Ran*_*ion 6 java forms-authentication httpclient
我想访问网站https://myoffice.bt.com的某些页面,这需要使用java进行用户身份验证.我们必须先登录才能访问页面.我有以下代码的wriiten.
package root;
import java.io.IOException;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.UsernamePasswordCredentials;
import org.apache.commons.httpclient.auth.AuthScope;
import org.apache.commons.httpclient.methods.PostMethod;
import org.apache.commons.httpclient.params.HttpMethodParams;
public class Url
{
public static void main(String[] args) throws IOException
{
HttpClient client = new HttpClient();
client.getParams().setParameter(
HttpMethodParams.USER_AGENT,
"Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.2) Gecko/20100316 Firefox/3.6.2"
);
client.getState().setCredentials(
new AuthScope("https://myoffice.bt.com", 443, AuthScope.ANY_REALM),
new UsernamePasswordCredentials("username", "password") );
PostMethod get = new PostMethod("https://myoffice.bt.com/youraccount/default.aspx");
get.setDoAuthentication( true );
System.out.println(get.getFollowRedirects());
//get.setFollowRedirects(true);
try {
// execute the GET
int status = client.executeMethod( get );
// print the status and response
System.out.println(status + "\n" + get.getResponseBodyAsString());
} finally {
// release any connection resources used by the method
get.releaseConnection();
}
}
}
但它会产生以下错误.
> Jun 22, 2010 12:14:40 PM org.apache.commons.httpclient.HttpMethodDirector isRedirectNeeded
INFO: Redirect requested but followRedirects is disabled
302
如果我取消注释get.setFollowingRedirects行,则会出现另一个错误.
Exception in thread "main" java.lang.IllegalArgumentException: Entity enclosing requests cannot be redirected without user intervention
at org.apache.commons.httpclient.methods.EntityEnclosingMethod.setFollowRedirects(Unknown Source)
at root.Url.main(Url.java:30)
有人能帮我一下吗?我们可以使用HttpClient进行基于表单的身份验证吗?
谢谢.
首先 - 请不要命名您的PostMethod变量get.
其次,试试这个:
PostMethod post = new PostMethod("yourUrl")
{
@Override
public boolean getFollowRedirects()
{
return true;
}
};
如果您碰巧遇到"另一方"并希望阻止您的用户受到影响,请303 (See Other)在将POST请求重定向到a GET而不是common (302和301每个RFC)时使用响应代码.常规浏览器往往很好,违反规则而不是要求我们确认这些重定向,但很多移动浏览器仍然可以.
关于基于表单的身份验证的问题 - 您只需要找出要使用的参数名称(例如,查看"通常"登录的网站的来源),然后使用适当的值填充它们:
post.addParameter("username", username);
post.addParameter("password", password);
我在myoffice.bt.com上使用了登录表单,JavaScript中有一些内容.
表格提交给 https://myoffice.bt.com/siteminderagent/forms/login.fcc
提交的表单元素如下(name=value某些值为空):
Segment=btb.hub
SubSegment=
searchType=0
searchPlatform=BEA
lob=btb.hub
queryText=
searchText=
ctl00$masterWebpartManager$gwpCustomLogin1$CustomLogin1$UserName=your@email.com
ctl00$masterWebpartManager$gwpCustomLogin1$CustomLogin1$PWD=yourpwd
ctl00$masterWebpartManager$gwpCustomLogin1$CustomLogin1$RememberMe=on
USER=your@email.com
PASSWORD=yourpwd
SMENC=ISO-8859-1
SMLOCALE=US-EN
userFirstLoginUrl=https://myoffice.bt.com/ManageBusinessApplications/SecretQA.aspx
PrivateLoginSuccessUrl=https://myoffice.bt.com/sm/privatecreatesession.aspx?siteArea=btb.mya
PublicLoginSuccessUrl=https://myoffice.bt.com/sm/createsession.aspx?siteArea=btb.mya
target=https://myoffice.bt.com/sm/privatecreatesession.aspx?siteArea=btb.mya&TARGET=https%3a%2f%2fmyoffice.bt.com%2fdefault.aspx (hidden)
submitStatus=
smauthreason=
smagentname=
postpreservationdata=
AnonUserName=anon@myoffice.bt.com
authMode=SITEMINDER
smUrl=https://myoffice.bt.com/siteminderagent/forms/login.fcc
notSMUrl=https://myoffice.bt.com/default.aspx
smIdentifier=1
尝试将一些或所有这些(至少USER和PASSWORD)添加到您的PostMethod,并确保您提交到正确的URL.