从使用基于冰面表单身份验证的服务器下载文件

Question

我是ICEfaces的新手，我需要从给定的url (http://ipaddress/formexec?objectid=201)下载文档。

此URL使用通过部署的基于表单的身份验证。

我跟踪了这个URL的请求，得到了以下行：

&ice.submit.partial=false&ice.event.target=loginForm%3Aj_id33&ice.event.captured=loginForm%3Aj_id33

是否有任何库或代码可以通过成功传递用户名和密码.来下载文档？

Answer 1

您需要从jsessionid响应头中提取Set-Cookie，并将其作为http://example.com/path/page.jsf;jsessionid=XXX附加到后续请求中。

这里有一个在“普通香草”java.net.URLConnection的帮助下的开场示例

// Prepare stuff.
String loginurl = "http://example.com/login";
String username = "itsme";
String password = "youneverguess";
URLConnection connection = null;
InputStream response = null;

// First get jsessionid (do as if you're just opening the login page).
connection = new URL(loginurl).openConnection();
response = connection.getInputStream(); // This will actually send the request.
String cookie = connection.getHeaderField("Set-Cookie");
String jsessionid = cookie.split(";")[0].split("=")[1]; // This assumes JSESSIONID is first field (normal case), you may need to change/finetune it.
String jsessionidurl = ";jsessionid=" + jsessionid;
response.close(); // We're only interested in response header. Ignore the response body.

// Now do login.
String authurl = loginurl + "/j_security_check" + jsessionidurl;
connection = new URL(authurl).openConnection();
connection.setDoOutput(true); // Triggers POST method.
PrintWriter writer = new PrintWriter(new OutputStreamWriter(connection.getOutputStream()));
writer.write("j_username=" + URLEncoder.encode(username, "UTF-8")
          + "&j_password=" + URLEncoder.encode(password, "UTF-8"));
writer.close();
response = connection.getInputStream(); // This will actually send the request.
response.close();

// Now you can do any requests in the restricted area using jsessionid. E.g.
String downloadurl = "http://example.com/download/file.ext" + jsessionidurl;
InputStream download = new URL(downloadurl).openStream();
// ...

要用较少臃肿的代码实现同样的目标，请考虑使用Apache客户端。

Answer 2

基于表单的auth与其他请求没有太大区别。您所要做的就是向auth表单提交一个请求，提供所需的参数，例如用户和密码，在某些情况下还需要从源页面获得额外的令牌。然后，您需要从auth响应或会话id参数中获取cookie，并将它们复制到将获取数据的下一个请求中。