2

我正在尝试从服务器获取响应。因此,为此我所做的是,我在代码中传递了我的用户名和密码进行身份验证,因为该服务器需要身份验证,然后我从服务器得到响应......所以有什么方法可以设置 SMSESSION cookie该用户而不是在代码中传递用户名和密码。假设用户已经使用他/她的用户名和密码登录到该浏览器。这是我下面的代码..当我注释掉传递用户名和密码的那部分..并且那个工作正常..但是我不想传递用户名和密码,我想设置已经登录的那个用户的 SMSESSION cookie进入那个浏览器..所以我添加了设置cookie的代码但它不起作用,我得到

Access Denied Error




<%@ page language="java" import="
org.apache.http.HttpEntity,
org.apache.http.HttpResponse,
org.apache.http.auth.AuthScope,
org.apache.http.auth.UsernamePasswordCredentials,
org.apache.http.client.methods.HttpPost,
org.apache.http.client.methods.HttpGet,
org.apache.http.impl.client.DefaultHttpClient,
org.apache.http.util.EntityUtils,
java.io.InputStream,
java.io.InputStreamReader,
java.io.BufferedReader,
java.security.KeyStore,
java.io.FileInputStream,
java.io.File,
org.apache.http.conn.ssl.SSLSocketFactory,
org.apache.http.conn.scheme.Scheme,
javax.net.ssl.HostnameVerifier,
org.apache.http.impl.conn.SingleClientConnManager,
javax.net.ssl.HttpsURLConnection,
org.apache.http.conn.scheme.SchemeRegistry,
javax.net.ssl.SSLContext,
java.security.cert.X509Certificate,
javax.net.ssl.X509TrustManager,
javax.net.ssl.TrustManager,
org.apache.http.conn.ClientConnectionManager,
java.security.cert.CertificateException,
org.apache.http.conn.scheme.Scheme"
contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>

<%
String a_Url = request.getParameter( "url" ) ;

DefaultHttpClient httpclient = new DefaultHttpClient();


/*
    httpclient.getCredentialsProvider().setCredentials(
            new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, null),
            new UsernamePasswordCredentials("test", "pass"));
*/



    Cookie[] cookies = request.getCookies();
    boolean foundCookie = false;
   // System.out.println(" hello  " +cookies);
    for(int i = 0; i < cookies.length; i++) { 
        Cookie c = cookies[i];
        //System.out.println("  " +c);
        if (c.getName().equals("SMSESSION")) {
            System.out.println("sm = " + c.getValue());
            foundCookie = true;
        }
    }

    if (foundCookie) {
        //System.out.println(foundCookie);
        Cookie c = new Cookie("SMSESSION", "3jHUz3BcnWfVfgWH806Sro9Qs9obgTS6gp+b71d86HcPpupyZ8kcSI48KBpxcLT0DlTxnaKjP4Mgdn8iQFRkyJ1Uyji83qupvMy8zaD0b83h+5edOqF4GrDiXUDqzRBhwJ9wHMmswbf4As6gcu6aJDOoppI1pCoeA+yoLHpxMYi+B3VM1IZhOKiVkKb2+IrQwhvLCxMKy3oF/ew2gctmJ6AVfe/cA053niXPERjWW111cJhJMViFd/fP7YuxLuLZNzqBEBAdSBoK8YorzGwUTX0DDUTI7QJF9OGdeGETpmddHzE4u3hdqMZxrIdAYQc6zDLOf5I5MoMie7WnQVIu5gH8xa3b37BDk3rVuf4orOcaahv/UlrHPRRjIUtaWal1sAZXBHpYgQKH4wd3nNtPthW0hBAlxXQnGgHqZvJvQH4jLWlTV9uwC2q1hbMHrmo9zXCNO7uIxK6o0PyTYW6UhdVmcYtoHn/+mAX3dW3PRYAUM7ItAdIfsPV6LAs+bLiVexDf2P9E2ub4zF+ZSN+3AUSssMLiGKCOnWQ/IQyB8WOngkMa9Qc58pZv8g8E5Lxm5g/udiGbhqK24kYauJ8cUI4JtTW+JJKqwoqTbnwwdbTqdSenyNnrEnbH13CDowNxbSgJZeSUw2Z51ELARrXp+N5kGokLr+YXxwsgmvoXQxxo/5y9Lgn1RKtc4QAJiWjQNzDOFX2HoiFw+oWUXgrET8qTHHVOj+v9auqyxS0cPgcXj8wQmjJrUH+tYGlQmCdF2CCt5Ywf12Jaev+wfNcVb447fAmTR7LJTgtb/D5U15YqAMYZg36tVrPkx1MhP37XbEYLsCcpfdDO4FUVKb5t7zl0rTAhUvbCF3/Wn6V/0LjJ58UGl4GEhIF2y4K+vFJSkL7qJ+2ufVi9hfXu5362QKCtqqXt0LihgjmH9z0Mgg1Brfgl0jVPuO44os0KBKzfCuhFMzEK9oorNVpgWrVWED+yiBNO0B2JA4lurdsFFAwOcx3ZFyhJ1TC2jUYJpIBW ");
        c.setMaxAge(24*60*60);
        response.addCookie(c); 
    }     


