我正在用Java编写一个小程序,该程序对端点进行一次剩余调用以验证参考ID。我已经用两种不同的方式编写了该程序,当我从PC上运行该程序时,每个程序都可以工作,但是当我将jar文件部署到测试Linux CentOs Server上时,我从终点得到了403 forbidden error,所以我以为也许ip被阻止了,然后我用curl尝试了同样的事情,但是效果很好。
可能是什么问题?可能是ssl证书版本错误吗?
方法1:
public String sendGet(String id) {
restTemplate = new RestTemplate();
log.info("Authorization :::: {}", "Bearer " + this.getApiAuth());
HttpHeaders headers = new HttpHeaders();
headers.set("Authorization", "Bearer " + this.getApiAuth());
List<MediaType> acceptableMediaTypes = new ArrayList<>();
acceptableMediaTypes.add(MediaType.APPLICATION_JSON);
headers.setAccept(acceptableMediaTypes);
headers.setContentType(MediaType.APPLICATION_JSON);
HttpEntity<String> httpRequestEntity = new HttpEntity<>(headers);
ResponseEntity<String> exchange = getRestTemplate().exchange(this.getUrl() + id, HttpMethod.GET, httpRequestEntity, String.class);
log.info("Status Code :::: {}", exchange.getStatusCode());
log.info("Status Code :::: {}", exchange.getBody());
return exchange.getBody();
}
方法2:
public String sendGet(String message) throws Exception {
infoLogger.info("GOING HERE " + url + message);
java.lang.System.setProperty("https.protocols", "TLSv1,TLSv1.1,TLSv1.2");
URL obj = new URL(url + message);
HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();
con.setRequestMethod("GET");
infoLogger.info("Setting Authorization: Bearer " + this.getApiAuth());
con.setRequestProperty("Authorization", "Bearer " +this.getApiAuth());
con.setRequestProperty("Content-Type", MediaType.APPLICATION_JSON_VALUE);
con.setRequestProperty("accept", MediaType.APPLICATION_JSON_VALUE);
int responseCode = con.getResponseCode();
infoLogger.info("\nSending 'GET' request to URL : " + url);
infoLogger.info("Response Code : " + responseCode);
BufferedReader in = null;
String inputLine;
StringBuilder response = new StringBuilder();
if ((200 <= con.getResponseCode()) && (con.getResponseCode() <= 299)) {
if (con.getInputStream() != null) {
in = new BufferedReader(new InputStreamReader(con.getInputStream()));
}
} else if (con.getErrorStream() != null) {
in = new BufferedReader(new InputStreamReader(con.getErrorStream()));
} else {
infoLogger.info("GOT NOTHING ");
}
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
//print result
System.out.println(response.toString());
return response.toString();
}
所以我按照要求进行了.getResponseMessage的操作,但出现以下错误:
访问被拒绝| api.paystack.co使用Cloudflare限制访问主体{margin:0; padding:0}请启用cookie。
错误1010 Ray ID:49f12b9b9bb6c5fa•2019-01-26 07:12:17 UTC
拒绝访问发生了什么事?该网站的所有者(api.paystack.co)已基于浏览器的签名(49f12b9b9bb6c5fa-ua21)禁止您访问。
Cloudflare射线ID: 49f12b9b9bb9bb6c5fa •您的IP:104.248.9.123•Cloudflare的性能和安全性
窗口。_cf_translation= {}; `
答案 0 :(得分:1)
您尝试访问的服务的提供者正在使用CloudFlare。他们正在使用某种浏览器完整性检查(请参阅https://support.cloudflare.com/hc/en-us/articles/200171806-Error-1010-The-owner-of-this-website-has-banned-your-access-based-on-your-browser-s-signature)。
您可以在Java代码中更改签名:
con.setRequestProperty("User-Agent", "My own REST client");
您似乎在PC上使用的JDK与在CentOS服务器上使用的JDK不同,因此Java HttpsURLConnection的签名是不同的。它们当然不同于卷曲。