HttpsURLConnection 安全传输(HTTPS--Secure Hypertext Transfer Protocol-安全超文本传输协议)
HttpsURLConnection 扩展 HttpURLConnection,支持各种特定于 https 功能。此类使用 HostnameVerifier 和 SSLSocketFactory。为这两个类都定义了默认实现。但是,可以根据每个类(静态的)或每个实例来替换该实现。所有新 HttpsURLConnection 实例在创建时将被分配“默认的”静态值,通过在连接前调用每个实例适当的 set 方法可以重写这些值
在URL前加https://前缀表明是用SSL加密的。 你的电脑与服务器之间收发的信息传输将更加安全。
Web服务器启用SSL需要获得一个服务器证书并将该证书与要使用SSL的服务器绑定。
http和https使用的是完全不同的连接方式,用的端口也不一样,前者是80,后者是443。http的连接很简单,是无状态的,...
HTTPS协议是由SSL+HTTP协议构建的可进行加密传输、身份认证的网络协议
要比http协议安全
import java.io.*;
import java.net.*;
import java.security.*;
import java.security.cert.*;
import javax.net.ssl.*; public class HttpsURLConnectionTest { private String url = "https://esales.the9.com/esa/DealerLogin.php?txt_sLogin=andysmile234&pas_sPwd=343211&userstatus=1"; private myX509TrustManager xtm = new myX509TrustManager(); private myHostnameVerifier hnv = new myHostnameVerifier(); public HttpsURLConnectionTest() {
SSLContext sslContext = null;
try {
sslContext = SSLContext.getInstance("TLS"); //或SSL
X509TrustManager[] xtmArray = new X509TrustManager[] {xtm};
sslContext.init(null, xtmArray, new java.security.SecureRandom());
} catch (GeneralSecurityException e) {
e.printStackTrace();
}
if (sslContext != null) {
HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
}
HttpsURLConnection.setDefaultHostnameVerifier(hnv);
} public void run() {
HttpsURLConnection urlCon = null;
try {
urlCon = (HttpsURLConnection)(new URL(url)).openConnection();
urlCon.setDoOutput(true);
urlCon.setRequestMethod("POST");
urlCon.setRequestProperty("Content-Length", "1024");
urlCon.setUseCaches(false);
urlCon.setDoInput(true);
urlCon.getOutputStream().write("request content".getBytes("gbk"));
urlCon.getOutputStream().flush();
urlCon.getOutputStream().close();
BufferedReader in = new BufferedReader(new InputStreamReader(urlCon.getInputStream()));
String line;
while ((line = in.readLine()) != null) {
System.out.println(line);
}
// 增加自己的代码
} catch (MalformedURLException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
} public static void main(String[] args) {
HttpsURLConnectionTest httpsTest = new HttpsURLConnectionTest();
httpsTest.run();
}
} /**
* 重写三个方法
* @author Administrator
*
*/
class myX509TrustManager implements X509TrustManager { public void checkClientTrusted(X509Certificate[] chain, String authType) {
} public void checkServerTrusted(X509Certificate[] chain, String authType) {
System.out.println("cert: " + chain[0].toString() + ", authType: " + authType);
} public X509Certificate[] getAcceptedIssuers() {
return null;
}
} /**
* 重写一个方法
* @author Administrator
*
*/
class myHostnameVerifier implements HostnameVerifier { public boolean verify(String hostname, SSLSession session) {
System.out.println("Warning: URL Host: " + hostname + " vs. " + session.getPeerHost());
return true;
}
}
以下摘自:http://www.zimbio.com/member/kinggod03/articles/HImNQwJm-Lp/
终于完成了博客备份的程序,自己一直想做的事情算是完成了。发扬怀疑一切的精神,真不放心把自己的帐号告诉其他的公司,让他们来备份。闲来无事,也为了让我玩实况累的发软的手体验一下敲代码的感觉,专心的做完了这个备份博客的程序。总共有300多行,功能其实也很简单,就是把每篇文章的网页保存起来 ,但第一次做这种网络程序,很多都要学习。下面列出几点收获:
1,登陆需要使用SSL协议,似乎封装的太好了——只是把代码烤过来,很简单,现在也没懂是啥意思
2,使用Cookie。登录之后究竟用什么保存SessionID,头疼了很长时间。用IE进行登陆,把Cookie设成“提示”,于是所有的暗箱操作都见了阳光。这时才知道,几乎每个网页都会用Cookie存些东西,哪还有隐私。百度是必须用Cookie的,否则就无法登陆。这样有些过分了,应该提供一个选择。得到Cookie值后需要把“PASSPORTRETRYSTRING=deleted;”去掉,这个字段应该是用于防止重复提交的。如果不去掉,相当于没有登陆。去掉之后的Cookie值(主要是BDUUSS和BDUID)可以发送到服务器,这样就以登陆用户的身份查看博客了。
3,对于HTML代码应该可以用XML的方式来处理,不过我没有那个耐心,就用字符串的替代查找来实现了,效率不好,可以改进。
4,连接那部分代码借鉴了Google提供的博客访问的源代码,受益匪浅。百度没有相应的API,要不然我也不用这么麻烦。
5,还有许多细节的东西,比如文件读写啦。
6,看HTML代码真是头大!!!
