Java 发送HTTP POST时出现InvalidAuthenticationToken异常
我们正在为一个库存系统项目(学校)创建一个Java客户机与RubyonRails服务器接口 我们使用的客户端应该执行HTTPGET请求信息,HTTPPOST更新或创建新信息(是的,我们知道HTTPPUT…) 不幸的是,我们在尝试执行HTTP post时遇到了InvalidAuthenticationToken错误。我们通过HTTP基本身份验证进行身份验证,我们的控制器如下所示:Java 发送HTTP POST时出现InvalidAuthenticationToken异常,java,ruby-on-rails,apache-httpclient-4.x,Java,Ruby On Rails,Apache Httpclient 4.x,我们正在为一个库存系统项目(学校)创建一个Java客户机与RubyonRails服务器接口 我们使用的客户端应该执行HTTPGET请求信息,HTTPPOST更新或创建新信息(是的,我们知道HTTPPUT…) 不幸的是,我们在尝试执行HTTP post时遇到了InvalidAuthenticationToken错误。我们通过HTTP基本身份验证进行身份验证,我们的控制器如下所示: class UsersController < ApplicationController before_
class UsersController < ApplicationController
before_filter :authenticate
def show
@user = User.find(params[:id])
#@user = User.all
render :xml => @user.to_xml
end
def update
@user = User.find(params[:id])
if @user.update_attributes(params[:user])
render :text => 'Success!'
else
render :text => 'No success!'
end
end
private
def authenticate
logger.info("Entering Authen..")
authenticate_or_request_with_http_basic do |username, password|
logger.info("Time: #{Time.now}, username: #{username}, password: #{password}")
User.authenticate(username, password)
end
end
end
我们担心的是,它甚至没有尝试对基本身份验证进行身份验证——它跳过了过滤器和整个控制器。我们的代码在客户机中非常普通(为了便于理解,我们对其进行了编辑):
DefaultHttpClient-httpClient=newdefaulthttpclient();
myCredentials=新用户名PasswordCredentials(用户名、密码);
//设置提供程序
provider=new BasicCredentialsProvider();
provider.setCredentials(范围,myCredentials);
//设置凭据
httpClient.setCredentialsProvider(提供者);
ArrayList formparams=新的ArrayList();
formparams.add(新的BasicNameValuePair(“名字”,“Macky”);
UrlEncodedFormEntity formEntity=新的UrlEncodedFormEntity(formparams,“UTF-8”);
//发号施令
post=新的HttpPost(url);
post.setEntity(formEntity);
response=httpClient.execute(post);
那么,是Rails出了问题,还是Java Jakarta客户端出了问题?非常感谢您的帮助。您的帖子数据中是否包含CSRF令牌 请参阅此链接:
默认情况下,启用了
protect\u from\u forgery
,这使得Rails对于任何非GET请求都需要一个真实性令牌。Rails将在使用表单帮助程序创建的表单中自动包含真实性令牌,但我猜,由于您正在构建自己的表单以发布,因此您没有包含令牌。您是否也可以为GET请求添加客户端代码
#Successful GET
Processing UsersController#show (for 10.18.2.84 at 2010-11-24 19:02:42) [GET]
Parameters: {"id"=>"2"}
Entering Authen..
Filter chain halted as [:authenticate] rendered_or_redirected.
Completed in 3ms (View: 2, DB: 0) | 401 Unauthorized [http://10.18.2.84/users/show/2]
Processing UsersController#show (for 10.18.2.84 at 2010-11-24 19:02:43) [GET]
Parameters: {"id"=>"2"}
Entering Authen..
Time: Wed Nov 24 19:02:43 -0600 2010, username: admin, password: pass
[4;36;1mUser Load (1.0ms)[0m [0;1mSELECT * FROM "users" WHERE (user_name = 'admin' AND password = 'pass') LIMIT 1[0m
[4;35;1mUser Load (0.0ms)[0m [0mSELECT * FROM "users" WHERE ("users"."id" = 2) [0m
Completed in 18ms (View: 2, DB: 1) | 200 OK [http://10.18.2.84/users/show/2]
#Unsuccessful POST
Processing UsersController#update (for 10.18.2.84 at 2010-11-24 19:03:06) [POST]
Parameters: {"id"=>"2", "first-name"=>"Macky"}
ActionController::InvalidAuthenticityToken
(ActionController::InvalidAuthenticityToken):
DefaultHttpClient httpClient = new DefaultHttpClient();
myCredentials = new UsernamePasswordCredentials( username, password );
//Set Provider
provider = new BasicCredentialsProvider();
provider.setCredentials(scope, myCredentials);
//Set Credentials
httpClient.setCredentialsProvider( provider );
ArrayList<NameValuePair> formparams = new ArrayList<NameValuePair>();
formparams.add(new BasicNameValuePair("first-name", "Macky"));
UrlEncodedFormEntity formEntity = new UrlEncodedFormEntity(formparams, "UTF-8");
//Set the post
post = new HttpPost( url );
post.setEntity(formEntity);
response = httpClient.execute( post );