每个用户从 servlet java HttpURLConnection 设置 Cookie
Set Cookies from servlet java HttpURLConnection per individual user
我有一个 API servlet java 应用程序,它允许用户通过他的用户名和密码查看外部页面,视图 URL 需要在调用它之前设置 cookie
我用这个代码查看页面
CookieManager cookieManager = new CookieManager();
CookieHandler.setDefault(cookieManager);
String request_url = "http://url/view.jsp?id"+ id;
URL url = new URL(request_url);
HttpURLConnection httpURLConnection = (HttpURLConnection) url.openConnection();
httpURLConnection.setInstanceFollowRedirects(false);
httpURLConnection.setUseCaches(false);
httpURLConnection.setDoInput(true);
httpURLConnection.setDoOutput(true);
httpURLConnection.setRequestMethod("GET");
httpURLConnection.setConnectTimeout(20000);
httpURLConnection.setReadTimeout(20000);
httpURLConnection.connect();
try (BufferedReader in = new BufferedReader(new InputStreamReader(httpURLConnection.getInputStream()))) {
String inputLine;
while ((inputLine = in.readLine()) != null) {
data = data + inputLine;
helper.status = 0;
helper.errorDesc = "0";
}
in.close();
}
httpURLConnection.disconnect();
如果 returns 没有访问数据 我使用此代码使用用户凭据登录
CookieManager cookieManager = new CookieManager();
CookieHandler.setDefault(cookieManager);
String urlParameters = "username=" + username + "&password=" + password + "&displayLangCode=" + lang + "&langCode=" + lang;
System.out.println("urlParameters" + urlParameters);
byte[] postData = urlParameters.getBytes(StandardCharsets.UTF_8);
int postDataLength = postData.length;
String activeUrl = "http://url/login.jsp";
URL url = new URL(activeUrl);
HttpURLConnection httpURLConnection = (HttpURLConnection) url.openConnection();
httpURLConnection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
httpURLConnection.setRequestProperty("X-Service", "AuthenticateUser");
httpURLConnection.setRequestProperty("Content-Length", Integer.toString(postDataLength));
httpURLConnection.setInstanceFollowRedirects(false);
httpURLConnection.setUseCaches(false);
httpURLConnection.setDoInput(true);
httpURLConnection.setDoOutput(true);
httpURLConnection.setRequestMethod("POST");
httpURLConnection.setConnectTimeout(20000);
httpURLConnection.setReadTimeout(20000);
httpURLConnection.connect();
try (DataOutputStream wr = new DataOutputStream(httpURLConnection.getOutputStream())) {
wr.write(postData);
wr.close();
}
httpURLConnection.disconnect();
它工作正常,我可以获取内容,
问题是,如果另一个用户调用查看内容,他可以作为第一个登录用户看到内容
这意味着 cookie 已按 API 级别设置,而不是按用户级别设置,
我需要帮助,因为我不知道如何解决这个 cookie 问题来为每次用户调用设置 cookie
我可以通过禁用自动 cookie 来解决这个问题
CookieManager cookieManager = new CookieManager();
cookieManager.setCookiePolicy(CookiePolicy.ACCEPT_NONE);
然后在登录方法中,我从函数
中提取 cookie 和 return
List<String> cookies = httpURLConnection.getHeaderFields().get("Set-Cookie");
String token = null;
if (cookies != null) {
for (String cookie : cookies) {
token = cookie.split(";", 1)[0];
}
}
return token
然后每次调用视图函数时我们都会传递 cookies
httpURLConnection.addRequestProperty("Cookie", token);
我有一个 API servlet java 应用程序,它允许用户通过他的用户名和密码查看外部页面,视图 URL 需要在调用它之前设置 cookie
我用这个代码查看页面
CookieManager cookieManager = new CookieManager();
CookieHandler.setDefault(cookieManager);
String request_url = "http://url/view.jsp?id"+ id;
URL url = new URL(request_url);
HttpURLConnection httpURLConnection = (HttpURLConnection) url.openConnection();
httpURLConnection.setInstanceFollowRedirects(false);
httpURLConnection.setUseCaches(false);
httpURLConnection.setDoInput(true);
httpURLConnection.setDoOutput(true);
httpURLConnection.setRequestMethod("GET");
httpURLConnection.setConnectTimeout(20000);
httpURLConnection.setReadTimeout(20000);
httpURLConnection.connect();
try (BufferedReader in = new BufferedReader(new InputStreamReader(httpURLConnection.getInputStream()))) {
String inputLine;
while ((inputLine = in.readLine()) != null) {
data = data + inputLine;
helper.status = 0;
helper.errorDesc = "0";
}
in.close();
}
httpURLConnection.disconnect();
如果 returns 没有访问数据 我使用此代码使用用户凭据登录
CookieManager cookieManager = new CookieManager();
CookieHandler.setDefault(cookieManager);
String urlParameters = "username=" + username + "&password=" + password + "&displayLangCode=" + lang + "&langCode=" + lang;
System.out.println("urlParameters" + urlParameters);
byte[] postData = urlParameters.getBytes(StandardCharsets.UTF_8);
int postDataLength = postData.length;
String activeUrl = "http://url/login.jsp";
URL url = new URL(activeUrl);
HttpURLConnection httpURLConnection = (HttpURLConnection) url.openConnection();
httpURLConnection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
httpURLConnection.setRequestProperty("X-Service", "AuthenticateUser");
httpURLConnection.setRequestProperty("Content-Length", Integer.toString(postDataLength));
httpURLConnection.setInstanceFollowRedirects(false);
httpURLConnection.setUseCaches(false);
httpURLConnection.setDoInput(true);
httpURLConnection.setDoOutput(true);
httpURLConnection.setRequestMethod("POST");
httpURLConnection.setConnectTimeout(20000);
httpURLConnection.setReadTimeout(20000);
httpURLConnection.connect();
try (DataOutputStream wr = new DataOutputStream(httpURLConnection.getOutputStream())) {
wr.write(postData);
wr.close();
}
httpURLConnection.disconnect();
它工作正常,我可以获取内容,
问题是,如果另一个用户调用查看内容,他可以作为第一个登录用户看到内容
这意味着 cookie 已按 API 级别设置,而不是按用户级别设置,
我需要帮助,因为我不知道如何解决这个 cookie 问题来为每次用户调用设置 cookie
我可以通过禁用自动 cookie 来解决这个问题
CookieManager cookieManager = new CookieManager();
cookieManager.setCookiePolicy(CookiePolicy.ACCEPT_NONE);
然后在登录方法中,我从函数
中提取 cookie 和 returnList<String> cookies = httpURLConnection.getHeaderFields().get("Set-Cookie");
String token = null;
if (cookies != null) {
for (String cookie : cookies) {
token = cookie.split(";", 1)[0];
}
}
return token
然后每次调用视图函数时我们都会传递 cookies
httpURLConnection.addRequestProperty("Cookie", token);