我做一些简单的HTTP认证时,出现了的Java:与HTTPBasic抓取网址验证
java.lang.IllegalArgumentException: Illegal character(s) in message header value: Basic OGU0ZTc5ODBk(...trimmed from 76 chars...)
(...more password data...)
我想这是因为我有一个很长的用户名和密码和编码器与包装它\n
在76个字符。有什么方法可以解决这个问题吗?该URL仅支持HTTP基本身份验证。
这里是我的代码:
private class UserPassAuthenticator extends Authenticator {
String user;
String pass;
public UserPassAuthenticator(String user, String pass) {
this.user = user;
this.pass = pass;
}
// This method is called when a password-protected URL is accessed
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication(user, pass.toCharArray());
}
}
private String fetch(StoreAccount account, String path) throws IOException {
Authenticator.setDefault(new UserPassAuthenticator(account.getCredentials().getLogin(), account.getCredentials().getPassword()));
URL url = new URL("https", account.getStoreUrl().replace("http://", ""), path);
System.out.println(url);
URLConnection urlConn = url.openConnection();
Object o = urlConn.getContent();
if (!(o instanceof String))
throw new IOException("Wrong Content-Type on " + url.toString());
// Remove the authenticator back to the default
Authenticator.setDefault(null);
return (String) o;
}
的安全通知:如果通过HTTP使用的用户名和密码,这两个事情发送清晰的字符串。最好使用不同的身份验证(表单,POST)和传输协议(HTTPS,H2)。 – tfb785 2017-06-01 12:50:11