基本上我需要做的是执行摘要验证.我尝试的第一件事是
here的官方示例.
但是当我尝试执行它(有一些小的更改,Post而不是Get方法)我得到一个
org.apache.http.auth.MalformedChallengeException: missing nonce in challange
at org.apache.http.impl.auth.DigestScheme.processChallenge(DigestScheme.java:132)
当这个失败我尝试使用:
DefaultHttpClient client = new DefaultHttpClient();
client.getCredentialsProvider().setCredentials(new AuthScope(null, -1, null), new UsernamePasswordCredentials("", ""));
HttpPost post = new HttpPost(URI.create("http://"));
List nvps = new ArrayList();
nvps.add(new BasicNameValuePair("domain", ""));
post.setEntity(new UrlEncodedFormEntity(nvps, HTTP.UTF_8));
DigestScheme digestAuth = new DigestScheme();
digestAuth.overrideParamter("algorithm", "MD5");
digestAuth.overrideParamter("realm", "http://");
digestAuth.overrideParamter("nonce", Long.toString(new Random().nextLong(), 36));
digestAuth.overrideParamter("qop", "auth");
digestAuth.overrideParamter("nc", "0");
digestAuth.overrideParamter("cnonce", DigestScheme.createCnonce());
Header auth = digestAuth.authenticate(new
UsernamePasswordCredentials("", ""), post);
System.out.println(auth.getName());
System.out.println(auth.getValue());
post.setHeader(auth);
HttpResponse ret = client.execute(post);
ByteArrayOutputStream v2 = new ByteArrayOutputStream();
ret.getEntity().writeTo(v2);
System.out.println("----------------------------------------");
System.out.println(v2.toString());
System.out.println("----------------------------------------");
System.out.println(ret.getStatusLine().getReasonPhrase());
System.out.println(ret.getStatusLine().getStatusCode());
起初我只是覆盖了“领域”和“随意”的DigestScheme参数.但是,事实证明,在服务器上运行的PHP脚本需要所有其他参数,但无论是否指定它们,或者当我调用其authenticate()方法时,DigestScheme都不会在授权请求优先级中生成它们. PHP脚本返回HTTP响应代码200,其中包含PHP脚本需要cnonce,nc和qop参数的消息.
我一直在努力两天,没有运气.基于所有我认为的问题的原因是PHP脚本.对我来说,当应用程序尝试访问未经授权时,它不会发送挑战.
任何想法有谁?
编辑:
还有一件事,我尝试连接cURL,它的作品.