HttpsURLConnection 安全传输(HTTPS--Secure Hypertext Transfer Protocol-安全超文本传输协议)
HttpsURLConnection 扩展 HttpURLConnection,支持各种特定于 https 功能。此类使用 HostnameVerifier 和 SSLSocketFactory。为这两个类都定义了默认实现。但是,可以根据每个类(静态的)或每个实例来替换该实现。所有新 HttpsURLConnection 实例在创建时将被分配“默认的”静态值,通过在连接前调用每个实例适当的 set 方法可以重写这些值
在URL前加https://前缀表明是用SSL加密的。 你的电脑与服务器之间收发的信息传输将更加安全。
Web服务器启用SSL需要获得一个服务器证书并将该证书与要使用SSL的服务器绑定。
http和https使用的是完全不同的连接方式,用的端口也不一样,前者是80,后者是443。http的连接很简单,是无状态的,...
HTTPS协议是由SSL+HTTP协议构建的可进行加密传输、身份认证的网络协议
要比http协议安全
import java.io.*;
import java.net.*;
import java.security.*;
import java.security.cert.*;
import javax.net.ssl.*; public class HttpsURLConnectionTest { private String url = "https://esales.the9.com/esa/DealerLogin.php?txt_sLogin=andysmile234&pas_sPwd=343211&userstatus=1"; private myX509TrustManager xtm = new myX509TrustManager(); private myHostnameVerifier hnv = new myHostnameVerifier(); public HttpsURLConnectionTest() {
SSLContext sslContext = null;
try {
sslContext = SSLContext.getInstance("TLS"); //或SSL
X509TrustManager[] xtmArray = new X509TrustManager[] {xtm};
sslContext.init(null, xtmArray, new java.security.SecureRandom());
} catch (GeneralSecurityException e) {
e.printStackTrace();
}
if (sslContext != null) {
HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
}
HttpsURLConnection.setDefaultHostnameVerifier(hnv);
} public void run() {
HttpsURLConnection urlCon = null;
try {
urlCon = (HttpsURLConnection)(new URL(url)).openConnection();
urlCon.setDoOutput(true);
urlCon.setRequestMethod("POST");
urlCon.setRequestProperty("Content-Length", "1024");
urlCon.setUseCaches(false);
urlCon.setDoInput(true);
urlCon.getOutputStream().write("request content".getBytes("gbk"));
urlCon.getOutputStream().flush();
urlCon.getOutputStream().close();
BufferedReader in = new BufferedReader(new InputStreamReader(urlCon.getInputStream()));
String line;
while ((line = in.readLine()) != null) {
System.out.println(line);
}
// 增加自己的代码
} catch (MalformedURLException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
} public static void main(String[] args) {
HttpsURLConnectionTest httpsTest = new HttpsURLConnectionTest();
httpsTest.run();
}
} /**
* 重写三个方法
* @author Administrator
*
*/
class myX509TrustManager implements X509TrustManager { public void checkClientTrusted(X509Certificate[] chain, String authType) {
} public void checkServerTrusted(X509Certificate[] chain, String authType) {
System.out.println("cert: " + chain[0].toString() + ", authType: " + authType);
} public X509Certificate[] getAcceptedIssuers() {
return null;
}
} /**
* 重写一个方法
* @author Administrator
*
*/
class myHostnameVerifier implements HostnameVerifier { public boolean verify(String hostname, SSLSession session) {
System.out.println("Warning: URL Host: " + hostname + " vs. " + session.getPeerHost());
return true;
}
}
以下摘自:http://www.zimbio.com/member/kinggod03/articles/HImNQwJm-Lp/
终于完成了博客备份的程序,自己一直想做的事情算是完成了。发扬怀疑一切的精神,真不放心把自己的帐号告诉其他的公司,让他们来备份。闲来无事,也为了让我玩实况累的发软的手体验一下敲代码的感觉,专心的做完了这个备份博客的程序。总共有300多行,功能其实也很简单,就是把每篇文章的网页保存起来 ,但第一次做这种网络程序,很多都要学习。下面列出几点收获:
1,登陆需要使用SSL协议,似乎封装的太好了——只是把代码烤过来,很简单,现在也没懂是啥意思
2,使用Cookie。登录之后究竟用什么保存SessionID,头疼了很长时间。用IE进行登陆,把Cookie设成“提示”,于是所有的暗箱操作都见了阳光。这时才知道,几乎每个网页都会用Cookie存些东西,哪还有隐私。百度是必须用Cookie的,否则就无法登陆。这样有些过分了,应该提供一个选择。得到Cookie值后需要把“PASSPORTRETRYSTRING=deleted;”去掉,这个字段应该是用于防止重复提交的。如果不去掉,相当于没有登陆。去掉之后的Cookie值(主要是BDUUSS和BDUID)可以发送到服务器,这样就以登陆用户的身份查看博客了。
3,对于HTML代码应该可以用XML的方式来处理,不过我没有那个耐心,就用字符串的替代查找来实现了,效率不好,可以改进。
4,连接那部分代码借鉴了Google提供的博客访问的源代码,受益匪浅。百度没有相应的API,要不然我也不用这么麻烦。
5,还有许多细节的东西,比如文件读写啦。
6,看HTML代码真是头大!!!
