Java https摘要请求失败，出现安全异常_Java_Apache Httpclient 4.x_Digest Authentication

Java https摘要请求失败，出现安全异常

java

Java https摘要请求失败，出现安全异常,java,apache-httpclient-4.x,digest-authentication,Java,Apache Httpclient 4.x,Digest Authentication,我正在使用Aapache httpclient代码来读取具有摘要身份验证的url。我被违反了安全规定。此url/用户名/密码在浏览器中工作正常。怎么了 public static void main(String[] args) throws Exception { String url = "https://httpbin.org/digest-auth/auth/user/passwd"; String username = "user"; String passw

我正在使用Aapache httpclient代码来读取具有摘要身份验证的url。我被违反了安全规定。此url/用户名/密码在浏览器中工作正常。怎么了

public static void main(String[] args) throws Exception {

    String url = "https://httpbin.org/digest-auth/auth/user/passwd";
    String username = "user";
    String password = "passwd";

    CookieStore cookieStore = new BasicCookieStore();
    BasicClientCookie cookie = new BasicClientCookie("fake", "fake_value");
    cookie.setDomain("httpbin.org");
    cookie.setPath("/");
    cookieStore.addCookie(cookie);


    // get the host
    HttpHost httpHost = URIUtils.extractHost(new URI(url));

    CredentialsProvider credsProvider = new BasicCredentialsProvider();
    credsProvider.setCredentials(new AuthScope(httpHost.getHostName(), httpHost.getPort()), new UsernamePasswordCredentials(username, password));

    CloseableHttpClient httpClient = HttpClients.custom()
            .setDefaultCookieStore(cookieStore)
            .setDefaultCredentialsProvider(credsProvider)
            .setRedirectStrategy(new LaxRedirectStrategy())
            .build();

    // Create AuthCache instance
    // Generate BASIC scheme object and add it to the local auth cache
    AuthCache authCache = new BasicAuthCache();
    DigestScheme digestAuth = new DigestScheme();
    digestAuth.overrideParamter("realm", "support@windward.net");
    digestAuth.overrideParamter("nonce", calculateNonce());
    authCache.put(httpHost, digestAuth);

    // Add AuthCache to the execution context
    HttpClientContext localContext = HttpClientContext.create();
    localContext.setAuthCache(authCache);


    CloseableHttpResponse response = null;
    HttpGet httpGet = new HttpGet(url);
    response = httpClient.execute(httpHost, httpGet, localContext);
    if (response.getStatusLine().getStatusCode() != 200)
        throw new IOException("Error: " + response.getStatusLine() + ". Reading url " + url);
    HttpEntity entity = response.getEntity();
    InputStream stream = entity.getContent();
}

private static synchronized String calculateNonce() {

    Date d = new Date();
    SimpleDateFormat f = new SimpleDateFormat("yyyy:MM:dd:hh:mm:ss");
    String fmtDate = f.format(d);
    Random rand = new Random(100000);
    Integer randomInt = rand.nextInt();
    return org.apache.commons.codec.digest.DigestUtils.md5Hex(fmtDate + randomInt.toString());
}

例外情况：

线程“main”javax.net.ssl.SSLHandshakeException中的异常： sun.security.validator.validator异常：PKIX路径生成失败： sun.security.provider.certpath.SunCertPathBuilderException:无法在上找到请求目标的有效证书路径位于的sun.security.ssl.Alerts.getSSLException（Alerts.java:192） sun.security.ssl.SSLSocketImpl.fatal（SSLSocketImpl.java:1904）位于 sun.security.ssl.Handshaker.fatalSE（Handshaker.java:279）位于 sun.security.ssl.Handshaker.fatalSE（Handshaker.java:273）位于 server证书（ClientHandshaker.java:1446）在 processMessage（ClientHandshaker.java:209）位于sun.security.ssl.Handshaker.processLoop（Handshaker.java:901） sun.security.ssl.Handshaker.process_记录（Handshaker.java:837）位于 sun.security.ssl.SSLSocketImpl.readRecord（SSLSocketImpl.java:1023）位于 sun.security.ssl.SSLSocketImpl.performInitialHandshake（SSLSocketImpl.java:1332）在 sun.security.ssl.SSLSocketImpl.startHandshake（SSLSocketImpl.java:1359）在 sun.security.ssl.SSLSocketImpl.startHandshake（SSLSocketImpl.java:1343）在 org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket（SSLConnectionSocketFactory.java:394）在 org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket（SSLConnectionSocketFactory.java:353）在 org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect（DefaultHttpClientConnectionOperator.java:141）在 org.apache.http.impl.conn.poolighttpclientconnectionmanager.connect（poolighttpclientconnectionmanager.java:353）在 org.apache.http.impl.execchain.MainClientExec.buildRoute（MainClientExec.java:380）在 org.apache.http.impl.execchain.MainClientExec.execute（MainClientExec.java:236）在 org.apache.http.impl.execchain.ProtocolExec.execute（ProtocolExec.java:184）在 org.apache.http.impl.execchain.RetryExec.execute（RetryExec.java:88）在 org.apache.http.impl.execchain.RedirectExec.execute（RedirectExec.java:110）在 org.apache.http.impl.client.InternalHttpClient.doExecute（InternalHttpClient.java:184）在 org.apache.http.impl.client.CloseableHttpClient.execute（CloseableHttpClient.java:71）在 net.windward.util.AccessProviders.SampleDigestRequest.main（SampleDigestRequest.java:82）原因：sun.security.validator.validator异常：PKIX路径建筑失败： sun.security.provider.certpath.SunCertPathBuilderException:无法在上找到请求目标的有效证书路径 sun.security.validator.PKIXValidator.doBuild（PKIXValidator.java:385）在 sun.security.validator.PKIXValidator.engineValidate（PKIXValidator.java:292）已断开与目标VM的连接，地址：“127.0.0.1:59052”，传输：“套接字”位于位于的sun.security.validator.validator.validate（validator.java:260） sun.security.ssl.X509TrustManagerImpl.validate（X509TrustManagerImpl.java:326）在 sun.security.ssl.X509TrustManagerImpl.checkTrusted（X509TrustManagerImpl.java:231）在 sun.security.ssl.X509TrustManagerImpl.checkServerTrusted（X509TrustManagerImpl.java:126）在 server证书（ClientHandshaker.java:1428） ... 又有19人因以下原因而受伤： sun.security.provider.certpath.SunCertPathBuilderException:无法在上找到请求目标的有效证书路径 SunCertPathBuilder.engineBuild（SunCertPathBuilder.java:196）位于java.security.cert.CertPathBuilder.build（CertPathBuilder.java:268）在 sun.security.validator.PKIXValidator.doBuild（PKIXValidator.java:380） ... 25多

jdk似乎不信任您在服务器上使用的tls/ssl证书。例如，自签名证书很常见。虽然浏览器通常允许您在这种情况下继续，但jdk默认情况下会删除这种连接。@korolar好的，我不明白。为什么我需要证书才能访问网站？他们需要证书，但我为什么需要证书？你不需要证书。你需要信任网站的证书。@korolar-哦，这很有道理。有没有一种方式可以说我信任任何网站，所以它会处理自签名网站？请参阅以下答案：。