使用 URLConnection 检查用户是否有权访问文档
我们有文档列表的 URL,我们想检查用户是否有权访问这些文档。这些文档需要用户登录和密码才能访问。由于服务器需要 NTLM 身份验证,因此我们使用 JCIFS API 建立到文档的 URL 连接并检查 HTTP 响应代码。如果响应代码为 401,则我们确认用户没有访问权限。通过这种方法,文档是否会下载所有内容?响应时间是否会根据文档的大小而变化?有更好的方法吗?提前致谢。
Config.setProperty("jcifs.smb.client.username", "<user_name>");
Config.setProperty("jcifs.smb.client.password", "<password>");
URL spURL = new URL("http://<host_name>/<folder_name>/<file_name>";
HttpURLConnection httpURLConnection = (HttpURLConnection) spURL
.openConnection();
NtlmHttpURLConnection ntlmHttpURLConnection = new NtlmHttpURLConnection(
httpURLConnection);
int resCode = ntlmHttpURLConnection.getResponseCode()
感谢您的回答。我没有要求下载文档,但我的要求只是检查用户是否有权访问文档。我正在寻找一种响应速度更快且不随文档大小而变化的解决方案。
您好,感谢您将请求类型设置为 HEAD 的建议。有很多以 2、3、4 和 5 开头的 HTTP 响应代码。您能解释一下如何解释吗?我假设以下解释;如果我错了,请纠正我。
- 任何以 2 开头的响应代码都意味着用户有权访问该文档。
- 任何以 3 开头的响应代码,我需要添加更多逻辑以向实际 URL 发出另一个请求?有没有代码可以自动完成此操作?
- 任何带有 401 的响应代码都表示用户没有访问权限。
- 任何以 5 开头的响应代码都表示主机服务器存在问题。
We have URLs to a list of documents and we would like to check if a user has access to those documents. These documents require user login and password to access. Since the server requires NTLM authentication, we are using the JCIFS API to make a URL Connection to the document and checking the HTTP response code. If the response code is 401, then we are confirming that user does not have access. With this approach, does the document download all the content? Does the response time vary depending on the size of the document? Is there a better approach? Thanks in advance.
Config.setProperty("jcifs.smb.client.username", "<user_name>");
Config.setProperty("jcifs.smb.client.password", "<password>");
URL spURL = new URL("http://<host_name>/<folder_name>/<file_name>";
HttpURLConnection httpURLConnection = (HttpURLConnection) spURL
.openConnection();
NtlmHttpURLConnection ntlmHttpURLConnection = new NtlmHttpURLConnection(
httpURLConnection);
int resCode = ntlmHttpURLConnection.getResponseCode()
Thanks for your answers. I do not have a requirement to download the document, but my requirement is only to check if a user has access to a document or not. I am looking for a solution which is faster in terms of response and does not vary depending on the size of the document.
Hi, Thanks for your suggestions to set the request type as HEAD. There are lot of HTTP response codes that start with 2, 3, 4 and 5. Can you please explain me how I can interprese this? I am assuming the following intepretation; please correct me if I am wrong.
- Any response code that starts with 2 means user has access to the document.
- Any response code that starts with 3, I need to add further logic to make another request to actual URL?? Is there a code how this can be done automatically?
- Any response code with 401 indicates user does not have access.
- Any response code starting with 5 indicates, there is a problem with host server.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
怎么样
?
How about
?
当您下载时,实际上没有任何开销。如果您未获得授权,服务器将不会发回文件。
如果您要发布大量数据,则应使用 100-Continue 以确保您可以在继续之前这样做。你可以这样做,
When you download, there is not really any overhead. If you are not authorized, the server is not going to send the file back.
If you are posting large amount of data, you should use 100-Continue to make sure you are allowed to do so before proceeding. You can do it like this,