为了取得信任我就把源代码贴出来,这也是我不愿意用那些商业软件的原因。商业软件,赚钱是最主要的,他不信任我,我也不信任他。而我,只不过图个安心和方便。
/**
* 本程序可用于备份百度空间的文章。
* 18 hours costed.
* niuys.
* 2007.7.11
*/
import java.io.*;
import java.net.*;
import java.security.GeneralSecurityException;
import java.security.cert.X509Certificate;
import java.util.*; import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.X509TrustManager; public class OpticalBackup {
// 把博客信息应编码
private String urlString = "https://passport.baidu.com/?login"; // 保存的目录
private String saveDir = "L:\\blogBackup"; // 博客的根路径
private String spaceRoot = "http://hi.baidu.com/niuys/blog/index/"; private String articleURLHead = "/niuys/blog/item/"; // parameters needed to log in.
Map parameters = new HashMap(); // 建立连接需要使用cookie提供的sessionID.
String cookieVal = null; // Create an anonymous class to trust all certificates.
// This is bad style, you should create a separate class.
private X509TrustManager xtm = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] chain, String authType) {
} public void checkServerTrusted(X509Certificate[] chain, String authType) {
// System.out.println("cert: " + chain[0].toString() + ", authType:
// "
// + authType);
} public X509Certificate[] getAcceptedIssuers() {
return null;
}
}; // Create an class to trust all hosts
private HostnameVerifier hnv = new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
// System.out.println("hostname: " + hostname);
return true;
}
}; // In this function we configure our system with a less stringent
// hostname verifier and X509 trust manager. This code is
// executed once, and calls the static methods of HttpsURLConnection
public OpticalBackup() {
// The parameters needed to log on.
parameters.put("username", "保密");
parameters.put("password", "保密");
parameters.put("Submit", " 登录 ");
parameters.put("tpl", "sp");
parameters.put("tpl_reg", "sp");
parameters.put("u", "http://www.baidu.com/"); // check the saveDir
File dir = new File(saveDir);
if (!dir.exists()) {
dir.mkdir();
} // Initialize the TLS SSLContext with
// our TrustManager
SSLContext sslContext = null;
try {
sslContext = SSLContext.getInstance("TLS");
X509TrustManager[] xtmArray = new X509TrustManager[] {xtm};
sslContext.init(null, xtmArray, new java.security.SecureRandom());
} catch (GeneralSecurityException e) {
// Print out some error message and deal with this exception
e.printStackTrace();
} // Set the default SocketFactory and HostnameVerifier
// for javax.net.ssl.HttpsURLConnection
if (sslContext != null) {
HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
}
HttpsURLConnection.setDefaultHostnameVerifier(hnv);
} // the whole process
public void run() {
try {
URL url = new URL(urlString);
HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection(); // Set properties of the connection
urlConnection.setDoInput(true);
urlConnection.setDoOutput(true);
urlConnection.setUseCaches(false);
urlConnection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); // Form the POST parameters
StringBuilder content = new StringBuilder();
boolean first = true;
Set set = parameters.entrySet();
Iterator iterator = set.iterator();
Map.Entry parameter = (Map.Entry) iterator.next();
try {
while (parameter != null) {
if (!first) {
content.append("&");
}
content.append(URLEncoder.encode((String) parameter.getKey(), "UTF-8")).append("=");
content.append(URLEncoder.encode((String) parameter.getValue(), "UTF-8"));
first = false;
parameter = (Map.Entry) iterator.next();
}
} catch (NoSuchElementException e) {
e.printStackTrace();
} // send the POST request to server
OutputStream outputStream = null;
try {
outputStream = urlConnection.getOutputStream();
outputStream.write(content.toString().getBytes("utf-8"));
outputStream.flush();
} finally {
if (outputStream != null) {
outputStream.close();
}
} // Retrieve the output
InputStream inputStream = null;
StringBuilder outputBuilder = new StringBuilder();
try {
int responseCode = urlConnection.getResponseCode();
if (responseCode == HttpURLConnection.HTTP_OK) {
inputStream = urlConnection.getInputStream();
} else {
inputStream = urlConnection.getErrorStream();
} String string;
if (inputStream != null) {
BufferedReader reader = new BufferedReader(new InputStreamReader(inputStream));
while (null != (string = reader.readLine())) {
outputBuilder.append(string).append('\n');
}
} // get the cookie value in the header filelds
Map map = urlConnection.getHeaderFields();
Collection collection = map.values();
Object[] values = collection.toArray();
// values[4].toString() is nedded .Otherwise,an exception
// throws. Direct class cast is forbidded.
