https摘要请求失败,出现安全异常

时间:2017-03-31 17:10:23

标签: java apache-httpclient-4.x digest-authentication

我正在使用Aapache httpclient代码来读取具有摘要式身份验证的网址。我遇到了安全违规行为。此网址/用户名/密码在浏览器中正常运行。怎么了?

public static void main(String[] args) throws Exception {

    String url = "https://httpbin.org/digest-auth/auth/user/passwd";
    String username = "user";
    String password = "passwd";

    CookieStore cookieStore = new BasicCookieStore();
    BasicClientCookie cookie = new BasicClientCookie("fake", "fake_value");
    cookie.setDomain("httpbin.org");
    cookie.setPath("/");
    cookieStore.addCookie(cookie);


    // get the host
    HttpHost httpHost = URIUtils.extractHost(new URI(url));

    CredentialsProvider credsProvider = new BasicCredentialsProvider();
    credsProvider.setCredentials(new AuthScope(httpHost.getHostName(), httpHost.getPort()), new UsernamePasswordCredentials(username, password));

    CloseableHttpClient httpClient = HttpClients.custom()
            .setDefaultCookieStore(cookieStore)
            .setDefaultCredentialsProvider(credsProvider)
            .setRedirectStrategy(new LaxRedirectStrategy())
            .build();

    // Create AuthCache instance
    // Generate BASIC scheme object and add it to the local auth cache
    AuthCache authCache = new BasicAuthCache();
    DigestScheme digestAuth = new DigestScheme();
    digestAuth.overrideParamter("realm", "support@windward.net");
    digestAuth.overrideParamter("nonce", calculateNonce());
    authCache.put(httpHost, digestAuth);

    // Add AuthCache to the execution context
    HttpClientContext localContext = HttpClientContext.create();
    localContext.setAuthCache(authCache);


    CloseableHttpResponse response = null;
    HttpGet httpGet = new HttpGet(url);
    response = httpClient.execute(httpHost, httpGet, localContext);
    if (response.getStatusLine().getStatusCode() != 200)
        throw new IOException("Error: " + response.getStatusLine() + ". Reading url " + url);
    HttpEntity entity = response.getEntity();
    InputStream stream = entity.getContent();
}

private static synchronized String calculateNonce() {

    Date d = new Date();
    SimpleDateFormat f = new SimpleDateFormat("yyyy:MM:dd:hh:mm:ss");
    String fmtDate = f.format(d);
    Random rand = new Random(100000);
    Integer randomInt = rand.nextInt();
    return org.apache.commons.codec.digest.DigestUtils.md5Hex(fmtDate + randomInt.toString());
}

例外:

  

线程“main”中的异常javax.net.ssl.SSLHandshakeException:   sun.security.validator.ValidatorException:PKIX路径构建失败:   sun.security.provider.certpath.SunCertPathBuilderException:无法   找到所请求目标的有效证书路径   sun.security.ssl.Alerts.getSSLException(Alerts.java:192)at   sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1904)at at   sun.security.ssl.Handshaker.fatalSE(Handshaker.java:279)at   sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273)at   sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1446)     在   sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209)     在sun.security.ssl.Handshaker.processLoop(Handshaker.java:901)at at   sun.security.ssl.Handshaker.process_record(Handshaker.java:837)at   sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023)at at   sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)     在   sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)     在   sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)     在   org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:394)     在   org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:353)     在   org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:141)     在   org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:353)     在   org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:380)     在   org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)     在   org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184)     在   org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)     在   org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)     在   org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)     在   org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:71)     在   net.windward.util.AccessProviders.SampleDigestRequest.main(SampleDigestRequest.java:82)   引起:sun.security.validator.ValidatorException:PKIX路径   建筑失败:   sun.security.provider.certpath.SunCertPathBuilderException:无法   找到所请求目标的有效证书路径   sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)     在   sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)   断开与目标VM的连接,地址:'127.0.0.1:59052',   运输:'插座'在   sun.security.validator.Validator.validate(Validator.java:260)at   sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)     在   sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)     在   sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)     在   sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1428)     ... 19更多引起:   sun.security.provider.certpath.SunCertPathBuilderException:无法   找到所请求目标的有效证书路径   sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)     在java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)     在   sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)     ......还有25个

0 个答案:

没有答案