REST API通过cookie完成会话管理。在Rest Client中,我通过以下方式传递了以下参数:
Body : j_username=username&j_password=password
Headers : Content-Type=application/x-www-form-urlencoded
POST URL = https://websiteAddress.com/portal/j_spring_security_check
Screenshot of Rest Client POST Request Sent
现在,当通过放心发送相同的请求时,用户未经过身份验证。
以下是代码:
Map<String,String> headerList = new HashMap<String,String>();
headerList.put("Content-Type", "application/x-www-form-urlencoded");
Response s = given().cookie("JSESSIONID", "AB52357786D65112097E554EFE4BAC77").auth()
.form(userName, password,
FormAuthConfig.springSecurity().withLoggingEnabled(new LogConfig(captor, true)))
.headers(headerList).when()
.post("/home/mca.html");
if (s.statusCode() == 302) {
String location = s.then().extract().header("Location");
//location found is index.html page i.e.
}
HTTP响应:
HTTP Status : 302
Date Thu, 02 Mar 2017 14:04:49 GMT
Set-Cookie JSESSIONID=41094D46709D0DF9AE9EDA5FE3F083D4; Path=/portal/; HttpOnly
Location http://websiteaddress.com/portal/index.html
Vary Accept-Encoding
Content-Encoding gzip
Content-Length 20
Connection close
Content-Type text/html
有人可以告诉我如何放心地发送相同的请求吗?我不确定用户是否经过身份验证。
注意: Cookie通过会话管理进行管理。