cookieVal = (String) values[4].toString(); // "replaceAll()" requests that if "[" exits, "]" is nedded
// too.This is the diffrence from "replace()".
cookieVal = cookieVal.replace(']', ' ').replace("[PASSPORTRETRYSTRING=deleted; expires=Mon, 01 Jan 1970 00:00:00 GMT; path=/;", "");// remedy the first key from cookie
} finally {
if (inputStream != null) {
inputStream.close();
}
} // find all the URLs of the articles you write.
ArrayList pageURLs = findLinkers(); // save all the articles
for (int i = 0; i < pageURLs.size(); i++) {
savePage((String) pageURLs.get(i));
}
} catch (Exception e) {
e.printStackTrace();
}
} // save the article with the URL
private void savePage(String pageURL) {
try {
// create the file to accept the output.The file's name is a part of
// the URL
File pageFile = new File(saveDir + "\\" + pageURL.substring(36)); // 增量备份
if (pageFile.exists())
return;
FileWriter fw = new FileWriter(pageFile); // create the connection to the server,and get the results.
URL url = new URL(pageURL);
String content = getContentFromURL(url); // write the contents to the file.
fw.write(content);
// flush the contents in the buffer.Without
// it,the file's content may be not completed.
fw.flush();
fw.close();
} catch (Exception e) {
e.printStackTrace();
}
} // find all the articles' URL from the html code accepted from the server
private ArrayList findLinkers() {
// the index of the articles
int i = 0;
ArrayList linkers = new ArrayList();
URL url = null; try {
while (true) {
url = new URL(spaceRoot + i);
System.out.println("url==" + url);
i++;// next index
// get the content from server
String content = getContentFromURL(url);
// Analyze the content.
ArrayList temp = getLinkerFromContent(content);
if (temp.isEmpty())// no article url exists
return linkers; linkers.addAll(temp);// combine the URLs
}
} catch (Exception e) {
e.printStackTrace();
} return linkers;
} private ArrayList getLinkerFromContent(String content) {
ArrayList linkerArray = new ArrayList();
String linker = null;
// The article's URL begins with "/niuys/blog/item/"
int index = content.indexOf(articleURLHead);
if (content.indexOf("暂无文章") > 0) {// 超过页数时会返回包含“暂无文章”的页,end
return linkerArray;
} // deal with the content
while (index > 0) {
// get the whole URL
linker = content.substring(index, index + 46);
content = content.replace(linker, "");
index = content.indexOf(articleURLHead);
linker = "http://hi.baidu.com" + linker;
linkerArray.add(linker); System.out.println("linker==" + linker);
} return linkerArray;
} private String getContentFromURL(URL url) throws Exception {
HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection(); // Set properties of the connection
urlConnection.setDoInput(true);
urlConnection.setDoOutput(true);
urlConnection.setUseCaches(false);
urlConnection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
urlConnection.addRequestProperty("Cookie", cookieVal); // Retrieve the output
InputStream inputStream = null;
StringBuilder outputBuilder = new StringBuilder(); int responseCode = urlConnection.getResponseCode();
if (responseCode == HttpURLConnection.HTTP_OK) {
inputStream = urlConnection.getInputStream();
} else {
inputStream = urlConnection.getErrorStream();
} String string;
if (inputStream != null) {
BufferedReader reader = new BufferedReader(new InputStreamReader(inputStream));
while (null != (string = reader.readLine())) {
outputBuilder.append(string).append('\n');
}
inputStream.close();
return outputBuilder.toString();
}
return "";
} public static void main(String[] args) {
OpticalBackup backup = new OpticalBackup();
backup.run();
} }
HttpsURLConnection 安全传输(HTTPS--Secure Hypertext Transfer Protocol-安全超文本传输协议)的更多相关文章
- Hyper Text Transfer Protocol(超文本传输协议)
HTTP简介 HTTP协议是Hyper Text Transfer Protocol(超文本传输协议)的缩写,是用于从万维网(WWW:World Wide Web )服务器传输超文本到本地浏览器的传送 ...
- HTTP(HyperText Transport Protocol)超文本传输协议的状态码
关于HTTP状态码:是用于表示网页服务器HTTP响应状态的3位数字代码. 所有状态码的第一个数字代表了响应的五种状态之一. 1xx:消息:这一类型的状态码代表请求已被接受,需要继续处理 2xx:成功: ...
- Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content
Content-Type https://tools.ietf.org/html/rfc7231#section-3.1.1.5 https://tools.ietf.org/html/rfc7231 ...
- 超文本传输协议 - HTTP / 1.1(Hypertext Transfer Protocol -- HTTP/1.1)之方法定义(Method Definitions)
9方法定义 下面定义了HTTP / 1.1的一组常用方法.尽管可以扩展这个集合,但是另外的方法不能假定为单独扩展的客户端和服务器共享相同的语义. 主机请求头域(14.23节)必须伴随所有的HTTP / ...
- TFTP(Trivial File Transfer Protocol,简单文件传输协议)
网络特性 通常使用UDP 69端口(据说可改成TCP) 与FTP区别 轻量级,适用于传输小文件,当然功能也少些,比如没有列出目录功能,不进行认证
- MTP(Media Transfer Protocol(媒体传输协议))简介
---恢复内容开始--- 1,简单说明 MTP,微软公司规定的新的传输规则(字面本来应该是协议的,但是自己感觉更像是规则,制定了基本上的所有路线,剩下的是你想怎么选择罢了,使用者完全没有可能在它的框架 ...
- 安全超文本传输协议(HTTPS)详解
一.概念与摘要 HTTPS (Secure Hypertext Transfer Protocol)安全超文本传输协议,是一个安全通信通道,它基于HTTP开发用于在客户计算机和服务器之间交换信息.它使 ...
- 【RL-TCPnet网络教程】第41章 HTTP超文本传输协议基础知识
第41章 HTTP超文本传输协议基础知识 本章节为大家讲解HTTP(HyperText Transfer Protocol,超文本传输协议),从本章节开始,正式进入嵌入式Web的设计和学习. ...
- http 超文本传输协议
超文本传输协议(HTTP,HyperText Transfer Protocol)是互联网上应用最为广泛的一种网络协议.所有的WWW文件都必须遵守这个标准.设计HTTP最初的目的是为了提供一种发布和接 ...
随机推荐
- 【HIHOCODER 1601】 最大得分(01背包)
描述 小Hi和小Ho在玩一个游戏.给定一个数组A=[A1, A2, ... AN],小Hi可以指定M个不同的值S1,S2, S3 ... SM,这样他的总得分是 ΣSi × count(Si).(co ...
- DEVExpress中BarItem的使用2
没有验证LookUpEdit与ComBox的区别. 没有验证ZoomTrackBarControl的使用方法. SparkLine看着也蛮有趣,需要绑定数据源控件的均没有验证. 前一节介绍的BarIt ...
- 大数据学习——采集目录到HDFS
采集需求:某服务器的某特定目录下,会不断产生新的文件,每当有新文件出现,就需要把文件采集到HDFS中去 根据需求,首先定义以下3大要素 l 采集源,即source——监控文件目录 : spoold ...
- maven+struts2环境搭建
首先在struts2.xml文件配置一个包,在包中配置一个action,新建action,新建视图,在action中定义由method定义的方法,这个方法一定要返回String类型,返回的是视图的名称 ...
- POJ-3468A Simple Problem with Integers,线段数区间更新查询,代码打了无数次还是会出错~~
A Simple Problem with Integers Time Limit: 5000MS Memory Limit: 131072K Case Time L ...
- 校第十六届大学生程序设计竞赛暨2016省赛集训队选拔赛(Problem E)
Problem E Time Limit: 2000/1000 MS (Java/Others) Memory Limit: 32768/32768 K (Java/Others) Total ...
- 1010. Radix (25)(出错较多待改进)
Given a pair of positive integers, for example, 6 and 110, can this equation 6 = 110 be true? The an ...
- [USACO10FEB]慢下来Slowing down
线段树 树的dfs序 来自 洛谷 P1982 的翻译 by GeneralLiu 来自 jzyz 的翻译 %mzx 线段树 dfs序 数据结构的应用 “数据结构 是先有需求 再有应用” ...
- [BZOJ4207]Can
[BZOJ4207]Can 试题描述 这个问题是源于一个在棋盘上玩的,由Sid Sackson设计的名叫Can't stop的游戏的.这个问题与Can't stop有一定的相似之处,但是不需要玩过Ca ...
- [POJ2594] Treasure Exploration(最小路径覆盖-传递闭包 + 匈牙利算法)
传送门 引子: 有一个问题,是对于一个图上的所有点,用不相交的路径把他们覆盖,使得每个点有且仅属于一条路径,且这个路径数量尽量小. 对于这个问题可以把直接有边相连的两点 x —> y,建一个二分 ...