Odata4j中的CSRF令牌验证失败

时间:2016-05-01 09:58:04

标签: sap csrf odata4j

我正在尝试将条目发布到在SAP ABAP后端创建的Odata服务Url。当我尝试将数据从java代码发送到SAP时,通过Odata服务输入代码hereABAP系统,我得到 CSRF令牌验证错误 。以下是Odata Post服务的代码片段

    ODataConsumer.Builder builder = ODataConsumers.newBuilder(URL_ODATASERVICE);
    // LOGGER.info(TAG+"Authentication values are been set");

    builder.setClientBehaviors(new BasicAuthenticationBehavior(USERNAME, PASSWORD), new SAPCSRFBehavior());

    ODataConsumer consumer = builder.build();

    OCreateRequest<OEntity> createRequest = consumer.createEntity("LogSet")
            .properties(OProperties.string("TestplanId", "111")).properties(OProperties.string("ProcessId", "222"))
            .properties(OProperties.string("Seqno", "33"));

    // Execute the OData post
    OEntity newMaterial = createRequest.execute();

SAPSCRBehaviour课程将

public class SAPCSRFBehaviour implements JerseyClientBehavior {
private static final String CSRF_HEADER = "X-CSRF-Token";
private static final String SAP_COOKIES = "SAP_SESSIONID";
private String xsrfCookieName;
private String xsrfCookieValue;
private String xsrfTokenValue;

@Override
public ODataClientRequest transform(ODataClientRequest request) {
    if (request.getMethod().equals("GET")) {
        request = request.header(CSRF_HEADER, "Fetch");
        return request;
    } else {
        return request.header(CSRF_HEADER, xsrfTokenValue).header("Cookie", xsrfCookieName + "=" + xsrfCookieValue);
    }
}

@Override
public void modifyWebResourceFilters(final Filterable arg0) {
}

@Override
public void modifyClientFilters(final Filterable client) {
    client.addFilter(new ClientFilter() {
        @Override
        public ClientResponse handle(final ClientRequest clientRequest) throws ClientHandlerException {
            ClientResponse response = getNext().handle(clientRequest);
            List<NewCookie> cookies = response.getCookies();
            for (NewCookie cookie : cookies) {
                if (cookie.getName().startsWith(SAP_COOKIES)) {
                    xsrfCookieName = cookie.getName();
                    xsrfCookieValue = cookie.getValue();
                    break;
                }
            }
            MultivaluedMap<String, String> responseHeaders = response.getHeaders();
            xsrfTokenValue = responseHeaders.getFirst(CSRF_HEADER);
            return response;
        }
    });
}

@Override
public void modify(final ClientConfig arg0) {
}}

请建议我避免此问题的解决方案

最诚挚的问候, 纳温

0 个答案:

没有答案
相关问题
最新问题