如何清除 Indy TIdHTTP BasicAuthentication 凭据?
How to clear the Indy TIdHTTP BasicAuthentication credentials?
我正在使用 Indy TIdHTTP 获取带有 BasicAuthentication 的请求。
代码工作正常,但 TIdHTTP 不会在第一个 401 后清除 BasicAuthentication 凭据,如果用户重新键入凭据并再次发送请求,并使用正确的登录密码。用户必须登录两次才能授权。
用户操作顺序:
Step 1. User type wrong login-password: ResponseCode = 401
Step 2. User type right login-password: ResponseCode = 401
Step 3. User type right login-password: ResponseCode = 200
我认为第 2 步的结果是一个错误。我该怎么办?
简单代码:
var
IdHTTP1: TIdHTTP;
fLogin : string;
fPassword : string;
/// ...
if ( fLogin <> '' ) and ( fPassword <> '' )
then
begin
if ( IdHTTP1.Request.Username <> fLogin )
or
( IdHTTP1.Request.Password <> fPassword )
then
begin
IdHTTP1.Request.BasicAuthentication := True;
IdHTTP1.Request.Username := fLogin;
IdHTTP1.Request.Password := fPassword;
end;
s := IdHTTP1.Get( 'some_url' );
response_code := Idhttp1.response.ResponseCode;
case response_code of
200:
begin
// parse request data
end;
401 : Result := nc_res_Auth_Fail;
else Result := nc_res_Fail;
end;
end;
您应该在更改前清除您的身份验证
if Assigned(IdHTTP1.Request.Authentication) then
begin
IdHTTP1.Request.Authentication.Free;
IdHTTP1.Request.Authentication:=nil;
end;
或者你可以这样改
if Assigned(IdHTTP1.Request.Authentication) then
begin
IdHTTP1.Request.Authentication.Username:=...;
IdHTTP1.Request.Authentication.Password:=...;
end else
begin
IdHTTP1.Request.BasicAuthentication:=True;
IdHTTP1.Request.Username:=...;
IdHTTP1.Request.Password:=...;
end;
您应该在每个请求上设置 Request.UserName 和 Request.Password 属性,然后在服务器要求时使用 OnAuthorization 事件检索新凭据,例如:
procedure TSomeClass.HttpAuthorization(Sender: TObject; Authentication: TIdAuthentication; var Handled: Boolean);
begin
if GetNewCredentials() then
begin
Authentication.UserName := ...;
Authentication.Password := ...;
Handled := True;
end;
end;
//...
var
IdHTTP1: TIdHTTP;
fLogin : string;
fPassword : string;
// ...
IdHTTP1.OnAuthorization := HttpAuthorization;
IdHTTP1.Request.BasicAuthentication := True;
IdHTTP1.Request.Username := fLogin;
IdHTTP1.Request.Password := fPassword;
s := IdHTTP1.Get( 'some_url' );
response_code := IdHTTP1.Response.ResponseCode;
case Response_Code of
200:
begin
// parse request data
end;
401 : Result := nc_res_Auth_Fail;
else
Result := nc_res_Fail;
end;
end;
TIdHTTP 将在内部不断重试登录,每次都会触发 OnAuthorization,直到服务器停止发送 401 回复或达到 TIdHTTP.MaxAuthRetries,以先发生者为准。
我正在使用 Indy TIdHTTP 获取带有 BasicAuthentication 的请求。
代码工作正常,但 TIdHTTP 不会在第一个 401 后清除 BasicAuthentication 凭据,如果用户重新键入凭据并再次发送请求,并使用正确的登录密码。用户必须登录两次才能授权。
用户操作顺序:
Step 1. User type wrong login-password: ResponseCode = 401
Step 2. User type right login-password: ResponseCode = 401
Step 3. User type right login-password: ResponseCode = 200
我认为第 2 步的结果是一个错误。我该怎么办?
简单代码:
var
IdHTTP1: TIdHTTP;
fLogin : string;
fPassword : string;
/// ...
if ( fLogin <> '' ) and ( fPassword <> '' )
then
begin
if ( IdHTTP1.Request.Username <> fLogin )
or
( IdHTTP1.Request.Password <> fPassword )
then
begin
IdHTTP1.Request.BasicAuthentication := True;
IdHTTP1.Request.Username := fLogin;
IdHTTP1.Request.Password := fPassword;
end;
s := IdHTTP1.Get( 'some_url' );
response_code := Idhttp1.response.ResponseCode;
case response_code of
200:
begin
// parse request data
end;
401 : Result := nc_res_Auth_Fail;
else Result := nc_res_Fail;
end;
end;
您应该在更改前清除您的身份验证
if Assigned(IdHTTP1.Request.Authentication) then
begin
IdHTTP1.Request.Authentication.Free;
IdHTTP1.Request.Authentication:=nil;
end;
或者你可以这样改
if Assigned(IdHTTP1.Request.Authentication) then
begin
IdHTTP1.Request.Authentication.Username:=...;
IdHTTP1.Request.Authentication.Password:=...;
end else
begin
IdHTTP1.Request.BasicAuthentication:=True;
IdHTTP1.Request.Username:=...;
IdHTTP1.Request.Password:=...;
end;
您应该在每个请求上设置 Request.UserName 和 Request.Password 属性,然后在服务器要求时使用 OnAuthorization 事件检索新凭据,例如:
procedure TSomeClass.HttpAuthorization(Sender: TObject; Authentication: TIdAuthentication; var Handled: Boolean);
begin
if GetNewCredentials() then
begin
Authentication.UserName := ...;
Authentication.Password := ...;
Handled := True;
end;
end;
//...
var
IdHTTP1: TIdHTTP;
fLogin : string;
fPassword : string;
// ...
IdHTTP1.OnAuthorization := HttpAuthorization;
IdHTTP1.Request.BasicAuthentication := True;
IdHTTP1.Request.Username := fLogin;
IdHTTP1.Request.Password := fPassword;
s := IdHTTP1.Get( 'some_url' );
response_code := IdHTTP1.Response.ResponseCode;
case Response_Code of
200:
begin
// parse request data
end;
401 : Result := nc_res_Auth_Fail;
else
Result := nc_res_Fail;
end;
end;
TIdHTTP 将在内部不断重试登录,每次都会触发 OnAuthorization,直到服务器停止发送 401 回复或达到 TIdHTTP.MaxAuthRetries,以先发生者为准。