为什么httpclient会为每个请求刷新会话ID?

时间:2013-03-22 19:32:07

标签: cookies httpcontext apache-httpclient-4.x jsessionid cookiestore

我试图点击一个网址(登录屏幕),获取jsessionid(J2EEJSESSIONID)并将其添加到cookie存储中,然后添加到上下文中并使用凭据命中相同的URL。我期待登录成功的屏幕。 但是我再次登录登录屏幕。 并且,我打印了两个命中的响应标题。我期待使用相同的J2EESESSIONID的响应来维护会话。相反,会话ID都不同。请帮助。

请找到以下代码:

    HttpEntity entity = null;
    DefaultHttpClient httpClient = new DefaultHttpClient();
    try{

        // Initialization
        HttpPost httpPost = new HttpPost("https://yyyyy.xxx.com/enl");
        HttpClientExample httpClientExample = new HttpClientExample();
        CookieStore cookieStore = new BasicCookieStore();
        HttpContext httpContext = new BasicHttpContext();
        httpContext.setAttribute(ClientContext.COOKIE_STORE, cookieStore);
        HttpGet httpGet = new HttpGet("https://yyyyy.xxx.com/enl");

        // Execute Get
        HttpResponse httpResponse = httpClient.execute(httpGet, httpContext);

        // Print the header for 1st url
        org.apache.http.Header[] headers = httpResponse.getAllHeaders();
        System.out.println("##### Header length::"+headers.length);
        for(int i=0;i<headers.length; i++)
        {
            System.out.println("Header Name::"+headers[i].getName());
            System.out.println("Header Val::"+headers[i].getValue());
        }  

        // update Cookie for the next hit
        org.apache.http.Header[] cookieHeaders = httpResponse.getHeaders("Set-Cookie");
        String html = EntityUtils.toString(httpResponse.getEntity());
        cookieStore = httpClientExample.updateCookieStore(cookieHeaders, cookieStore);
        httpClient.setCookieStore(cookieStore);
        httpContext.setAttribute(ClientContext.COOKIE_STORE, cookieStore);

        // Setting the redirects since i received 302 error
        httpClient.setRedirectStrategy(new DefaultRedirectStrategy() {                
            public boolean isRedirected(HttpRequest request, HttpResponse response, HttpContext context)  {
                boolean isRedirect=false;
                try {
                    isRedirect = super.isRedirected(request, response, context);
                } catch (ProtocolException e) {
                    // TODO Auto-generated catch block
                    e.printStackTrace();
                }
                if (!isRedirect) {
                    int responseCode = response.getStatusLine().getStatusCode();
                    if (responseCode == 301 || responseCode == 302) {
                        return true;
                    }
                }
                return false;
            }
        });

        // Added because i received Circular redirect error
        httpClient.getParams().setParameter(ClientPNames.ALLOW_CIRCULAR_REDIRECTS, true); 

        // Execute Post with credentials
         httpClient.getCredentialsProvider().setCredentials(
                 new AuthScope("http://yyyyy.xxx.com", 443),
                 new UsernamePasswordCredentials("usr", "pswd"));
         httpPost.setHeader("Cookie", "JSESSIONID="+ getSessionId(cookieHeaders));
         HttpResponse response = httpClient.execute(httpPost, httpContext);


       // Print the response
        entity = response.getEntity();
        InputStream content1 = (InputStream)entity.getContent();
        System.out.println("############### 2nd #####################"+response.getStatusLine().getStatusCode());
        BufferedReader in1   = 
            new BufferedReader (new InputStreamReader (content1));
        String line1;
        while ((line1 = in1.readLine()) != null) {
            System.out.println(line1);
        }

        // Print the header for 2nd url
        org.apache.http.Header[] headers1 = response.getAllHeaders();
        System.out.println("##### Header length 2 ::"+headers1.length);
        for(int i=0;i<headers1.length; i++)
        {
            System.out.println("Header Name 2 ::"+headers1[i].getName());
            System.out.println("Header Val 2 ::"+headers1[i].getValue());
        }  



    }
    catch(Exception e)
    {
        e.printStackTrace();
    }
    finally{

        try {
            EntityUtils.consume(entity);
        } catch (IOException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
        httpClient.getConnectionManager().shutdown();
    }
}

private static String getSessionId(org.apache.http.Header[] headers) {
    // TODO Auto-generated method stub

    for(int i=0;i<headers.length; i++)
    {
        String str = headers[i].getValue();
        String[] strArray = str.split("=");
        String[] cookieValueArray = strArray[1].split(";");
        System.out.println(strArray[0]+"|"+cookieValueArray[0]);
        if(strArray[0].startsWith("J2EEJSESSION"))
        {
            System.out.println("cookieValueArray[0]:"+cookieValueArray[0]);
            return cookieValueArray[0];
        }

    }
    return null;
}

protected CookieStore updateCookieStore(org.apache.http.Header[] headers, CookieStore cookieStore)
{
    for(int i=0;i<headers.length; i++)
    {
        String str = headers[i].getValue();
        String[] strArray = str.split("=");
        String[] cookieValueArray = strArray[1].split(";");
        System.out.println(strArray[0]+"|"+cookieValueArray[0]);
        BasicClientCookie cookie = new BasicClientCookie(strArray[0], "A"+cookieValueArray[0]);
        /*if(strArray[0].startsWith("J2EEJSESSION"))
        {
            cookie.setDomain("yyyyy.xxx.com");
        }
        else
        {
            cookie.setDomain(".xxx.com");
        }*/

        cookie.setDomain(".xxx.com");
        cookie.setPath("/");
        cookieStore.addCookie(cookie);
        if(strArray[0].startsWith("J2EEJSESSION"))
        {
            BasicClientCookie cookie1 = new BasicClientCookie("JSESSIONID", "A"+cookieValueArray[0]);
            cookie1.setDomain(".xxx.com");
            cookie1.setPath("/");
            cookieStore.addCookie(cookie1);
        }
    }
    return cookieStore;
}

另一个观察: 当我从下面的片段中删除“A”concat时,我没有在第二次点击中获得J2EESESSIONID:

BasicClientCookie cookie = new BasicClientCookie(strArray [0],“A”+ cookieValueArray [0]);

1 个答案:

答案 0 :(得分:1)

在我发布这个问题的同一天找到答案..想分享.. 答案非常简单。由于某些原因,身份验证不成功,因此创建了新的jsessionId。将“httpClient.getCredentialsProvider()。setCredentials()”替换为“BasicNameValuePair”并且它有效:)