我們嘗試在一個HttpClient(一個會話)中向目標服務器發送多個請求。目標服務器將首先使用摘要式身份驗證(基於MD5-sess)對所有請求進行身份驗證。結果表明只有首次訪問成功。以下訪問被服務器拒絕,因爲服務器將稍後訪問視爲重播攻擊,因爲「nc」值始終爲「00000001」。Android HttpClient摘要身份驗證授權標頭「nc」硬編碼
看來Android的HttpClient的硬編碼的消化授權頭attirbute 「NC」 到 「00000001」?
當新的請求被髮送時,客戶端有什麼辦法增加這個值?謝謝。
公共類HttpService的{
private static final HttpService instance = new HttpService();
private HttpService() {
client = getHttpClient();
}
public static HttpService getInstance() {
return instance;
}
private DefaultHttpClient getHttpClient() {
HttpParams params = new BasicHttpParams();
HttpConnectionParams.setStaleCheckingEnabled(params, false);
HttpConnectionParams.setConnectionTimeout(params, 15 * 1000);
HttpConnectionParams.setSoTimeout(params, 15 * 1000);
HttpConnectionParams.setSocketBufferSize(params, 8192);
HttpProtocolParams.setUserAgent(params, USER_AGENT);
SchemeRegistry schemeRegistry = new SchemeRegistry();
Scheme httpScheme = new Scheme("http", PlainSocketFactory.getSocketFactory(), 80);
Scheme httpsScheme = new Scheme("https", SSLCertificateSocketFactory.getHttpSocketFactory(30 * 1000, null), 443);
schemeRegistry.register(httpScheme);
schemeRegistry.register(httpsScheme);
ClientConnectionManager manager = new ThreadSafeClientConnManager(params, schemeRegistry);
//create client
DefaultHttpClient httpClient = new DefaultHttpClient(manager, params);
httpClient.getCredentialsProvider().setCredentials(new AuthScope(address, port),
new UsernamePasswordCredentials(username, password));
}
}
你是如何初始化你的HttpClient的?發佈一些代碼。 – 2012-03-23 08:02:54
初始化非常普遍。我在原始文章中添加示例代碼。謝謝 – lyobwon 2012-03-23 08:31:26