zoukankan      html  css  js  c++  java
  • HTTP Basic Authentication认证

    http://smalltalllong.iteye.com/blog/912046

    ********************************************

        什么是HTTP Basic Authentication?直接看http://en.wikipedia.org/wiki/Basic_authentication_scheme吧。  
        在你访问一个需要HTTP Basic Authentication的URL的时候,如果你没有提供用户名和密码,服务器就会返回401,如果你直接在浏览器中打开,浏览器会提示你输入用户名和密码(google浏览器不会,bug?)。
    你可以尝试点击这个url看看效果:http://api.minicloud.com.cn/statuses/friends_timeline.xml 要在发送请求的时候添加HTTP Basic Authentication认证信息到请求中,有两种方法: 一是在请求头中添加Authorization: Authorization: "Basic 用户名和密码的base64加密字符串" 二是在url中添加用户名和密码: http://userName:password@api.minicloud.com.cn/statuses/friends_timeline.xml //需要Base64见:http://www.webtoolkit.info/javascript-base64.html function make_base_auth(user, password) { var tok = user + ':' + pass; var hash = Base64.encode(tok); return "Basic " + hash; } var auth = make_basic_auth('QLeelulu','mypassword'); var url = 'http://example.com'; // 原始JavaScript xml = new XMLHttpRequest(); xml.setRequestHeader('Authorization', auth); xml.open('GET',url) // ExtJS Ext.Ajax.request({ url : url, method : 'GET', headers : { Authorization : auth } }); // jQuery $.ajax({ url : url, method : 'GET', beforeSend : function(req) { req.setRequestHeader('Authorization', auth); } });
      1. 以下是一段Jsp鉴权操作   
      2. 1、server发送一个要求认证代码401和一个头信息WWW-authenticate,激发browser弹出一个认证窗口  
      3.  2、server取得browser送来的认证头"Authorization",它是加密的了,要用Base64方法解密,取得明文的用户名和密码  
      4.     
      5. 3、检查用户名和密码,根据结果传送不同的页面</pre> 
        <jsp:useBean id="base64" scope="page" class="Base64"/>    
        <%     
        if(request.getHeader("Authorization")==null){     
        response.setStatus(401);     
        response.setHeader("WWW-authenticate", "Basic realm="unixboy.com"");     
        }else{     
        String encoded=(request.getHeader("Authorization"));     
        String tmp=encoded.substring(6);     
        String up=Base64.decode(tmp);     
        String user="";     
        String password="";     
        if(up!=null){     
        user=up.substring(0,up.indexOf(":"));     
        password=up.substring(up.indexOf(":")+1);     
        }     
        if(user.equals("unixboy")&&password.equals("123456")){     
        //认证成功     
        }else{     
        //认证失败     
        }     
        }     
        %>   
          
