如何使用Java登录web站点_Java_Forms Authentication_Httpclient

如何使用Java登录web站点

java

如何使用Java登录web站点,java,forms-authentication,httpclient,Java,Forms Authentication,Httpclient,我想访问一些需要使用java进行用户身份验证的网站页面。我们必须先登录才能访问页面。我编写了以下代码 package root; import java.io.IOException; import org.apache.commons.httpclient.HttpClient; import org.apache.commons.httpclient.UsernamePasswordCredentials; import org.apache.commons.httpclient.aut

我想访问一些需要使用java进行用户身份验证的网站页面。我们必须先登录才能访问页面。我编写了以下代码

package root;

import java.io.IOException;

import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.UsernamePasswordCredentials;
import org.apache.commons.httpclient.auth.AuthScope;
import org.apache.commons.httpclient.methods.PostMethod;
import org.apache.commons.httpclient.params.HttpMethodParams;


public class Url
{
 public static void main(String[] args) throws IOException
 {
  HttpClient client = new HttpClient();

  client.getParams().setParameter(
      HttpMethodParams.USER_AGENT,
      "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.2) Gecko/20100316 Firefox/3.6.2"
  );

  client.getState().setCredentials(
     new AuthScope("https://myoffice.bt.com", 443,  AuthScope.ANY_REALM),
     new UsernamePasswordCredentials("username", "password")  ); 

  PostMethod get = new PostMethod("https://myoffice.bt.com/youraccount/default.aspx");
  get.setDoAuthentication( true );
  System.out.println(get.getFollowRedirects());
  //get.setFollowRedirects(true);


  try {
    // execute the GET
     int status = client.executeMethod( get );

     // print the status and response
     System.out.println(status + "\n" + get.getResponseBodyAsString());

     } finally {
     // release any connection resources used by the method
      get.releaseConnection();
     } 


 }

}

但它给出了以下错误

> Jun 22, 2010 12:14:40 PM org.apache.commons.httpclient.HttpMethodDirector isRedirectNeeded
INFO: Redirect requested but followRedirects is disabled
302

如果我取消对get.setFollowerRedirects行的注释，它将给出另一个错误

Exception in thread "main" java.lang.IllegalArgumentException: Entity enclosing requests cannot be redirected without user intervention
 at org.apache.commons.httpclient.methods.EntityEnclosingMethod.setFollowRedirects(Unknown Source)
 at root.Url.main(Url.java:30)

有人能帮我吗？我们可以使用HttpClient进行基于表单的身份验证吗

谢谢。

首先-请不要命名您的

PostMethod

变量

get

第二，试试这个：

PostMethod post = new PostMethod("yourUrl")
{
    @Override
    public boolean getFollowRedirects()
    {
        return true;
    }
};

如果您恰好处于“另一边”，并且希望防止您的用户遭受痛苦，请在将

POST

请求重定向到

GET

时使用响应代码

303（请参阅其他）

，而不是常用的

和

（per）。普通浏览器往往很好，违反规则，不要求我们确认这些重定向，但许多移动浏览器仍然这样做

关于您关于基于表单的身份验证的问题-您只需要找出要使用的参数名称（例如，通过查看“正常”登录的网站的源），然后用适当的值填充它们：

post.addParameter("username", username);
post.addParameter("password", password);

我在myoffice.bt.com上使用了登录表单，JavaScript中有一些东西

表格提交至

https://myoffice.bt.com/siteminderagent/forms/login.fcc

提交的表单元素如下（

name=value

，一些值为空）：

尝试将部分或全部（至少是

用户

和

密码

）添加到您的

PostMethod

，并确保您提交到正确的URL。

如果该网站使用Siteminder身份验证，您将无法像那样登录。Siteminder使用cookies来识别经过身份验证的会话。这些cookie仅在会话处于活动状态时有效。如果您未登录，则服务器会将您重定向到Siteminder登录页面（因此重定向）。因此，您需要做的是遵循重定向，发送您的凭据（用户名/密码），然后再次遵循重定向，发送收到的cookie

我已经使用Grinder（）记录了回归测试的会话，它能够自动登录到Siteminder保护的网站！所以这绝对是可能的，但是你需要做的不仅仅是发送一个HTTP请求

最好的解决方案是某种其他身份验证，比如基于证书的身份验证（当然，这也必须在服务器端进行配置，因此在这种情况下这可能不是一个选项）。为什么不问问英国电信是否提供其他认证方法

