java 获取HttpRequest Header的几种方法

转:http://www.jb51.net/article/93662.htm

在开发应用程序的过程中,如果有多个应用,通常会通过一个portal 门户来集成,这个portal  是所有应用程序的入口,用户一旦在portal 登录之后,进入另外一个系统,就需要类似的单点登录(SSO). 进入各个子系统的时候,就不需要再次登录, 当然类似的功能,你可以通过专业的单点登录软件来实现,也可以自己写数据库token 等方式来实现。其实还有一个比较简单的方法,就是通过 portal 封装已经登录过的用户的消息,写到http header 之中,然后把请求forward 到各个子系统中去,而各子系统从 http header 中获取用户名,作为是否登录过的校验或者合法的校验。

总结了几种处理http Header 的方法:

利用 HttpServletRequest

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
import javax.servlet.http.HttpServletRequest;
  //...
  private HttpServletRequest request;
  //get request headers
  private Map<String, String> getHeadersInfo() {
   Map<String, String> map = new HashMap<String, String>();
   Enumeration headerNames = request.getHeaderNames();
   while (headerNames.hasMoreElements()) {
     String key = (String) headerNames.nextElement();
     String value = request.getHeader(key);
     map.put(key, value);
   }
   return map;
  }

一个典型的例子如下:

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
"headers" : {
   "Host" : "yihaomen.com" ,
   "Accept-Encoding" : "gzip,deflate" ,
   "X-Forwarded-For" : "66.249.x.x" ,
   "X-Forwarded-Proto" : "http" ,
   "User-Agent" : "Mozilla/5.0 (compatible; Googlebot/2.1; +
)" ,
   "X-Request-Start" : "1389158003923" ,
   "Accept" : "*/*" ,
   "Connection" : "close" ,
   "X-Forwarded-Port" : "80" ,
   "From" : "googlebot(at)googlebot.com"
}

获取 user-agent

?
1
2
3
4
5
6
import javax.servlet.http.HttpServletRequest;
  //...
  private HttpServletRequest request;
  private String getUserAgent() {
   return request.getHeader( "user-agent" );
  }

一个典型的例子如下:

?
1
2
3
Mozilla/ 5.0 (compatible; Googlebot/ 2.1 ; +
http: //www.google.com/bot.html
)

利用 spring mvc 获取  HttpRequest Header 的例子 

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;
@Controller
@RequestMapping ( "/site" )
public class SiteController {
   @Autowired
   private HttpServletRequest request;
   @RequestMapping (value = "/{input:.+}" , method = RequestMethod.GET)
   public ModelAndView getDomain( @PathVariable ( "input" ) String input) {
     ModelAndView modelandView = new ModelAndView( "result" );
     modelandView.addObject( "user-agent" , getUserAgent());
     modelandView.addObject( "headers" , getHeadersInfo());
     return modelandView;
   }
   //get user agent
   private String getUserAgent() {
     return request.getHeader( "user-agent" );
   }
   //get request headers
   private Map<String, String> getHeadersInfo() {
     Map<String, String> map = new HashMap<String, String>();
     Enumeration headerNames = request.getHeaderNames();
     while (headerNames.hasMoreElements()) {
       String key = (String) headerNames.nextElement();
       String value = request.getHeader(key);
       map.put(key, value);
     }
     return map;
   }
}

也许有人会说,Http Header  是可以模拟的,那么自己可以构造一个用来欺骗这些系统, 是的,的确是这样,所以在用Http Header 来传值得时候,一定要记得,所有的请求都必须经过 portal 来处理,然后 forward 到各子系统,就不会出现这个问题了。因为portal 首先拦截用户发起的所有的请求,如果是构造的用户,在portal 的sessiion 也是没有记录的,仍然会跳转到登录页面,如果在protal 的 session 中记录,而且  Http Header 中也有记录,那么在子系统就是合法的用户,然后自己可以根据一些要求处理业务逻辑了

JSP/Java获取HTTP header信息(request)例子

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
<%
//header.jsp
out.println( "Protocol: " + request.getProtocol() + "<br>" );
out.println( "Scheme: " + request.getScheme() + "<br>" );
out.println( "Server Name: " + request.getServerName() + "<br>" );
out.println( "Server Port: " + request.getServerPort() + "<br>" );
out.println( "Protocol: " + request.getProtocol() + "<br>" );
out.println( "Server Info: " + getServletConfig().getServletContext().getServerInfo() + "<br>" );
out.println( "Remote Addr: " + request.getRemoteAddr() + "<br>" );
out.println( "Remote Host: " + request.getRemoteHost() + "<br>" );
out.println( "Character Encoding: " + request.getCharacterEncoding() + "<br>" );
out.println( "Content Length: " + request.getContentLength() + "<br>" );
out.println( "Content Type: " + request.getContentType() + "<br>" );
out.println( "Auth Type: " + request.getAuthType() + "<br>" );
out.println( "HTTP Method: " + request.getMethod() + "<br>" );
out.println( "Path Info: " + request.getPathInfo() + "<br>" );
out.println( "Path Trans: " + request.getPathTranslated() + "<br>" );
out.println( "Query String: " + request.getQueryString() + "<br>" );
out.println( "Remote User: " + request.getRemoteUser() + "<br>" );
out.println( "Session Id: " + request.getRequestedSessionId() + "<br>" );
out.println( "Request URL: " + request.getRequestURL() + "<br>" );
out.println( "Request URI: " + request.getRequestURI() + "<br>" );
out.println( "Servlet Path: " + request.getServletPath() + "<br>" );
out.println( "Created : " + session.getCreationTime() + "<br>" );
out.println( "LastAccessed : " + session.getLastAccessedTime() + "<br>" );
 
out.println( "Accept: " + request.getHeader( "Accept" ) + "<br>" );
out.println( "Host: " + request.getHeader( "Host" ) + "<br>" );
out.println( "Referer : " + request.getHeader( "Referer" ) + "<br>" );
out.println( "Accept-Language : " + request.getHeader( "Accept-Language" ) + "<br>" );
out.println( "Accept-Encoding : " + request.getHeader( "Accept-Encoding" ) + "<br>" );
out.println( "User-Agent : " + request.getHeader( "User-Agent" ) + "<br>" );
out.println( "Connection : " + request.getHeader( "Connection" ) + "<br>" );
out.println( "Cookie : " + request.getHeader( "Cookie" ) + "<br>" );
%>

关于request.getHeader("Referer")的说明

request.getHeader("Referer")获取来访者地址。只有通过链接访问当前页的时候,才能获取上一页的地址;否则request.getHeader("Referer")的值为Null,通过window.open打开当前页或者直接输入地址,也为Null。

以上就是小编为大家带来的java 获取HttpRequest Header的几种方法(必看篇)的全部内容了,希望对大家有所帮助,多多支持脚本之家~


相关推荐
©️2020 CSDN 皮肤主题: 像素格子 设计师:CSDN官方博客 返回首页