我正在尝试使用this API。问题是通过https获取带有GET方法的JSON对象。我不知道为什么,但我得到输出HTTP/1.1 401 Unauthorized
。用户和密码是正确的。我做错了什么?
文件/Users/pmichna/Desktop/my.truststore
由
keytool -import -alias "my server cert" -file server.crt -keystore my.truststore
其中server.crt
是使用Firefox下载的证书。
我的代码:
public class Locator
{
private final String url;
private String host;
public Locator(String host, int port)
{
url = "https://" + host + ":" + port + "/rest/terminal_location/location?query=";
this.host = host;
}
protected static TrustManager[] getTrustManagers(String trustStoreType, InputStream trustStoreFile) throws Exception {
KeyStore trustStore = KeyStore.getInstance(trustStoreType);
trustStore.load(trustStoreFile, null);
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(trustStore);
return tmf.getTrustManagers();
}
public void GetPhoneLocation(String phoneNumber, int acceptableAccuracy, int requestedAccuracy, Tolerance tolerance, int maxAge, int responseTime)
{
String charset = "UTF-8";
String rawQuery = String.format(getLocationQuery(phoneNumber, acceptableAccuracy, requestedAccuracy, tolerance, maxAge, responseTime));
DefaultHttpClient httpClient = new DefaultHttpClient();
httpClient.getCredentialsProvider().setCredentials(
new AuthScope("https://openmiddleware.pl", 443),
new UsernamePasswordCredentials("user", "pass"));
try
{
String encodedQuery = URLEncoder.encode(rawQuery, charset);
SSLContext ctx = SSLContext.getInstance("SSL");
TrustManager[] trustManagers = getTrustManagers("jks", new FileInputStream(new File("/Users/pmichna/Desktop/my.truststore")));
ctx.init(null, trustManagers, null);
SSLSocketFactory factory = new SSLSocketFactory(ctx, new StrictHostnameVerifier());
ClientConnectionManager manager = httpClient.getConnectionManager();
manager.getSchemeRegistry().register(new Scheme("https", 443, factory));
HttpGet httpget = new HttpGet(url + encodedQuery);
System.out.println("executing request" + httpget.getRequestLine());
HttpResponse response = httpClient.execute(httpget);
HttpEntity entity = response.getEntity();
System.out.println("----------------------------------------");
System.out.println(response.getStatusLine());
System.out.println(EntityUtils.toString(entity));
if (entity != null) {
System.out.println("Response content length: " + entity.getContentLength());
}
EntityUtils.consume(entity);
} catch (IOException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
} catch (Exception e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
finally
{
httpClient.getConnectionManager().shutdown();
}
}
public enum Tolerance
{
//[...]
}
private String getLocationQuery(String phoneNumber, int acceptableAccuracy, int requestedAccuracy, Tolerance tolerance, int maxAge, int responseTime)
{
//[...]
}
}
输出:
HTTP/1.1 401 Unauthorized
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Draft//EN">
<HTML>
<HEAD>
<TITLE>Error 401--Unauthorized</TITLE>
<META NAME="GENERATOR" CONTENT="WebLogic Server">
</HEAD>
<BODY bgcolor="white">
<FONT FACE=Helvetica><BR CLEAR=all>
<TABLE border=0 cellspacing=5><TR><TD><BR CLEAR=all>
<FONT FACE="Helvetica" COLOR="black" SIZE="3"><H2>Error 401--Unauthorized</H2>
</FONT></TD></TR>
</TABLE>
<TABLE border=0 width=100% cellpadding=10><TR><TD VALIGN=top WIDTH=100% BGCOLOR=white><FONT FACE="Courier New"><FONT FACE="Helvetica" SIZE="3"><H3>From RFC 2068 <i>Hypertext Transfer Protocol -- HTTP/1.1</i>:</H3>
</FONT><FONT FACE="Helvetica" SIZE="3"><H4>10.4.2 401 Unauthorized</H4>
</FONT><P><FONT FACE="Courier New">The request requires user authentication. The response MUST include a WWW-Authenticate header field (section 14.46) containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization header field (section 14.8). If the request already included Authorization credentials, then the 401 response indicates that authorization has been refused for those credentials. If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was given in the response, since that entity MAY include relevant diagnostic information. HTTP access authentication is explained in section 11.</FONT></P>
</FONT></TD></TR>
</TABLE>
</BODY>
</HTML>
答案 0 :(得分:2)
您使用的是AuthScope
httpClient.getCredentialsProvider().setCredentials(
new AuthScope("https://openmiddleware.pl", 443),
new UsernamePasswordCredentials("user", "pass"));
应该是
httpClient.getCredentialsProvider().setCredentials(
new AuthScope("openmiddleware.pl", 443),
new UsernamePasswordCredentials("user", "pass"));
AuthScope采用主机名和端口号。