编辑：我刚刚发现：

源代码是用VB编写的，但这篇文章非常优秀，将VB代码翻译成Java应该没有问题…；-）

Java版本：与siteminder保护的资源配合使用，使用commons httpClient 4.3.3进行测试

import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.List;

import javax.net.ssl.SSLContext;

import org.apache.http.Header;
import org.apache.http.HttpEntity;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.client.methods.RequestBuilder;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.cookie.Cookie;
import org.apache.http.impl.client.BasicCookieStore;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.client.LaxRedirectStrategy;
import org.apache.http.util.EntityUtils;

public class AccessSiteminderProtectedResource {

    private static final String PASSWORD = "pwd";
    private static final String USER_NAME = "userId";
    private static final String SITEMINDER_PROTECTED_RESOURCE = "protectedResource";
    private static final String SITEMINDER_LOGIN_URL = "siteMinderLoginUrl?TARGET=-SM-" + SITEMINDER_PROTECTED_RESOURCE;

    public static void main(String[] args) throws Exception {

        BasicCookieStore cookieStore = new BasicCookieStore();

        SSLContext sslcontext = buildSSLContext();

        SSLConnectionSocketFactory sslsf = buildSSLConnectionSocketFactory(sslcontext);

        CloseableHttpClient httpclient = buildHttpClient(cookieStore, sslsf);

        try {

            String nextLocation = executeLogin(cookieStore, httpclient);

            accessApp(httpclient, nextLocation);

        } finally {
            httpclient.close();
        }
    }

    private static SSLContext buildSSLContext()
            throws NoSuchAlgorithmException, KeyManagementException,
            KeyStoreException {
        SSLContext sslcontext = SSLContexts.custom()
                .setSecureRandom(new SecureRandom())
                .loadTrustMaterial(null, new TrustSelfSignedStrategy()).build();
        return sslcontext;
    }

    private static SSLConnectionSocketFactory buildSSLConnectionSocketFactory(
            SSLContext sslcontext) {
        SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
                sslcontext,
                SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
        return sslsf;
    }

    private static CloseableHttpClient buildHttpClient(
            BasicCookieStore cookieStore, SSLConnectionSocketFactory sslsf) {
        CloseableHttpClient httpclient = HttpClients.custom()
                .setSSLSocketFactory(sslsf).setDefaultCookieStore(cookieStore)
                .setRedirectStrategy(new LaxRedirectStrategy())
                .build();
        return httpclient;
    }

    private static String executeLogin(BasicCookieStore cookieStore,
            CloseableHttpClient httpclient) throws URISyntaxException,
            IOException, ClientProtocolException {

        HttpUriRequest loginPost = RequestBuilder
                .post()
                .setUri(new URI(SITEMINDER_LOGIN_URL))
                .addParameter("USER", USER_NAME)
                .addParameter("PASSWORD", PASSWORD).build();

        System.out.println("executing request" + loginPost.getRequestLine() + "\n");

        CloseableHttpResponse loginResponse = httpclient.execute(loginPost);
        String nexLocation;
        try {
            HttpEntity loginResponseEntity = loginResponse.getEntity();

            System.out.println("Login form post Status: " + loginResponse.getStatusLine());
            EntityUtils.consume(loginResponseEntity);
            System.out.println();

            System.out.println("Post logon cookies:");
            System.out.println();
            displayCookies(cookieStore);
            System.out.println();
            System.out.println();

            System.out.println("Login Post Headers----------------------------------------");
            displayHeaders(loginResponse);

            System.out.println();
            System.out.println();

            nexLocation = SITEMINDER_PROTECTED_RESOURCE;
        } finally {
            loginResponse.close();
        }

        return nexLocation;
    }

    private static void accessApp(CloseableHttpClient httpclient, String nextLocation) throws IOException, ClientProtocolException {
        HttpGet appGet = new HttpGet(nextLocation);

        System.out.println("executing request" + appGet.getRequestLine());

        CloseableHttpResponse response = httpclient.execute(appGet);
        try {
            HttpEntity entity = response.getEntity();

            System.out.println("\n\n\n\n---------------------------------------- \n");

