对于基于用户和基于证书的身份验证,我想使用 urllib、urllib2 还是curl?
几个月前,我匆忙编写了一个 Python 程序,该程序可以访问我公司的 Web 服务 API。它以三种不同的模式工作:
1) 无需身份验证的 HTTP
2)带有用户名和密码认证的HTTP
3) HTTPS 与客户端证书身份验证
我得到 1) 与 urllib 一起工作,但遇到了 2) 和 3) 的问题。我最终没有弄清楚它,而是计算了curl的正确命令行参数,并通过os.system()执行它。
现在我可以凭借经验重新编写这个程序,并且我不确定是否应该使用 urllib、urllib2,或者只是坚持使用curl。
urllib 文档提到:
When performing basic authentication, a FancyURLopener instance
calls its prompt_user_passwd() method. The default implementation
asks the users for the required information on the controlling
terminal. A subclass may override this method to support
more appropriate behavior if needed.
它还提到了 urllib.URLopener() 的 **x509 参数:
Additional keyword parameters, collected in x509, may be used for
authentication of the client when using the https: scheme. The
keywords key_file and cert_file are supported to provide an SSL
key and certificate; both are needed to support client
authentication.
但是 urllib2 比 urllib 大 1,所以我自然想用它来代替。 urllib2 文档充满了有关身份验证处理程序的信息,这些处理程序似乎是为上述 2) 设计的,但没有提及客户端证书。
我的问题:我想使用 urllib,因为它似乎支持我需要实现的一切?或者我应该坚持使用curl?
谢谢。
编辑:也许我的问题不够具体,所以这是另一个镜头。我可以用 urllib 实现我想要做的事情吗?或者用urllib2?或者我被迫使用curl 出于必要?
A few months ago, I hastily put together a Python program that hit my company's web services API. It worked in three different modes:
1) HTTP with no authentication
2) HTTP with user-name and password authentication
3) HTTPS with client certificate authentication
I got 1) to work with urllib, but ran into problems with 2) and 3). Instead of figuring it out, I ended up calculating the proper command-line parameters to curl, and executing it via os.system().
Now I get to re-write this program with the benefit of experience, and I'm not sure if I should use urllib, urllib2, or just stick with curl.
The urllib documentation mentions:
When performing basic authentication, a FancyURLopener instance
calls its prompt_user_passwd() method. The default implementation
asks the users for the required information on the controlling
terminal. A subclass may override this method to support
more appropriate behavior if needed.
It also mentions the **x509 argument to urllib.URLopener():
Additional keyword parameters, collected in x509, may be used for
authentication of the client when using the https: scheme. The
keywords key_file and cert_file are supported to provide an SSL
key and certificate; both are needed to support client
authentication.
But urllib2 is one greater than urllib, so naturally I want to use it instead. The urllib2 documentation is full of information about authentication handlers that seem to be designed for 2) above, but makes no mention whatsoever of client certificates.
My question: do I want to use urllib, because it appears to support everything I need to achieve? Or should I just stick with curl?
Thanks.
Edit: Maybe my question isn't specific enough, so here's another shot. Can I achieve what I want to do with urllib? Or with urllib2? Or am I forced to use curl out of necessity?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我相信 mechanize 是您需要的模块。
编辑:
mechanize对象具有此身份验证方法:add_password(self, url, user,password,realm=None)I believe that mechanize is the module you need.
EDIT:
mechanizeobjects have this method for authentication:add_password(self, url, user, password, realm=None)