为了取得信任我就把源代码贴出来,这也是我不愿意用那些商业软件的原因。商业软件,赚钱是最主要的,他不信任我,我也不信任他。而我,只不过图个安心和方便。
/**
* 本程序可用于备份百度空间的文章。
* 18 hours costed.
* niuys.
* 2007.7.11
*/
import java.io.*;
import java.net.*;
import java.security.GeneralSecurityException;
import java.security.cert.X509Certificate;
import java.util.*; import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.X509TrustManager; public class OpticalBackup {
// 把博客信息应编码
private String urlString = "https://passport.baidu.com/?login"; // 保存的目录
private String saveDir = "L:\\blogBackup"; // 博客的根路径
private String spaceRoot = "http://hi.baidu.com/niuys/blog/index/"; private String articleURLHead = "/niuys/blog/item/"; // parameters needed to log in.
Map parameters = new HashMap(); // 建立连接需要使用cookie提供的sessionID.
String cookieVal = null; // Create an anonymous class to trust all certificates.
// This is bad style, you should create a separate class.
private X509TrustManager xtm = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] chain, String authType) {
} public void checkServerTrusted(X509Certificate[] chain, String authType) {
// System.out.println("cert: " + chain[0].toString() + ", authType:
// "
// + authType);
} public X509Certificate[] getAcceptedIssuers() {
return null;
}
}; // Create an class to trust all hosts
private HostnameVerifier hnv = new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
// System.out.println("hostname: " + hostname);
return true;
}
}; // In this function we configure our system with a less stringent
// hostname verifier and X509 trust manager. This code is
// executed once, and calls the static methods of HttpsURLConnection
public OpticalBackup() {
// The parameters needed to log on.
parameters.put("username", "保密");
parameters.put("password", "保密");
parameters.put("Submit", " 登录 ");
parameters.put("tpl", "sp");
parameters.put("tpl_reg", "sp");
parameters.put("u", "http://www.baidu.com/"); // check the saveDir
File dir = new File(saveDir);
if (!dir.exists()) {
dir.mkdir();
} // Initialize the TLS SSLContext with
// our TrustManager
SSLContext sslContext = null;
try {
sslContext = SSLContext.getInstance("TLS");
X509TrustManager[] xtmArray = new X509TrustManager[] {xtm};
sslContext.init(null, xtmArray, new java.security.SecureRandom());
} catch (GeneralSecurityException e) {
// Print out some error message and deal with this exception
e.printStackTrace();
} // Set the default SocketFactory and HostnameVerifier
// for javax.net.ssl.HttpsURLConnection
if (sslContext != null) {
HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
}
HttpsURLConnection.setDefaultHostnameVerifier(hnv);
} // the whole process
public void run() {
try {
URL url = new URL(urlString);
HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection(); // Set properties of the connection
urlConnection.setDoInput(true);
urlConnection.setDoOutput(true);
urlConnection.setUseCaches(false);
urlConnection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); // Form the POST parameters
StringBuilder content = new StringBuilder();
boolean first = true;
Set set = parameters.entrySet();
Iterator iterator = set.iterator();
Map.Entry parameter = (Map.Entry) iterator.next();
try {
while (parameter != null) {
if (!first) {
content.append("&");
}
content.append(URLEncoder.encode((String) parameter.getKey(), "UTF-8")).append("=");
content.append(URLEncoder.encode((String) parameter.getValue(), "UTF-8"));
first = false;
parameter = (Map.Entry) iterator.next();
}
} catch (NoSuchElementException e) {
e.printStackTrace();
} // send the POST request to server
OutputStream outputStream = null;
try {
outputStream = urlConnection.getOutputStream();
outputStream.write(content.toString().getBytes("utf-8"));
outputStream.flush();
} finally {
if (outputStream != null) {
outputStream.close();
}
} // Retrieve the output
InputStream inputStream = null;
StringBuilder outputBuilder = new StringBuilder();
try {
int responseCode = urlConnection.getResponseCode();
if (responseCode == HttpURLConnection.HTTP_OK) {
inputStream = urlConnection.getInputStream();
} else {
inputStream = urlConnection.getErrorStream();
} String string;
if (inputStream != null) {
BufferedReader reader = new BufferedReader(new InputStreamReader(inputStream));
while (null != (string = reader.readLine())) {
outputBuilder.append(string).append('\n');
}
} // get the cookie value in the header filelds
Map map = urlConnection.getHeaderFields();
Collection collection = map.values();
Object[] values = collection.toArray();
// values[4].toString() is nedded .Otherwise,an exception
// throws. Direct class cast is forbidded.
