我有一个应用程序需要能够通过身份验证请求发送到https,然后是注册请求。目前我能够将我的身份验证请求发布到https,它运行正常。当我尝试将我的注册请求发布到https时,我不断收到服务器响应,说我需要进行身份验证。在我尝试注册之前,我正在验证。
服务器的管理员说我可能没有保留会话。我不熟悉使用android和java。我是这个https的新手。我想知道是否有人可以在这里帮助我,我不知道这是肯定的问题,甚至不知道如何在android中保留https会话。
以下是我的代码,非常感谢任何建议!!!!在此先感谢!!
//my helper class
public class SmartDBHelper {
private static Context tThis;
private static SmartDBHelper sDBHObject;
private static String macAddress;
private static String ipAddress;
private static HttpsURLConnection https;
/* constructor, private prevents any other class from instantiating */
private SmartDBHelper() {
}
public static synchronized SmartDBHelper getSDBHObject() {
if(sDBHObject == null) {
sDBHObject = new SmartDBHelper();
}
return sDBHObject;
}
public Object clone() throws CloneNotSupportedException {
throw new CloneNotSupportedException();
}
public static synchronized void setSmartContext(SmartApp smartApp) {
tThis = (Context) smartApp;
}
private static synchronized void setMACIPAddress() {
WifiManager wifiMan = (WifiManager) tThis.getSystemService (tThis.WIFI_SERVICE);
WifiInfo wifiInf = wifiMan.getConnectionInfo();
macAddress = wifiInf.getMacAddress().replace(':', '-');
ipAddress = wifiMan.getDhcpInfo().toString();
int startIndex = ipAddress.indexOf(' ');
int endIndex = ipAddress.indexOf(' ', startIndex + 1);
ipAddress = ipAddress.substring(startIndex + 1, endIndex);
}
/* this function is to authenticate with the database
* it returns the id_subject, if it is greater than 0
* authentication was successful.
*/
public static synchronized int authenticate() throws MalformedURLException, ProtocolException, IOException {
Map<String, String> tempMap = new LinkedHashMap<String, String>();
tempMap.put((String) tThis.getResources().getText(R.string.postAction), (String) tThis.getResources().getText(R.string.postAuthenticate));
tempMap.put((String) tThis.getResources().getText(R.string.authUName), "username");
tempMap.put((String) tThis.getResources().getText(R.string.authPWord), "password");
String tempUrl = "https://ipaddress/health_monitoring/admin.php";
return Integer.parseInt(post(tempUrl, tempMap));
}
/* this function is to register the server to the database
* not sure of return value
*/
public static synchronized int registerServer(String nameOfServer, String description) throws MalformedURLException, ProtocolException, IOException {
setMACIPAddress();
Map<String, String> tempMap = new LinkedHashMap<String, String>();
tempMap.put((String) tThis.getResources().getText(R.string.postAction), (String) tThis.getResources().getText(R.string.postAddServer));
tempMap.put((String) tThis.getResources().getText(R.string.addServerName), "Phone");
tempMap.put((String) tThis.getResources().getText(R.string.addServerDescription), "Android");
tempMap.put((String) tThis.getResources().getText(R.string.addServerURL), "");
tempMap.put((String) tThis.getResources().getText(R.string.addServerIPAddress), ipAddress);
tempMap.put((String) tThis.getResources().getText(R.string.addServerMAC), macAddress);
String tempUrl = "https://ipaddress/health_monitoring/admin.php";
return Integer.parseInt(post(tempUrl, tempMap));
}
// always verify the host - dont check for certificate
final static HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
/**
* Trust every server - dont check for any certificate
*/
private static void trustAllHosts() {
// Create a trust manager that does not validate certificate chains
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[] {};
}
public void checkClientTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
}
} };
// Install the all-trusting trust manager
try {
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection
.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (Exception e) {
e.printStackTrace();
}
}
private static String post(String urlString, Map formParameters)
throws MalformedURLException, ProtocolException, IOException {
DataOutputStream ostream = null;
trustAllHosts();
URL tempUrl;
StringBuffer buf = new StringBuffer();
if(formParameters != null) {
Set parameters = formParameters.keySet();
Iterator it = parameters.iterator();
for(int i = 0, paramCount = 0; it.hasNext(); i++) {
String parameterName = (String) it.next();
String parameterValue = (String) formParameters.get(parameterName);
if(parameterValue != null) {
parameterValue = URLEncoder.encode(parameterValue);
if(paramCount > 0) {
buf.append("&");
}
buf.append(parameterName);
buf.append("=");
buf.append(parameterValue);
++paramCount;
}
}
}
urlString = urlString + "?" + buf;
Log.v("smartdbhelper url string", urlString);
tempUrl = new URL(urlString);
https = (HttpsURLConnection) tempUrl.openConnection();
https.setHostnameVerifier(DO_NOT_VERIFY);
Log.v("smartdbhelper adding post parameters", https.toString());
https.setRequestMethod("POST");
https.setDoInput(true);
https.setDoOutput(true);
ostream = new DataOutputStream(https.getOutputStream());
ostream.writeBytes(buf.toString());
if( ostream != null ) {
ostream.flush();
ostream.close();
}
Object contents = https.getContent();
InputStream is = (InputStream) contents;
StringBuffer buf2 = new StringBuffer();
int c;
while((c = is.read()) != -1) {
buf2.append((char)c);
Log.v("smartdbhelper bugger", buf2.toString());
}
//https.disconnect();
return buf2.toString();
}
}
答案 0 :(得分:11)
听起来您可能需要处理cookie标头以保留会话。如果是这种情况,则不是特定于HTTPS。在发出第一个请求时,您需要找到Set-Cookie响应标头。然后,您之后的每个请求都会通过Cookie请求标头传递这些请求。以下是您可以根据自己的情况调整的基本示例:
// your first request that does the authentication
URL authUrl = new URL("https://example.com/authentication");
HttpsURLConnection authCon = (HttpsURLConnection) authUrl.openConnection();
authCon.connect();
// temporary to build request cookie header
StringBuilder sb = new StringBuilder();
// find the cookies in the response header from the first request
List<String> cookies = authCon.getHeaderFields().get("Set-Cookie");
if (cookies != null) {
for (String cookie : cookies) {
if (sb.length() > 0) {
sb.append("; ");
}
// only want the first part of the cookie header that has the value
String value = cookie.split(";")[0];
sb.append(value);
}
}
// build request cookie header to send on all subsequent requests
String cookieHeader = sb.toString();
// with the cookie header your session should be preserved
URL regUrl = new URL("https://example.com/register");
HttpsURLConnection regCon = (HttpsURLConnection) regUrl.openConnection();
regCon.setRequestProperty("Cookie", cookieHeader);
regCon.connect();