我遇到了一个问题 - 当您已经登录并尝试访问另一个安全页面时返回 401 错误消息。对我来说,这个问题的神秘之处在于,如果通过 Firefox RestCLient 或 iOS 应用程序检查,我可以在您登录后访问另一个安全页面,但无法通过 Chrome Advanced Rest Client 和 Android 应用程序访问。但是,内容类型和其他必要参数在 Web 工具和应用程序中设置相同。我尝试使用编码的 login:pass 设置不同的身份验证标头,但它t help and it doesn
不需要,因为我认为它应该可以在没有它的情况下工作(至少 FF 和 iOS 应用程序在没有这个标头的情况下工作)。会出什么问题?
Chrome的响应头:
401 Unauthorized
Loading time:
29
Request headers
Content-Type: application/x-www-form-urlencoded
Response headers
Date: Mon, 04 Mar 2013 10:01:02 GMT
Server: Apache/2.2.20 (Ubuntu)
X-Powered-By: PHP/5.3.6-13ubuntu3.9
Set-Cookie: peachy=qg3mjvchjh1oionqlhhv0jrn71; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 96
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
Firefox 的响应头:
Status Code: 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Length: 202
Content-Type: application/json
Date: Mon, 04 Mar 2013 09:51:09 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.2.20 (Ubuntu)
X-Powered-By: PHP/5.3.6-13ubuntu3.9
这就是我在 Android 应用程序中的 Restful 代码:
public String serverRequest(int action, Bundle params) {
if (action == 0) {
if (Const.DEBUG_ENABLED)
Log.e(TAG, "You did not pass action.");
return "You did not pass action.";
}
try {
HttpRequestBase request = null;
HttpPost postRequest = null;
switch (action) {
case SIGN_IN:
request = new HttpPost();
request.setURI(new URI(SIGNIN_URL));
request.setHeader("Content-Type", "application/x-www-form-urlencoded; charset=utf-8");
postRequest = (HttpPost) request;
if (params != null) {
UrlEncodedFormEntity formEntity = new
UrlEncodedFormEntity(paramsToList(params));
postRequest.setEntity(formEntity);
}
break;
case SIGN_OUT:
request = new HttpPost();
request.setURI(new URI(SIGNOUT_URL));
request.setHeader("Content-Type", "application/x-www-form-urlencoded; charset=utf-8");
break;
case BANK_CARD_VERIFY:
request = new HttpPost();
request.setURI(new URI(BANK_CARD_VERIFY_URL));
request.setHeader("Content-Type", "application/x-www-form-urlencoded; charset=utf-8");
postRequest = (HttpPost) request;
if (params != null) {
UrlEncodedFormEntity formEntity = new UrlEncodedFormEntity(paramsToList(params));
postRequest.setEntity(formEntity);
}
break;
}
if (request != null) {
DefaultHttpClient client = new DefaultHttpClient();
if (Const.DEBUG_ENABLED)
Log.d(TAG, "Executing request: " + actionToString(action) + ": " + urlToString(action));
HttpResponse response = client.execute(request);
StatusLine responseStatus = response.getStatusLine();
int statusCode = responseStatus != null ? responseStatus.getStatusCode() : 0;
Log.d(TAG, "Status code: " + statusCode);
}
}
(登录和注销是公开的,bank_verify 是安全页面。Android 应用具有与 chrome 相同的响应标头)。会话或其他东西似乎有问题,但我不确定。
编辑: 看来我发现这里有什么问题。在 Android 应用程序中,我创建了一个新的 HttpCLient 对象,因为它丢失了所有旧数据。但另一个问题 - 如何使这个 HttpCLient 可重用?