            System.out.println("App Get Status: " + response.getStatusLine());
            System.out.println(EntityUtils.toString(entity));
            EntityUtils.consume(entity);

        } finally {
            response.close();
        }
    }

    private static void displayHeaders(CloseableHttpResponse loginResponse) {
        for (Header header : loginResponse.getAllHeaders()) {
            System.out.println(header);
        }
    }

    private static void displayCookies(BasicCookieStore cookieStore) {
        List<Cookie> cookies = cookieStore.getCookies();
        if (cookies.isEmpty()) {
            System.out.println("None");
        } else {
            for (int i = 0; i < cookies.size(); i++) {
                System.out.println("- " + cookies.get(i).toString());
            }
        }
    }

}

import java.io.IOException；
导入java.net.URI；
导入java.net.URISyntaxException；
导入java.security.KeyManagementException；
导入java.security.KeyStoreException；
导入java.security.NoSuchAlgorithmException；
导入java.security.SecureRandom；
导入java.util.List；
导入javax.net.ssl.SSLContext；
导入org.apache.http.Header；
导入org.apache.http.HttpEntity；
导入org.apache.http.client.ClientProtocolException；
导入org.apache.http.client.methods.CloseableHttpResponse；
导入org.apache.http.client.methods.HttpGet；
导入org.apache.http.client.methods.HttpUriRequest；
导入org.apache.http.client.methods.RequestBuilder；
导入org.apache.http.conn.ssl.SSLConnectionSocketFactory；
导入org.apache.http.conn.ssl.SSLContexts；
导入org.apache.http.conn.ssl.TrustSelfSignedStrategy；
导入org.apache.http.cookie.cookie；
导入org.apache.http.impl.client.BasicCookieStore；
导入org.apache.http.impl.client.CloseableHttpClient；
导入org.apache.http.impl.client.HttpClients；
导入org.apache.http.impl.client.laxridirectstrategy；
导入org.apache.http.util.EntityUtils；
公共类访问SiteMinderProtectedResource{
私有静态最终字符串PASSWORD=“pwd”；
私有静态最终字符串USER\u NAME=“userId”；
私有静态最终字符串SITEMINDER\u PROTECTED\u RESOURCE=“protectedResource”；
私有静态最终字符串SITEMINDER\u LOGIN\u URL=“siteMinderLoginUrl？TARGET=-SM-”+SITEMINDER\u PROTECTED\u资源；
公共静态void main（字符串[]args）引发异常{
BasicCookieStore cookieStore=新BasicCookieStore（）；
SSLContext SSLContext=buildSSLContext（）；
SSLConnectionSocketFactory sslsf=构建SSLConnectionSocketFactory（sslcontext）；
CloseableHttpClient httpclient=buildHttpClient（cookieStore，sslsf）；
试一试{
String nextLocation=executeLogin（cookieStore，httpclient）；
accessApp（httpclient，nextLocation）；
}最后{
httpclient.close（）；
}
}
私有静态SSLContext buildSSLContext（）
抛出NoSuchAlgorithmException、KeyManagementException、，
密钥重异常{
SSLContext SSLContext=SSLContexts.custom（）
.SetSecurerRandom（新的SecureRandom（））
.loadTrustMaterial（空，新TrustSelfSignedStrategy（））.build（）；
返回sslcontext；
}
专用静态SSLConnectionSocketFactory构建SSLConnectionSocketFactory(
SSLContext SSLContext）{
SSLConnectionSocketFactory sslsf=新SSLConnectionSocketFactory(
sslcontext，
SSLConnectionSocketFactory。允许\u所有\u主机名\u验证程序）；
返回sslsf；
}
私有静态可关闭HttpClient构建HttpClient(
BasicCookieStore cookieStore，SSL连接插座厂（sslsf）{
CloseableHttpClient httpclient=HttpClients.custom（）
.setsslssocketfactory（sslsf）.setDefaultCookieStore（cookieStore）
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.List;

import javax.net.ssl.SSLContext;

import org.apache.http.Header;
import org.apache.http.HttpEntity;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.client.methods.RequestBuilder;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.cookie.Cookie;
import org.apache.http.impl.client.BasicCookieStore;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.client.LaxRedirectStrategy;
import org.apache.http.util.EntityUtils;

public class AccessSiteminderProtectedResource {

    private static final String PASSWORD = "pwd";
    private static final String USER_NAME = "userId";
    private static final String SITEMINDER_PROTECTED_RESOURCE = "protectedResource";
    private static final String SITEMINDER_LOGIN_URL = "siteMinderLoginUrl?TARGET=-SM-" + SITEMINDER_PROTECTED_RESOURCE;

    public static void main(String[] args) throws Exception {

        BasicCookieStore cookieStore = new BasicCookieStore();

