation=executeLogin(cookieStore,httpclient);
accessApp(httpclient,nextLocation);
}最后{
httpclient.close();
}
}
私有静态SSLContext buildSSLContext()
抛出NoSuchAlgorithmException、KeyManagementException、,
密钥重异常{
SSLContext SSLContext=SSLContexts.custom()
.SetSecurerRandom(新的SecureRandom())
.loadTrustMaterial(空,新TrustSelfSignedStrategy()).build();
返回sslcontext;
}
专用静态SSLConnectionSocketFactory构建SSLConnectionSocketFactory(
SSLContext SSLContext){
SSLConnectionSocketFactory sslsf=新SSLConnectionSocketFactory(
sslcontext,
SSLConnectionSocketFactory。允许\u所有\u主机名\u验证程序);
返回sslsf;
}
私有静态可关闭HttpClient构建HttpClient(
BasicCookieStore cookieStore,SSL连接插座厂(sslsf){
CloseableHttpClient httpclient=HttpClients.custom()
.setsslssocketfactory(sslsf).setDefaultCookieStore(cookieStore)
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.List;
import javax.net.ssl.SSLContext;
import org.apache.http.Header;
import org.apache.http.HttpEntity;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.client.methods.RequestBuilder;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.cookie.Cookie;
import org.apache.http.impl.client.BasicCookieStore;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.client.LaxRedirectStrategy;
import org.apache.http.util.EntityUtils;
public class AccessSiteminderProtectedResource {
private static final String PASSWORD = "pwd";
private static final String USER_NAME = "userId";
private static final String SITEMINDER_PROTECTED_RESOURCE = "protectedResource";
private static final String SITEMINDER_LOGIN_URL = "siteMinderLoginUrl?TARGET=-SM-" + SITEMINDER_PROTECTED_RESOURCE;
public static void main(String[] args) throws Exception {
BasicCookieStore cookieStore = new BasicCookieStore();
SSLContext sslcontext = buildSSLContext();
SSLConnectionSocketFactory sslsf = buildSSLConnectionSocketFactory(sslcontext);
CloseableHttpClient httpclient = buildHttpClient(cookieStore, sslsf);
try {
String nextLocation = executeLogin(cookieStore, httpclient);
accessApp(httpclient, nextLocation);
} finally {
httpclient.close();
}
}
private static SSLContext buildSSLContext()
throws NoSuchAlgorithmException, KeyManagementException,
KeyStoreException {
SSLContext sslcontext = SSLContexts.custom()
.setSecureRandom(new SecureRandom())
.loadTrustMaterial(null, new TrustSelfSignedStrategy()).build();
return sslcontext;
}
private static SSLConnectionSocketFactory buildSSLConnectionSocketFactory(
SSLContext sslcontext) {
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
sslcontext,
SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
return sslsf;
}
private static CloseableHttpClient buildHttpClient(
BasicCookieStore cookieStore, SSLConnectionSocketFactory sslsf) {
CloseableHttpClient httpclient = HttpClients.custom()
.setSSLSocketFactory(sslsf).setDefaultCookieStore(cookieStore)
.setRedirectStrategy(new LaxRedirectStrategy())
.build();
return httpclient;
}
private static String executeLogin(BasicCookieStore cookieStore,
CloseableHttpClient httpclient) throws URISyntaxException,
IOException, ClientProtocolException {
HttpUriRequest loginPost = RequestBuilder
.post()
.setUri(new URI(SITEMINDER_LOGIN_URL))
.addParameter("USER", USER_NAME)
.addParameter("PASSWORD", PASSWORD).build();
System.out.println("executing request" + loginPost.getRequestLine() + "\n");
CloseableHttpResponse loginResponse = httpclient.execute(loginPost);
String nexLocation;
try {
HttpEntity loginResponseEntity = loginResponse.getEntity();
System.out.println("Login form post Status: " + loginResponse.getStatusLine());
EntityUtils.consume(loginResponseEntity);
System.out.println();
System.out.println("Post logon cookies:");
System.out.println();
displayCookies(cookieStore);
System.out.println();
System.out.println();
System.out.println("Login Post Headers----------------------------------------");
displayHeaders(loginResponse);
System.out.println();
System.out.println();
nexLocation = SITEMINDER_PROTECTED_RESOURCE;
} finally {
loginResponse.close();
}
return nexLocation;
}
private static void accessApp(CloseableHttpClient httpclient, String nextLocation) throws IOException, ClientProtocolException {
HttpGet appGet = new HttpGet(nextLocation);
System.out.println("executing request" + appGet.getRequestLine());
CloseableHttpResponse response = httpclient.execute(appGet);
try {
HttpEntity entity = response.getEntity();
System.out.println("\n\n\n\n---------------------------------------- \n");
System.out.println("App Get Status: " + response.getStatusLine());
System.out.println(EntityUtils.toString(entity));
EntityUtils.consume(entity);
} finally {
response.close();
}
}
private static void displayHeaders(CloseableHttpResponse loginResponse) {
for (Header header : loginResponse.getAllHeaders()) {
System.out.println(header);
}
}
private static void displayCookies(BasicCookieStore cookieStore) {
List<Cookie> cookies = cookieStore.getCookies();
if (cookies.isEmpty()) {
System.out.println("None");
} else {
for (int i = 0; i < cookies.size(); i++) {
System.out.println("- " + cookies.get(i).toString());
}
}
}
}