为什么我的基本身份验证适用于 POST,但不适用于 GET 请求?
下面是我用来调用 REST API 的方法。它可以与 POST 配合使用(即参数 isHttpPOST=true),并从服务器返回结果(需要基本身份验证)。
但是当使用 GET 代码路径 (isHttpPOST=false) 时,身份验证失败,就好像我根本没有提供凭据一样。我不明白为什么,因为身份验证代码适用于 POST 和 GET。
还需要做什么来对 GET 请求进行身份验证?
private static HttpResponse makeHttpApiCall(String url, String json, boolean isHttpPOST, String username, String password)
{
DefaultHttpClient httpClient = new DefaultHttpClient();
UsernamePasswordCredentials creds = new UsernamePasswordCredentials(username, password);
httpClient.getCredentialsProvider().setCredentials(new AuthScope("blah.com", 80), creds);
HttpResponse response;
try {
if ( isHttpPOST )
{
HttpPost httppost = new HttpPost(url);
StringEntity se = new StringEntity(json);
se.setContentEncoding("UTF-8");
httppost.setHeader("Content-Type", "application/json");
httppost.setEntity(se);
response = httpClient.execute(httppost);
}
else
{
HttpGet get = new HttpGet(url);
response = httpClient.execute(get);
}
} catch (ClientProtocolException e) {
Trace.e(TAG, "There was a protocol based error making API call", e);
return null;
} catch (IOException e) {
Trace.e(TAG, "There was an IO Stream related error making API call", e);
return null;
} catch (Exception e) {
Trace.e(TAG, "Failed to get a response from API call (unknown error)", e);
return null;
}
return response;
}
Below is a method I'm using to make calls to a REST API. It works fine with POST (i.e. param isHttpPOST=true), and returns results from the server (which requires basic authentication).
But when using the GET code path (isHttpPOST=false), the authentication fails, as if I provided no credentials at all. I cannot see why, as the auth code applies to POST and GET.
What else needs doing to authenticate on a GET request?
private static HttpResponse makeHttpApiCall(String url, String json, boolean isHttpPOST, String username, String password)
{
DefaultHttpClient httpClient = new DefaultHttpClient();
UsernamePasswordCredentials creds = new UsernamePasswordCredentials(username, password);
httpClient.getCredentialsProvider().setCredentials(new AuthScope("blah.com", 80), creds);
HttpResponse response;
try {
if ( isHttpPOST )
{
HttpPost httppost = new HttpPost(url);
StringEntity se = new StringEntity(json);
se.setContentEncoding("UTF-8");
httppost.setHeader("Content-Type", "application/json");
httppost.setEntity(se);
response = httpClient.execute(httppost);
}
else
{
HttpGet get = new HttpGet(url);
response = httpClient.execute(get);
}
} catch (ClientProtocolException e) {
Trace.e(TAG, "There was a protocol based error making API call", e);
return null;
} catch (IOException e) {
Trace.e(TAG, "There was an IO Stream related error making API call", e);
return null;
} catch (Exception e) {
Trace.e(TAG, "Failed to get a response from API call (unknown error)", e);
return null;
}
return response;
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我遇到了同样的问题,但相反,它适用于 GET 但不适用于 POST。
如果服务器是您的,我建议使用名为 Wireshark 的免费软件来检查传输本身的情况。
使用该工具,向我展示客户端有时会在发出第二个授权请求之前发出第一个匿名请求,但随后服务器会丢失它并且不响应..我仍然无法解决这个问题..这让我发疯。
i got the same problem, but the other way around, it works on GET but not on POST.
if the server is yours, i would recommend to use a freeware called Wireshark, to check what's going on in the transmition itself.
using that tool, showed me that the client sometimes makes a first annonymous request before making a second authorized request, but then the server kinda loses it and doesn't respond.. i still can't solve this issue.. it's driving me nuts.