Java https摘要请求失败,出现安全异常
我正在使用Aapache httpclient代码来读取具有摘要身份验证的url。我被违反了安全规定。此url/用户名/密码在浏览器中工作正常。怎么了Java https摘要请求失败,出现安全异常,java,apache-httpclient-4.x,digest-authentication,Java,Apache Httpclient 4.x,Digest Authentication,我正在使用Aapache httpclient代码来读取具有摘要身份验证的url。我被违反了安全规定。此url/用户名/密码在浏览器中工作正常。怎么了 public static void main(String[] args) throws Exception { String url = "https://httpbin.org/digest-auth/auth/user/passwd"; String username = "user"; String passw
public static void main(String[] args) throws Exception {
String url = "https://httpbin.org/digest-auth/auth/user/passwd";
String username = "user";
String password = "passwd";
CookieStore cookieStore = new BasicCookieStore();
BasicClientCookie cookie = new BasicClientCookie("fake", "fake_value");
cookie.setDomain("httpbin.org");
cookie.setPath("/");
cookieStore.addCookie(cookie);
// get the host
HttpHost httpHost = URIUtils.extractHost(new URI(url));
CredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(new AuthScope(httpHost.getHostName(), httpHost.getPort()), new UsernamePasswordCredentials(username, password));
CloseableHttpClient httpClient = HttpClients.custom()
.setDefaultCookieStore(cookieStore)
.setDefaultCredentialsProvider(credsProvider)
.setRedirectStrategy(new LaxRedirectStrategy())
.build();
// Create AuthCache instance
// Generate BASIC scheme object and add it to the local auth cache
AuthCache authCache = new BasicAuthCache();
DigestScheme digestAuth = new DigestScheme();
digestAuth.overrideParamter("realm", "support@windward.net");
digestAuth.overrideParamter("nonce", calculateNonce());
authCache.put(httpHost, digestAuth);
// Add AuthCache to the execution context
HttpClientContext localContext = HttpClientContext.create();
localContext.setAuthCache(authCache);
CloseableHttpResponse response = null;
HttpGet httpGet = new HttpGet(url);
response = httpClient.execute(httpHost, httpGet, localContext);
if (response.getStatusLine().getStatusCode() != 200)
throw new IOException("Error: " + response.getStatusLine() + ". Reading url " + url);
HttpEntity entity = response.getEntity();
InputStream stream = entity.getContent();
}
private static synchronized String calculateNonce() {
Date d = new Date();
SimpleDateFormat f = new SimpleDateFormat("yyyy:MM:dd:hh:mm:ss");
String fmtDate = f.format(d);
Random rand = new Random(100000);
Integer randomInt = rand.nextInt();
return org.apache.commons.codec.digest.DigestUtils.md5Hex(fmtDate + randomInt.toString());
}
例外情况:
线程“main”javax.net.ssl.SSLHandshakeException中的异常:
sun.security.validator.validator异常:PKIX路径生成失败:
sun.security.provider.certpath.SunCertPathBuilderException:无法
在上找到请求目标的有效证书路径
位于的sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1904)位于
sun.security.ssl.Handshaker.fatalSE(Handshaker.java:279)位于
sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273)位于
server证书(ClientHandshaker.java:1446)
在
processMessage(ClientHandshaker.java:209)
位于sun.security.ssl.Handshaker.processLoop(Handshaker.java:901)
sun.security.ssl.Handshaker.process_记录(Handshaker.java:837)位于
sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023)位于
sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
在
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
在
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
在
org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:394)
在
org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:353)
在
org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:141)
在
org.apache.http.impl.conn.poolighttpclientconnectionmanager.connect(poolighttpclientconnectionmanager.java:353)
在
org.apache.http.impl.execchain.MainClientExec.buildRoute(MainClientExec.java:380)
在
org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
在
org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184)
在
org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)
在
org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
在
org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)
在
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:71)
在
net.windward.util.AccessProviders.SampleDigestRequest.main(SampleDigestRequest.java:82)
原因:sun.security.validator.validator异常:PKIX路径
建筑失败:
sun.security.provider.certpath.SunCertPathBuilderException:无法
在上找到请求目标的有效证书路径
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
在
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
已断开与目标VM的连接,地址:“127.0.0.1:59052”,
传输:“套接字”位于
位于的sun.security.validator.validator.validate(validator.java:260)
sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
在
sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
在
sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
在
server证书(ClientHandshaker.java:1428)
... 又有19人因以下原因而受伤:
sun.security.provider.certpath.SunCertPathBuilderException:无法
在上找到请求目标的有效证书路径
SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)
位于java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)
在
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
... 25多
jdk似乎不信任您在服务器上使用的tls/ssl证书。例如,自签名证书很常见。虽然浏览器通常允许您在这种情况下继续,但jdk默认情况下会删除这种连接。@korolar好的,我不明白。为什么我需要证书才能访问网站?他们需要证书,但我为什么需要证书?你不需要证书。你需要信任网站的证书。@korolar-哦,这很有道理。有没有一种方式可以说我信任任何网站,所以它会处理自签名网站?请参阅以下答案:。