org.apache.http.client.ClientProtocolException

时间:2012-11-21 13:17:24

标签: java android httpclient x509certificate authentication

我制作了一个Android应用程序,它使用X509证书(位于res / raw / mykeystore.bks文件夹中)签署到9006端口响应的远程服务器。

服务器要求我登录(用户名,密码)。

当我创建HTTPGet时,我有以下例外: org.apache.http.client.ClientProtocolException

这是我的实施:

主要活动:

public void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);
    setContentView(R.layout.activity_main);
    Button b= (Button) findViewById(R.id.button1);
    b.setOnClickListener(new OnClickListener() {

        @Override
        public void onClick(View v) {               
             CredentialsProvider credProvider = new BasicCredentialsProvider();
                credProvider.setCredentials(new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT),
                    new UsernamePasswordCredentials("rat#1", "rat"));
            HttpClient client = new MyHttpClient(getApplicationContext());
               ((AbstractHttpClient) client).setCredentialsProvider(credProvider);

               //final String url = "https://211.92.106.38:9006/KPIRest/testKpi/6";
               final String url = "https://211.92.106.38/KPIRest/testKpi/6";
               HttpGet httpGet = new HttpGet(url);

               try {
                HttpResponse response = client.execute(httpGet);
            } catch (ClientProtocolException e) {
                // TODO Auto-generated catch block
                e.printStackTrace();
            } catch (IOException e) {
                // TODO Auto-generated catch block
                e.printStackTrace();
            }

        }
    });

自定义客户端类:

public class MyHttpClient extends DefaultHttpClient {

final Context context;

public MyHttpClient(Context context) {
    this.context = context;
}

@Override
protected ClientConnectionManager createClientConnectionManager() {

        KeyStore trustStore = null;
            trustStore = KeyStore.getInstance("BKS");

        InputStream in = context.getResources().openRawResource(R.raw.mykeystore);
        try {
            // Initialize the keystore with the provided trusted certificates
            // Also provide the password of the keystore
            trustStore.load(in, "root01".toCharArray());
        } 
        } finally {

                in.close();

        }

        SSLSocketFactory sf=null;

            sf = new MySSLSocketFactory(trustStore);

        sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

        HttpParams params = new BasicHttpParams();
        HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
        HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);

        SchemeRegistry registry = new SchemeRegistry();
        registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
        registry.register(new Scheme("https", sf, 9006));
    return new SingleClientConnManager(params, registry);
}
}

My Customc SSLSoketFactory类:

public class MySSLSocketFactory extends SSLSocketFactory {
SSLContext sslContext = SSLContext.getInstance("TLS");

public MySSLSocketFactory(KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
    super(truststore);

    TrustManager tm = new X509TrustManager() {
        public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        }

        public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        }

        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    };

    sslContext.init(null, new TrustManager[] { tm }, null);
}

@Override
public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException {
    return sslContext.getSocketFactory().createSocket(socket, host, port, autoClose);
}

@Override
public Socket createSocket() throws IOException {
    return sslContext.getSocketFactory().createSocket();
}
}

我的申请有什么问题?是什么导致了这种异常?

谢谢大家!

编辑:

我看起来更好了例外:

原因= org.apache.http.auth.MalformedChallengeException:身份验证质询为空。

编辑2:

我尝试使用this实现没有区别,我也有同样的例外!

编辑3:我已经取代了

 CredentialsProvider credProvider = new BasicCredentialsProvider();
                credProvider.setCredentials(new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT),
                    new UsernamePasswordCredentials("rat#1", "rat"));

客户端).setCredentialsProvider(credProvider);

使用基本httpclient autentication,将标题Authorization添加到httpGet:

  httpGet.addHeader("Authorization", "Basic "+Base64.encodeToString("rat#1:rat".getBytes(),Base64.DEFAULT));

现在服务器发给我这条消息:

HTTP/1.1 400 Bad Request

1 个答案:

答案 0 :(得分:11)

问题是授权标题。

我们必须使用:

httpGet.addHeader("Authorization", "Basic "+Base64.encodeToString("rat#1:rat".getBytes(),Base64.NO_WRAP));

而不是:

httpGet.addHeader("Authorization", "Basic "+Base64.encodeToString("rat#1:rat".getBytes(),Base64.DEFAULT));

因为DEFAULT参数在字符串的末尾添加“CR”行终止符,如果你将它用于那个标题,那么它是不正确的。

相关问题
最新问题