cookieVal = (String) values[4].toString(); // "replaceAll()" requests that if "[" exits, "]" is nedded
// too.This is the diffrence from "replace()".
cookieVal = cookieVal.replace(']', ' ').replace("[PASSPORTRETRYSTRING=deleted; expires=Mon, 01 Jan 1970 00:00:00 GMT; path=/;", "");// remedy the first key from cookie
} finally {
if (inputStream != null) {
inputStream.close();
}
} // find all the URLs of the articles you write.
ArrayList pageURLs = findLinkers(); // save all the articles
for (int i = 0; i < pageURLs.size(); i++) {
savePage((String) pageURLs.get(i));
}
} catch (Exception e) {
e.printStackTrace();
}
} // save the article with the URL
private void savePage(String pageURL) {
try {
// create the file to accept the output.The file's name is a part of
// the URL
File pageFile = new File(saveDir + "\\" + pageURL.substring(36)); // 增量备份
if (pageFile.exists())
return;
FileWriter fw = new FileWriter(pageFile); // create the connection to the server,and get the results.
URL url = new URL(pageURL);
String content = getContentFromURL(url); // write the contents to the file.
fw.write(content);
// flush the contents in the buffer.Without
// it,the file's content may be not completed.
fw.flush();
fw.close();
} catch (Exception e) {
e.printStackTrace();
}
} // find all the articles' URL from the html code accepted from the server
private ArrayList findLinkers() {
// the index of the articles
int i = 0;
ArrayList linkers = new ArrayList();
URL url = null; try {
while (true) {
url = new URL(spaceRoot + i);
System.out.println("url==" + url);
i++;// next index
// get the content from server
String content = getContentFromURL(url);
// Analyze the content.
ArrayList temp = getLinkerFromContent(content);
if (temp.isEmpty())// no article url exists
return linkers; linkers.addAll(temp);// combine the URLs
}
} catch (Exception e) {
e.printStackTrace();
} return linkers;
} private ArrayList getLinkerFromContent(String content) {
ArrayList linkerArray = new ArrayList();
String linker = null;
// The article's URL begins with "/niuys/blog/item/"
int index = content.indexOf(articleURLHead);
if (content.indexOf("暂无文章") > 0) {// 超过页数时会返回包含“暂无文章”的页,end
return linkerArray;
} // deal with the content
while (index > 0) {
// get the whole URL
linker = content.substring(index, index + 46);
content = content.replace(linker, "");
index = content.indexOf(articleURLHead);
linker = "http://hi.baidu.com" + linker;
linkerArray.add(linker); System.out.println("linker==" + linker);
} return linkerArray;
} private String getContentFromURL(URL url) throws Exception {
HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection(); // Set properties of the connection
urlConnection.setDoInput(true);
urlConnection.setDoOutput(true);
urlConnection.setUseCaches(false);
urlConnection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
urlConnection.addRequestProperty("Cookie", cookieVal); // Retrieve the output
InputStream inputStream = null;
StringBuilder outputBuilder = new StringBuilder(); int responseCode = urlConnection.getResponseCode();
if (responseCode == HttpURLConnection.HTTP_OK) {
inputStream = urlConnection.getInputStream();
} else {
inputStream = urlConnection.getErrorStream();
} String string;
if (inputStream != null) {
BufferedReader reader = new BufferedReader(new InputStreamReader(inputStream));
while (null != (string = reader.readLine())) {
outputBuilder.append(string).append('\n');
}
inputStream.close();
return outputBuilder.toString();
}
return "";
} public static void main(String[] args) {
OpticalBackup backup = new OpticalBackup();
backup.run();
} }
HttpsURLConnection 安全传输(HTTPS--Secure Hypertext Transfer Protocol-安全超文本传输协议)的更多相关文章
- Hyper Text Transfer Protocol(超文本传输协议)
HTTP简介 HTTP协议是Hyper Text Transfer Protocol(超文本传输协议)的缩写,是用于从万维网(WWW:World Wide Web )服务器传输超文本到本地浏览器的传送 ...