    HttpGet httpget = new HttpGet(a_Url);



    System.out.println("executing request" + httpget.getRequestLine());
    HttpResponse res = httpclient.execute(httpget);

    HttpEntity entity = res.getEntity();

    System.out.println("----------------------------------------");
    System.out.println(res.getStatusLine());
    if (entity != null) {

        System.out.println("Response content length: " + entity.getContentLength());
        InputStream input = entity.getContent();
        BufferedReader reader = new BufferedReader(new InputStreamReader(input));
        String ln = "";
        while((ln = reader.readLine()) != null) {
            out.println("" + ln);
        }
        entity.consumeContent();
    }
    EntityUtils.consume(entity);

%>

在响应标头中,我得到了这个:-

Response Headers
Content-Type    text/html; charset=iso-8859-1
Expires Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie  SMSESSION="3jHUz3BcnWfVfgWH806Sro9Qs9obgTS6gp+b71d86HcPpupyZ8kcSI48KBpxcLT0DlTxnaKjP4Mgdn8iQFRkyJ1Uyji83qupvMy8zaD0b83h+5edOqF4GrDiXUDqzRBhwJ9wHMmswbf4As6gcu6aJDOoppI1pCoeA+yoLHpxMYi+B3VM1IZhOKiVkKb2+IrQwhvLCxMKy3oF/ew2gctmJ6AVfe/cA053niXPERjWW111cJhJMViFd/fP7YuxLuLZNzqBEBAdSBoK8YorzGwUTX0DDUTI7QJF9OGdeGETpmddHzE4u3hdqMZxrIdAYQc6zDLOf5I5MoMie7WnQVIu5gH8xa3b37BDk3rVuf4orOcaahv/UlrHPRRjIUtaWal1sAZXBHpYgQKH4wd3nNtPthW0hBAlxXQnGgHqZvJvQH4jLWlTV9uwC2q1hbMHrmo9zXCNO7uIxK6o0PyTYW6UhdVmcYtoHn/+mAX3dW3PRYAUM7ItAdIfsPV6LAs+bLiVexDf2P9E2ub4zF+ZSN+3AUSssMLiGKCOnWQ/IQyB8WOngkMa9Qc58pZv8g8E5Lxm5g/udiGbhqK24kYauJ8cUI4JtTW+JJKqwoqTbnwwdbTqdSenyNnrEnbH13CDowNxbSgJZeSUw2Z51ELARrXp+N5kGokLr+YXxwsgmvoXQxxo/5y9Lgn1RKtc4QAJiWjQNzDOFX2HoiFw+oWUXgrET8qTHHVOj+v9auqyxS0cPgcXj8wQmjJrUH+tYGlQmCdF2CCt5Ywf12Jaev+wfNcVb447fAmTR7LJTgtb/D5U15YqAMYZg36tVrPkx1MhP37XbEYLsCcpfdDO4FUVKb5t7zl0rTAhUvbCF3/Wn6V/0LjJ58UGl4GEhIF2y4K+vFJSkL7qJ+2ufVi9hfXu5362QKCtqqXt0LihgjmH9z0Mgg1Brfgl0jVPuO44os0KBKzfCuhFMzEK9oorNVpgWrVWED+yiBNO0B2JA4lurdsFFAwOcx3ZFyhJ1TC2jUYJpIBW";Expires=Wed, 06-Jul-11 16:57:11 GMT
Content-Length  2786
Server  Jetty(6.1.21)

任何建议将不胜感激...

4

2 回答 2

1

The SMSESSION cookie changes periodically so you won't be able to set it statically as you have in the code above. Since you're using Java you may want to look at the Java SDK for SiteMinder

于 2011-11-01T17:29:33.400 回答
1

SMSESSION 是 Siteminder 使用的系统 cookie。你不应该/一定不要惹它。

如果您的应用程序启用了 Siteminder,Siteminder 将负责用户的身份验证过程。
一旦用户通过 Siteminder 身份验证,应用程序上的 Siteminder 代理将添加特定的 HTTP 标头(特别是 SM_USER),其中将包含有关用户的信息。
您只需要从请求中获取这些信息。

于 2011-09-03T23:48:45.477 回答