编程实现basic客户端认证

bati99

浏览: 74611 次
性别:
来自: 武汉

最近访客更多访客>>

zhangzi

jaee

lingyu5219

shine_panda

博主相关

博客

微博

相册

留言

关于我

文章分类

社区版块

存档分类

博客分类：

Java
eclipse

xml java http

下面我们来示范一下如何使用basic认证。假设我们在basic.jsp中需要远程调用http://localhost:8080/ch104 /admin.jsp的内容。这时为了能够通过Spring Security的权限检测，我们需要在请求的头部加上basic所需的认证信息。

String username = "admin";
String password = "admin";
byte[] token = (username + ":" + password).getBytes("utf-8");
String authorization = "Basic " + new String(Base64.encodeBase64(token), "utf-8");

URL url = new URL("http://localhost:8080/ch104/admin.jsp");
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestProperty("Authorization", authorization);

我们先将用户名和密码拼接成一个字符串，两者之间使用“:”分隔。

然后使用commons-codec的Base64将这个字符串加密。在进行basic认证的时候Spring Security会使用commons-codec把这段字符串反转成用户名和密码，再进行认证操作。

下一步为加密后得到的字符串添加一个前缀"Basic "，这样Spring Security就可以通过这个判断客户端是否使用了basic认证。

将上面生成的字符串设置到请求头部，名称为“Authorization”。Spring Security会在认证时，获取头部信息进行判断。

下面是通过鉴权认证访问指定地址的代码：

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStreamWriter;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.Scanner;

//import com.sun.org.apache.xerces.internal.impl.dv.util.Base64;
import org.apache.commons.codec.binary.Base64;
//import org.apache.taglibs.standard.lang.jpath.adapter.Convert;

/**
 * This is a stub class with a main method to run an iDigi web service.
 */
public class PostTest {

	/**
	 * Run the web service request
	 */
	public static void main(String[] args) {

		try {
			// Create url to the iDigi server for a given web service request
			URL url = new URL("http://developer.idigi.com:80/ws/sci");
			HttpURLConnection conn = (HttpURLConnection) url.openConnection();
			conn.setDoOutput(true);
			conn.setRequestMethod("POST"); 
			String username = "admin";
			String password = "admin";
			byte[] token = (username + ":" + password).getBytes("utf-8");
			String encodedAuthorization = new String(Base64.encodeBase64(token), "utf-8");
			conn.setRequestProperty("Authorization", "Basic "+ encodedAuthorization);
			 // Send data to server
		  	conn.setRequestProperty("Content-Type", "text/xml");
			OutputStreamWriter out = new OutputStreamWriter(conn.getOutputStream());
			out.write("<!-- \r\n");
			out.write("See http://www.digi.com/wiki/developer/index.php/Rci for\r\n");
			out.write("an example of a python implementation on a NDS device to\r\n");
			out.write("handle this SCI request\r\n");
			out.write("-->\r\n");
			out.write("<sci_request version=\"1.0\">\r\n");
			out.write("  <send_message>\r\n");
			out.write("    <targets>\r\n");
			out.write("      <device id=\"00000000-00000000-00409DFF-FF4A4244\"/>\r\n");
			out.write("    </targets>\r\n");
			out.write("    <rci_request version=\"1.1\">\r\n");
			out.write("      <do_command target=\"idigi_dia\">\r\n");
			out.write("        <channel_dump/>\r\n");
			out.write("      </do_command>\r\n");
			out.write("    </rci_request>\r\n");
			out.write("  </send_message>\r\n");
			out.write("</sci_request>\r\n");
			out.close();
			// Get input stream from response and convert to String
			conn.disconnect();
			conn.setDoInput(true);
			InputStream is = conn.getInputStream();
			Scanner isScanner = new Scanner(is);
			StringBuffer buf = new StringBuffer();
			while(isScanner.hasNextLine()) {	
				buf.append(isScanner.nextLine() +"\n");
			}
			String responseContent = buf.toString();
			// Output response to standard out
			System.out.println(responseContent);
		} catch (IOException e) { 
			// Print any exceptions that occur
			e.printStackTrace();
		}
	}
}

分享到：

ssh 免密码登录 | 用ajax实现检测注册用户名是否重复的完整 ...

2012-04-01 16:18
浏览 3640
评论(0)
分类:编程语言
查看更多

发表评论

您还没有登录,请您登录后再发表评论

最近访客更多访客>>

博主相关

文章分类

社区版块

存档分类

最新评论