我正在使用JDK11 HTTP客户库库,在其中我尝试创建具有特定范围的身份验证,该验证范围可能与主机,端口,领域或方案(基本,摘要等)相关。
我的类实施是:
class CredentialsProviderAuthenticator extends Authenticator {
private final AuthScope authScope;
private final Credentials credentials;
private CredentialsProviderAuthenticator(AuthScope authScope, Credentials credentials) {
this.authScope = authScope;
this.credentials = credentials;
}
public static Authenticator createAuthenticator(AuthScope authScope, Credentials credentials) {
return new CredentialsProviderAuthenticator(authScope, credentials);
}
@Override
protected PasswordAuthentication getPasswordAuthentication() {
if ( (authScope.getScheme() == null || authScope.getScheme().equalsIgnoreCase(getRequestingScheme()))
&& ((authScope.getHost() == null || authScope.getHost().equalsIgnoreCase(getRequestingHost())))
&& ((authScope.getRealm() == null || authScope.getRealm().equalsIgnoreCase(getRequestingPrompt())))
&& ((authScope.getPort() < 0) || authScope.getPort() == getRequestingPort())) {
return new PasswordAuthentication(credentials.getUserPrincipal().getName(), credentials.getPassword().toCharArray());
}
return null;
}
}
当PasswordAuthentication实例返回时,此实现正常工作,但是当找不到合适的身份验证时,客户端会引发异常。
Caused by: java.io.IOException: No credentials provided
at java.net.http/jdk.internal.net.http.HttpClientImpl.send(HttpClientImpl.java:565)
at java.net.http/jdk.internal.net.http.HttpClientFacade.send(HttpClientFacade.java:119)
at com.imperva.shcf4j.java.http.client.ClosableSyncHttpClient.execute(ClosableSyncHttpClient.java:50)
... 27 more
Caused by: java.io.IOException: No credentials provided
at java.net.http/jdk.internal.net.http.AuthenticationFilter.response(AuthenticationFilter.java:303)
at java.net.http/jdk.internal.net.http.MultiExchange.responseFilters(MultiExchange.java:181)
at java.net.http/jdk.internal.net.http.MultiExchange.lambda$responseAsyncImpl$5(MultiExchange.java:245)
at java.base/java.util.concurrent.CompletableFuture$UniCompose.tryFire(CompletableFuture.java:1072)
at java.base/java.util.concurrent.CompletableFuture.postComplete(CompletableFuture.java:506)
at java.base/java.util.concurrent.CompletableFuture.postFire(CompletableFuture.java:610)
at java.base/java.util.concurrent.CompletableFuture$UniApply.tryFire(CompletableFuture.java:649)
at java.base/java.util.concurrent.CompletableFuture$Completion.run(CompletableFuture.java:478)
at java.net.http/jdk.internal.net.http.HttpClientImpl$DelegatingExecutor.execute(HttpClientImpl.java:153)
at java.base/java.util.concurrent.CompletableFuture$UniCompletion.claim(CompletableFuture.java:568)
at java.base/java.util.concurrent.CompletableFuture$UniApply.tryFire(CompletableFuture.java:638)
at java.base/java.util.concurrent.CompletableFuture.postComplete(CompletableFuture.java:506)
at java.base/java.util.concurrent.CompletableFuture.complete(CompletableFuture.java:2073)
at java.net.http/jdk.internal.net.http.Http1Response$HeadersReader.handle(Http1Response.java:677)
at java.net.http/jdk.internal.net.http.Http1Response$HeadersReader.handle(Http1Response.java:603)
at java.net.http/jdk.internal.net.http.Http1Response$Receiver.accept(Http1Response.java:594)
at java.net.http/jdk.internal.net.http.Http1Response$HeadersReader.tryAsyncReceive(Http1Response.java:650)
at java.net.http/jdk.internal.net.http.Http1AsyncReceiver.flush(Http1AsyncReceiver.java:228)
at java.net.http/jdk.internal.net.http.common.SequentialScheduler$SynchronizedRestartableTask.run(SequentialScheduler.java:175)
at java.net.http/jdk.internal.net.http.common.SequentialScheduler$CompleteRestartableTask.run(SequentialScheduler.java:147)
at java.net.http/jdk.internal.net.http.common.SequentialScheduler$SchedulableTask.run(SequentialScheduler.java:198)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:834)
我正在寻找一种方式,在这种情况下,客户端将返回401 HTTP错误代码。一个想法是创建一个生成用户名的实例&amp;每个调用时的密码,但也许存在更简单的方法?
我恐怕目前没有更好的选择:您要提供身份验证器,如果身份验证者不提供有效的凭据,或者您不提供,则您将获得例外提供任何身份验证者,您可以在自己的代码中处理401响应(您可能会选择在异步注册的因操作中实现,并在HTTPCLIENT返回的可完整的未来:: sendAsync返回的完整未来)。例如:
client.sendAsync(...).thenApplyAsync(resp -> handle401(client, resp))...