Location>code7788 >text

Digest Auth Digest Authentication

Popularity:830 ℃/2024-08-09 15:00:30
package ; import ; import ; import org.; import org.; import .*; import .*; import ; import ; import ; import ; import .X509Certificate; import ; import .; import ; import ; import ; import ; import ; import ; import ; import ; import ; import ; import ; import .*; import ; import ; /** * Generic http send method * *@author ywb */ public class HttpUtils { private static final Logger log = (HttpUtils.class); /** * Send a request for the GET method to the specified URL * *@param url The URL to send the request to *URL to send the request to@param param request parameter, the request parameter should be of the form name1=value1&name2=value2. *@return Response results for the represented remote resource */ public static String sendGet(String url, String param) { return sendGet(url, param, Constants.UTF8); } /** * Send a request for the GET method to the specified URL * *@param url The URL to send the request to *URL to send the request to@param param request parameter, the request parameter should be of the form name1=value1&name2=value2. *@param contentType encoding type *@return Response results for the represented remote resource */ public static String sendGet(String url, String param, String contentType) { StringBuilder result = new StringBuilder(); BufferedReader in = null; try { String urlNameString = url + "?" + param; ("sendGet - {}", urlNameString); URL realUrl = new URL(urlNameString); URLConnection connection = (); ("accept", "*/*"); ("connection", "Keep-Alive"); ("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)"); (); in = new BufferedReader(new InputStreamReader((), contentType)); String line; while ((line = ()) != null) { (line); } ("recv - {}", result); } catch (ConnectException e) { ("Call ConnectException, url=" + url + ",param=" + param, e); } catch (SocketTimeoutException e) { ("Called SocketTimeoutException, url=" + url + ",param=" + param, e); } catch (IOException e) { ("Called IOException, url=" + url + ",param=" + param, e); } catch (Exception e) { ("Call Exception, url=" + url + ",param=" + param, e); } finally { try { if (in != null) { (); } } catch (Exception ex) { ("Call Exception, url=" + url + ",param=" + param, ex); } } return (); } /** * Sends a request for the POST method to the specified URL * *@param url The URL to send the request to *URL to send the request to@param param request parameter, the request parameter should be of the form name1=value1&name2=value2. *@return Response results for the represented remote resource */ public static String sendPost(String url, String param) { PrintWriter out = null; BufferedReader in = null; StringBuilder result = new StringBuilder(); try { String urlNameString = url; ("sendPost - {}", urlNameString); URL realUrl = new URL(urlNameString); URLConnection conn = (); ("accept", "*/*"); ("connection", "Keep-Alive"); ("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)"); ("Accept-Charset", "utf-8"); ("contentType", "utf-8"); (true); (true); out = new PrintWriter(()); (param); (); in = new BufferedReader(new InputStreamReader((), "utf-8")); String line; while ((line = ()) != null) { (line); } ("recv - {}", result); } catch (ConnectException e) { ("Call ConnectException, url=" + url + ",param=" + param, e); } catch (SocketTimeoutException e) { ("Called SocketTimeoutException, url=" + url + ",param=" + param, e); } catch (IOException e) { ("Called IOException, url=" + url + ",param=" + param, e); } catch (Exception e) { ("Call Exception, url=" + url + ",param=" + param, e); } finally { try { if (out != null) { (); } if (in != null) { (); } } catch (IOException ex) { ("Call Exception, url=" + url + ",param=" + param, ex); } } return (); } public static String sendSSLPost(String url, String param) { StringBuilder result = new StringBuilder(); String urlNameString = url + "?" + param; try { ("sendSSLPost - {}", urlNameString); SSLContext sc = ("SSL"); (null, new TrustManager[]{new TrustAnyTrustManager()}, new ()); URL console = new URL(urlNameString); HttpsURLConnection conn = (HttpsURLConnection) (); ("accept", "*/*"); ("connection", "Keep-Alive"); ("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)"); ("Accept-Charset", "utf-8"); ("contentType", "utf-8"); (true); (true); (()); (new TrustAnyHostnameVerifier()); (); InputStream is = (); BufferedReader br = new BufferedReader(new InputStreamReader(is)); String ret = ""; while ((ret = ()) != null) { if (ret != null && !"".equals(())) { (new String(("ISO-8859-1"), "utf-8")); } } ("recv - {}", result); (); (); } catch (ConnectException e) { ("Call ConnectException, url=" + url + ",param=" + param, e); } catch (SocketTimeoutException e) { ("Called SocketTimeoutException, url=" + url + ",param=" + param, e); } catch (IOException e) { ("Called IOException, url=" + url + ",param=" + param, e); } catch (Exception e) { ("Call Exception, url=" + url + ",param=" + param, e); } return (); } /** * :: Digest authentication Two requests * *@param url * @return Return results */ public static String doPostDigest(String url, String uri, String username, String password, String requestXml) { CloseableHttpClient httpClient = null; CloseableHttpResponse response = null; HttpPost httpPost = null; String strResponse = null; try { httpClient = (); // httpClient = new SSLClient(); httpPost = new HttpPost(url); // constructor header ("Content-Type", "application/xml"); ("X-Requested-With", "XMLHttpRequest"); ("Cache-Control", "no-cache"); //Setting up the cache ("Connection", "Close"); builder = (); (5000); //Setting the request time (8000); //Setting the timeout period (false);//Set whether or not to jump links (reverse proxy) // Setting Connection Properties (()); StringEntity entityss = new StringEntity(requestXml, "utf-8"); (entityss); // execute a request response = (httpPost); HttpEntity responseEntity = (); // Check Return Code int statusCode = ().getStatusCode(); ("First Send Summary Authentication Post Request Return Code:{}" + statusCode); if (401 == statusCode) { strResponse = (responseEntity, "utf-8"); ("Post request 401 returned result:{}" + strResponse); // Organizational parameters to initiate a second request Header[] headers = ("WWW-Authenticate"); HeaderElement[] elements = headers[0].getElements(); String realm = null; String qop = null; String nonce = null; String opaque = null; String method = "POST"; for (HeaderElement element : elements) { if (().equals("Digest realm")) { realm = (); } else if (().equals("qop")) { qop = (); } else if (().equals("nonce")) { nonce = (); } else if (().equals("opaque")) { opaque = (); } } // Above is the data returned after getting the first request String nc = "00000001"; String cnonce = "uniview"; // Later becomes configurable String a1 = username + ":" + realm + ":" + password; String a2 = method + ":" + uri; String response1 = null; // Get the Digest string String backString = ("WWW-Authenticate").getValue(); try { response1 = DigestUtils.md5Hex((DigestUtils.md5Hex(("UTF-8")) + ":" + nonce + ":" + nc + ":" + "uniview" + ":" + qop + ":" + DigestUtils.md5Hex(("UTF-8"))).getBytes("UTF-8")); } catch (UnsupportedEncodingException e) { ("MD5 exception: {}" + (), e); } ("Authorization", backString + ",username=\"" + username + "\"" + ",realm=\"" + realm + "\"" + ",nonce=\"" + nonce + "\"" + ",uri=\"" + uri + "\"" + ",qop=\"" + qop + "\"" + ",nc=\"" + nc + "\"" + ",cnonce=\"" + cnonce + "\"" + ",response=\"" + response1 + "\"" + ",opaque=\"" + opaque); // Send a second request response = (httpPost); HttpEntity entity = (); int statusCode1 = ().getStatusCode(); ("Second Send Summary Authentication Post Request Return Code:{}" + statusCode1); if (HttpStatus.SC_OK == statusCode1) { strResponse = (entity, StandardCharsets.UTF_8); ("Send strResponse a second time" + strResponse); return strResponse; } else { strResponse = (entity, StandardCharsets.UTF_8); ("Second forensic authentication request non 200 Return result:{}" + strResponse); return strResponse; } } else { strResponse = (responseEntity, StandardCharsets.UTF_8); ("First forensic authentication request non-401 Return result:{}" + strResponse); } } catch (Exception e) { ("Digest authentication Failed to send request" + (), e); } finally { if (null != httpPost) { (); } if (null != response) { try { (); } catch (IOException e) { ("httpResponse stream closure exception:", e); } } if (null != httpClient) { try { (); } catch (IOException e) { ("httpClient stream closure exception:", e); } } } return strResponse; } private static class TrustAnyTrustManager implements X509TrustManager { @Override public void checkClientTrusted(X509Certificate[] chain, String authType) { } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) { } @Override public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[]{}; } } private static class TrustAnyHostnameVerifier implements HostnameVerifier { @Override public boolean verify(String hostname, SSLSession session) { return true; } } @Test public void testHttpPostRaw() { final String url = "http://18.18.167.120/ISAPI/Traffic/ContentMgmt/Statistic/operator"; final String uri = "/ISAPI/Traffic/ContentMgmt/Statistic/operator"; final String encode = "utf-8"; String requestXml = "<?xml version='1.0' encoding='utf-8'?>" + "<StatisticOperator>" + "<operationType>search</operationType>" + "<searchCond>" + "<searchID>CAD8E0D6-1480-0001-C0B7-1E50E290140D</searchID>" + "<timeSpanList><timeSpan>" + "<startTime>2024-06-21T15:25:10Z</startTime>" + "<endTime>2024-06-21T15:27:59Z</endTime>" + "</timeSpan></timeSpanList>" + "<maxResults>20</maxResults>" + "<searchResultPosition>0</searchResultPosition>" + "</searchCond>" + "</StatisticOperator>"; final HashMap<String, String> headers = new HashMap<String, String>(); ("Content-Type", "application/x-www-form-urlencoded"); ("X-Requested-With", "XMLHttpRequest"); (doPostDigest(url, uri, "admin", "123456", requestXml));
<Previous Next>