        =======Java段代码==================  
          
        //消息加解密class     
        public class Base64     
        {     
        /** decode a Base 64 encoded String.    
        * <p><h4>String to byte conversion</h4>   
        * This method uses a naive String to byte interpretation, it simply gets each    
        * char of the String and calls it a byte.</p>   
        * <p>Since we should be dealing with Base64 encoded Strings that is a reasonable    
        * assumption.</p>   
        * <p><h4>End of data</h4>   
        * We don′t try to stop the converion when we find the "=" end of data padding char.    
        * We simply add zero bytes to the unencode buffer.</p>   
        */     
        public static String decode(String encoded)     
        {     
        StringBuffer sb=new StringBuffer();     
        int maxturns;     
        //work out how long to loop for.     
        if(encoded.length()%3==0)     
        maxturns=encoded.length();     
        else     
        maxturns=encoded.length()+(3-(encoded.length()%3));     
        //tells us whether to include the char in the unencode     
        boolean skip;     
        //the unencode buffer     
        byte[] unenc=new byte[4];     
        byte b;     
        for(int i=0,j=0; i<maxturns; i++)     
        {     
        skip=false;     
        //get the byte to convert or 0     
        if(i<encoded.length())     
        b=(byte)encoded.charAt(i);     
        else     
        b=0;     
        //test and convert first capital letters, lowercase, digits then ′+′ and ′/′     
        if(b>=65 && b<91)     
        unenc[j]=(byte)(b-65);     
        else if(b>=97 && b<123)     
        unenc[j]=(byte)(b-71);     
        else if(b>=48 && b<58)     
        unenc[j]=(byte)(b+4);     
        else if(b==′+′)     
        unenc[j]=62;     
        else if(b==′/′)     
        unenc[j]=63;     
        //if we find "=" then data has finished, we′re not really dealing with this now     
        else if(b==′=′)     
        unenc[j]=0;     
        else     
        {     
        char c=(char)b;     
        if(c==′ ′ || c==′ ′ || c==′ ′ || c==′ ′)     
        skip=true;     
        else     
        //could throw an exception here? it′s input we don′t understand.     
        ;     
        }     
        //once the array has boiled convert the bytes back into chars     
        if(!skip && ++j==4)     
        {     
        //shift the 6 bit bytes into a single 4 octet word     
        int res=(unenc[0] << 18)+(unenc[1] << 12)+(unenc[2] << 6)+unenc[3];     
        byte c;     
        int k=16;     
        //shift each octet down to read it as char and add to StringBuffer     
        while(k>=0)     
        {     
        c=(byte)(res >> k);     
        if ( c > 0 )     
        sb.append((char)c);     
        k-=8;     
        }     
        //reset j and the unencode buffer     
        j=0;     
        unenc[0]=0;unenc[1]=0;unenc[2]=0;unenc[3]=0;     
        }     
        }     
        return sb.toString();     
        }     
            
        /** encode plaintext data to a base 64 string    
        * @param plain the text to convert. If plain is longer than 76 characters this method    
        * returns null (see RFC2045).    
        * @return the encoded text (or null if string was longer than 76 chars).    
        */     
        public static String encode(String plain)     
        {     
        if(plain.length()>76)     
        return null;     
        int maxturns;     
        StringBuffer sb=new StringBuffer();     
        //the encode buffer     
        byte[] enc=new byte[3];     
        boolean end=false;     
        for(int i=0,j=0; !end; i++)     
        {     
        char _ch=plain.charAt(i);     
        if(i==plain.length()-1)     
        end=true;     
        enc[j++]=(byte)plain.charAt(i);     
        if(j==3 || end)     
        {     
        int res;     
        //this is a bit inefficient at the end point     
        //worth it for the small decrease in code size?     
        res=(enc[0] << 16)+(enc[1] << 8)+enc[2];     
        int b;     
        int lowestbit=18-(j*6);     
        for(int toshift=18; toshift>=lowestbit; toshift-=6)     
        {     
        b=res >>> toshift;     
        b&=63;     
        if(b>=0 && b<26)     
        sb.append((char)(b+65));     
        if(b>=26 && b<52)     
        sb.append((char)(b+71));     
        if(b>=52 && b<62)     
        sb.append((char)(b-4));     
        if(b==62)     
        sb.append(′+′);     
        if(b==63)     
        sb.append(′/′);     
        if(sb.length()%76==0)     
        sb.append(′ ′);     
        }     
        //now set the end chars to be pad character if there      
        //was less than integral input (ie: less than 24 bits)     
        if(end)     
        {     
        if(j==1)     
        sb.append("==");     
        if(j==2)     
        sb.append(′=′);     
        }     
        enc[0]=0; enc[1]=0; enc[2]=0;     
        j=0;     
        }     
        }     
        return sb.toString();     
        }     
        }     
  • 相关阅读:
    字符串 CSV解析 表格 逗号分隔值 通讯录 电话簿 MD
    Context Application 使用总结 MD
    RxJava RxPermissions 动态权限 简介 原理 案例 MD
    Luban 鲁班 图片压缩 MD
    FileProvider N 7.0 升级 安装APK 选择文件 拍照 临时权限 MD
    组件化 得到 DDComponent JIMU 模块 插件 MD
    gradlew 命令行 build 调试 构建错误 Manifest merger failed MD
    protobuf Protocol Buffers 简介 案例 MD
    ORM数据库框架 SQLite 常用数据库框架比较 MD
    [工具配置]requirejs 多页面,多入口js文件打包总结
  • 原文地址:https://www.cnblogs.com/zhao1949/p/7154002.html
Copyright © 2011-2022 走看看