- HTTP(HyperText Transport Protocol)超文本传输协议的状态码
关于HTTP状态码:是用于表示网页服务器HTTP响应状态的3位数字代码. 所有状态码的第一个数字代表了响应的五种状态之一. 1xx:消息:这一类型的状态码代表请求已被接受,需要继续处理 2xx:成功: ...
- Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content
Content-Type https://tools.ietf.org/html/rfc7231#section-3.1.1.5 https://tools.ietf.org/html/rfc7231 ...
- 超文本传输协议 - HTTP / 1.1(Hypertext Transfer Protocol -- HTTP/1.1)之方法定义(Method Definitions)
9方法定义 下面定义了HTTP / 1.1的一组常用方法.尽管可以扩展这个集合,但是另外的方法不能假定为单独扩展的客户端和服务器共享相同的语义. 主机请求头域(14.23节)必须伴随所有的HTTP / ...
- TFTP(Trivial File Transfer Protocol,简单文件传输协议)
网络特性 通常使用UDP 69端口(据说可改成TCP) 与FTP区别 轻量级,适用于传输小文件,当然功能也少些,比如没有列出目录功能,不进行认证
- MTP(Media Transfer Protocol(媒体传输协议))简介
---恢复内容开始--- 1,简单说明 MTP,微软公司规定的新的传输规则(字面本来应该是协议的,但是自己感觉更像是规则,制定了基本上的所有路线,剩下的是你想怎么选择罢了,使用者完全没有可能在它的框架 ...
- 安全超文本传输协议(HTTPS)详解
一.概念与摘要 HTTPS (Secure Hypertext Transfer Protocol)安全超文本传输协议,是一个安全通信通道,它基于HTTP开发用于在客户计算机和服务器之间交换信息.它使 ...
- 【RL-TCPnet网络教程】第41章 HTTP超文本传输协议基础知识
第41章 HTTP超文本传输协议基础知识 本章节为大家讲解HTTP(HyperText Transfer Protocol,超文本传输协议),从本章节开始,正式进入嵌入式Web的设计和学习. ...
- http 超文本传输协议
超文本传输协议(HTTP,HyperText Transfer Protocol)是互联网上应用最为广泛的一种网络协议.所有的WWW文件都必须遵守这个标准.设计HTTP最初的目的是为了提供一种发布和接 ...
随机推荐
- 【07】QQ群管理公告小结:
[07]QQ群管理公告小结: 01,请看公告遵守相关规定. 02,群内除QQ自带的缺省表情外(不是QQ的VIP或大图表情),禁止发送大表情,大图片(展示问题的屏幕截图除外), 03,修改群名片 ...
- dataTables中固定表头
dataTables中固定表头 加入 bAutowidth:false, <style> #dayReveiveMoney_payment_list_table_wrapper .dat ...
- PTA 03-树1 树的同构 (25分)
题目地址 https://pta.patest.cn/pta/test/15/exam/4/question/711 5-3 树的同构 (25分) 给定两棵树T1和T2.如果T1可以通过若干次左右 ...
- 洛谷P2527 [SHOI2001]Panda的烦恼
题目描述 panda是个数学怪人,他非常喜欢研究跟别人相反的事情.最近他正在研究筛法,众所周知,对一个范围内的整数,经过筛法处理以后,剩下的全部都是质数,不过panda对这些不感兴趣,他只对被筛掉 ...
- spoj 839 最小割+二进制
#include<stdio.h> #include<string.h> #include<queue> using namespace std; #define ...
- 子串(codevs 4560)
题目描述 Description 有两个仅包含小写英文字母的字符串A和B.现在要从字符串A中取出k个互不重叠的非空子串,然后把这k个子串按照其在字符串A中出现的顺序依次连接起来得到一个新的字符串,请问 ...
- POJ2014 Flow Layout
Time Limit: 1000MS Memory Limit: 30000K Total Submissions: 3161 Accepted: 2199 Description A f ...
- hdu4115:Eliminate the Conflict
n<=10000局剪刀石头布,对面第i局出Ai,m<=10000种对你出什么提出的要求:Xi Yi Wi 表示第Xi局和第Yi局,Wi=1:必须不同:Wi=0:必须相同,问是否存在你一局都 ...
- Python()-类命名空间和对象/实例命名空间
类命名空间和对象/实例命名空间: 创建类, 就会创建一个类的名称空间, 空间:存储类的属性 属性: 静态属性:直接定义在类下面 & 和类名关联 的变量 对象属性:在类内和self关联 & ...
- ubuntu 14.04 安装docker,docker-compose
通过阿里的镜像安装 curl -sSL http://acs-public-mirror.oss-cn-hangzhou.aliyuncs.com/docker-engine/internet | s ...