2015年11月10日 Java Experience 浏览(1426) 收藏

Http之通过Java模拟带用户登录信息的Url请求

Java模拟的Http请求如何带上登录的信息访问需要用户登录的URL? 例如:下单购买商品需要登录后才能操作,如何通过Java写一个算法快速登录并直接下单达到抢购商品的目的?本文将给编程爱好者提供若干思路。


一、Java httpclient模拟url请求时带上登录Cookie信息


这里,需要准备两个Jar包:httpclient-4.1.1.jar、commons-httpclient-3.1.jar

import java.net.URI;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;

import org.apache.commons.httpclient.cookie.CookiePolicy;
import org.apache.commons.lang.StringUtils;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.protocol.ClientContext;
import org.apache.http.impl.client.BasicCookieStore;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.client.DefaultHttpRequestRetryHandler;
import org.apache.http.impl.cookie.BasicClientCookie;
import org.apache.http.impl.cookie.BasicClientCookie2;
import org.apache.http.protocol.BasicHttpContext;
import org.apache.http.protocol.HttpContext;
import org.apache.http.util.EntityUtils;

public class CookiesForgeTester {

    public static void main(String[] args) {
        doHttpRequest();
    }
    
    @SuppressWarnings("deprecation")
    private static BasicClientCookie setWeiSiteCookies(String name,String value,String date){  
        BasicClientCookie2 cookie = new BasicClientCookie2(name,value);  
        cookie.setDomain(".everycoding.com");  
        cookie.setPath("/");  
        if (StringUtils.isNotBlank(date)) {  
            cookie.setExpiryDate(new Date(date));  
        }else{  
            cookie.setExpiryDate(null);  
        }  
        return cookie;  
    }  
  
    public static void doHttpRequest(){  
        DefaultHttpClient httpclient = new DefaultHttpClient();  
        httpclient.getParams().setParameter("http.protocol.cookie-policy",  
                CookiePolicy.BROWSER_COMPATIBILITY);  
        org.apache.http.params.HttpParams params = httpclient.getParams();  
        org.apache.http.params.HttpConnectionParams.setConnectionTimeout(params, 5000);  
        org.apache.http.params.HttpConnectionParams.setSoTimeout(params, 1000*60*10);  
        DefaultHttpRequestRetryHandler dhr = new DefaultHttpRequestRetryHandler(3,true);  
        HttpContext localContext = new BasicHttpContext();  
        //HttpRequest request2 = (HttpRequest) localContext.getAttribute(ExecutionContext.HTTP_REQUEST);  
        httpclient.setHttpRequestRetryHandler(dhr);  
        BasicCookieStore cookieStore = new BasicCookieStore();
        /**
         * 如果此处cookies的key和value是用户正在登陆认证cookies,则请求url时addCookie带上
         * 此cookies,则相当于带上了登陆的密钥,请求url可以不受登陆权限的限制,进行敏感的信息的操作。
         * 例如:
         * 对于简单的电子商务网站,我们可以根据这个思路写一个抢购的逻辑,通过机器快速下单,
         * 而无需在网页上手工点击。
         */
        cookieStore.addCookie(setWeiSiteCookies("loginUser", "a8d15e8f143293f9dxxxx6c2fe23xxx971851fb910c6bbbd2c327527d86c8a16a725791c317bad88", null)); //ok  
        localContext.setAttribute(ClientContext.COOKIE_STORE, cookieStore);  
        HttpGet request = new HttpGet();  
        List urlList = urlList();
        try {
            for (String url : urlList) {
                request.setURI(URI.create(url));
                HttpResponse response = null;
                response = httpclient.execute(request, localContext);
                System.out.println("执行结果返回值:"+EntityUtils.toString(response.getEntity(), "utf-8"));
                Thread.sleep(10l);
            }
        } catch (Exception e) {
            System.out.println("发生异常:"+e);
        }
    }
    
    public static List urlList() {
        List urlList = new ArrayList();
        List list = new ArrayList();
        list.add(1L);
        list.add(2L);
        for (Long codingId : list) {
            String url = "http://www.everycoding.com/coding/"+codingId+".html";
            urlList.add(url);
        }
        return urlList;
    }
}


二、使用host绑定对方域名,获得访问对方系统必要的cookies


这里可使用hosts绑定软件:mcHostEditor 进行host绑定。

例如 绑定everycoding.com 到本地IP,则:

127.0.0.1 xx.everycoding.com

由于xx.everycoding.com绑定的是本机tomcat程序,域名却带.everycoding.com 。那么访问本机web项目时,系统

可读取.everycoding.com这个域下面所有的cookies信息。获得这些cookies信息后可以在访问对方系统时,使用

addCookie带上这些cookies信息,成功实现模拟类似浏览器访问的url请求信息。

来源:http://www.everycoding.com
赞一下 4 人赞了本文