        SSLContext sslcontext = buildSSLContext();

        SSLConnectionSocketFactory sslsf = buildSSLConnectionSocketFactory(sslcontext);

        CloseableHttpClient httpclient = buildHttpClient(cookieStore, sslsf);

        try {

            String nextLocation = executeLogin(cookieStore, httpclient);

            accessApp(httpclient, nextLocation);

        } finally {
            httpclient.close();
        }
    }

    private static SSLContext buildSSLContext()
            throws NoSuchAlgorithmException, KeyManagementException,
            KeyStoreException {
        SSLContext sslcontext = SSLContexts.custom()
                .setSecureRandom(new SecureRandom())
                .loadTrustMaterial(null, new TrustSelfSignedStrategy()).build();
        return sslcontext;
    }

    private static SSLConnectionSocketFactory buildSSLConnectionSocketFactory(
            SSLContext sslcontext) {
        SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
                sslcontext,
                SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
        return sslsf;
    }

    private static CloseableHttpClient buildHttpClient(
            BasicCookieStore cookieStore, SSLConnectionSocketFactory sslsf) {
        CloseableHttpClient httpclient = HttpClients.custom()
                .setSSLSocketFactory(sslsf).setDefaultCookieStore(cookieStore)
                .setRedirectStrategy(new LaxRedirectStrategy())
                .build();
        return httpclient;
    }

    private static String executeLogin(BasicCookieStore cookieStore,
            CloseableHttpClient httpclient) throws URISyntaxException,
            IOException, ClientProtocolException {

        HttpUriRequest loginPost = RequestBuilder
                .post()
                .setUri(new URI(SITEMINDER_LOGIN_URL))
                .addParameter("USER", USER_NAME)
                .addParameter("PASSWORD", PASSWORD).build();

        System.out.println("executing request" + loginPost.getRequestLine() + "\n");

        CloseableHttpResponse loginResponse = httpclient.execute(loginPost);
        String nexLocation;
        try {
            HttpEntity loginResponseEntity = loginResponse.getEntity();

            System.out.println("Login form post Status: " + loginResponse.getStatusLine());
            EntityUtils.consume(loginResponseEntity);
            System.out.println();

            System.out.println("Post logon cookies:");
            System.out.println();
            displayCookies(cookieStore);
            System.out.println();
            System.out.println();

            System.out.println("Login Post Headers----------------------------------------");
            displayHeaders(loginResponse);

            System.out.println();
            System.out.println();

            nexLocation = SITEMINDER_PROTECTED_RESOURCE;
        } finally {
            loginResponse.close();
        }

        return nexLocation;
    }

    private static void accessApp(CloseableHttpClient httpclient, String nextLocation) throws IOException, ClientProtocolException {
        HttpGet appGet = new HttpGet(nextLocation);

        System.out.println("executing request" + appGet.getRequestLine());

        CloseableHttpResponse response = httpclient.execute(appGet);
        try {
            HttpEntity entity = response.getEntity();

            System.out.println("\n\n\n\n---------------------------------------- \n");

            System.out.println("App Get Status: " + response.getStatusLine());
            System.out.println(EntityUtils.toString(entity));
            EntityUtils.consume(entity);

        } finally {
            response.close();
        }
    }

    private static void displayHeaders(CloseableHttpResponse loginResponse) {
        for (Header header : loginResponse.getAllHeaders()) {
            System.out.println(header);
        }
    }

    private static void displayCookies(BasicCookieStore cookieStore) {
        List<Cookie> cookies = cookieStore.getCookies();
        if (cookies.isEmpty()) {
            System.out.println("None");
        } else {
            for (int i = 0; i < cookies.size(); i++) {
                System.out.println("- " + cookies.get(i).toString());
            }
        }
    }

}