0

我是 ICEfaces 的新手,我有一个要求,我需要从给定的 url ( http://ipaddress/formexec?objectid=201 ) 下载文档。

此 URL 使用通过 ICEFaces 部署的基于表单的身份验证。

我跟踪了这​​个 URL 的请求,我得到以下行:

&ice.submit.partial=false&ice.event.target=loginForm%3Aj_id33&ice.event.captured=loginForm%3Aj_id33

是否有任何库或代码可以通过成功传递用户名和密码来下载文档。

4

2 回答 2

1

您需要jsessionidSet-Cookie响应标头中提取 ,并将其作为 URL 属性附加到后续请求的http://example.com/path/page.jsf;jsessionid=XXX.

这是一个借助“plain vanilla”的启动示例java.net.URLConnection

// Prepare stuff.
String loginurl = "http://example.com/login";
String username = "itsme";
String password = "youneverguess";
URLConnection connection = null;
InputStream response = null;

// First get jsessionid (do as if you're just opening the login page).
connection = new URL(loginurl).openConnection();
response = connection.getInputStream(); // This will actually send the request.
String cookie = connection.getHeaderField("Set-Cookie");
String jsessionid = cookie.split(";")[0].split("=")[1]; // This assumes JSESSIONID is first field (normal case), you may need to change/finetune it.
String jsessionidurl = ";jsessionid=" + jsessionid;
response.close(); // We're only interested in response header. Ignore the response body.

// Now do login.
String authurl = loginurl + "/j_security_check" + jsessionidurl;
connection = new URL(authurl).openConnection();
connection.setDoOutput(true); // Triggers POST method.
PrintWriter writer = new PrintWriter(new OutputStreamWriter(connection.getOutputStream()));
writer.write("j_username=" + URLEncoder.encode(username, "UTF-8")
          + "&j_password=" + URLEncoder.encode(password, "UTF-8"));
writer.close();
response = connection.getInputStream(); // This will actually send the request.
response.close();

// Now you can do any requests in the restricted area using jsessionid. E.g.
String downloadurl = "http://example.com/download/file.ext" + jsessionidurl;
InputStream download = new URL(downloadurl).openStream();
// ...

要使用更少臃肿的代码实现相同的目标,请考虑使用Apache Commons HttpComponents Client

于 2010-02-06T02:56:13.137 回答
0

基于表单的身份验证与其他请求没有太大区别。您所要做的就是向身份验证表单提交请求,提供所需的参数,例如用户和密码,在某些情况下,您必须从源页面获取额外的令牌。然后,您需要从 auth 响应或会话 id 参数中获取 cookie,并将它们复制到将获取数据的下一个请求中。

于 2010-02-04T21:26:14.643 回答