Android中的Https网络请求get和post 不进行认证
来源:互联网 发布:关闭mac的开机声音 编辑:程序博客网 时间:2024/05/06 10:06
HTTPS(全称:Hyper Text Transfer Protocol over Secure Socket Layer)是通过证书认证、数据加密打造的一条安全的HTTP通道,也就是安全版HTTP,一般在金融行业用到的比较多。使用Https加密需要第三方机构进行认证,不然浏览器会提示证书不安全。当然也可以自制证书,像12306网站就是采用自制证书;
Https的工作原理;
1、客户端向服务器发起Https请求;
2、服务器响应并下发证书,证书包含有公钥、证书颁发机构、过期时间、对称加密算法种类等信息;
3、客户端接收到证书后,解析证书信息验证是否合法;
4、证书合法客户端解析对称加密算法种类,并生成对应的密钥(对称加密)通过公钥加密给服务器;
5、后面服务器与客户端通讯就采用对称加密进行加解密,密钥只有客户端与服务器知道,只要加密算法够安全,数据就足够安全;
Https和Http的区别:
1、HTTP 的URL 以http:// 开头,而HTTPS 的URL 以https:// 开头
2、HTTP 是不安全的,而 HTTPS 是安全的
3、HTTP 无法加密,而HTTPS 对传输的数据进行加密
4、 HTTP无需证书,而HTTPS 需要CA机构wosign的颁发的SSL证书
Android中代码
Https Get请求
package com.test;import android.os.Handler;import android.os.Message;import android.util.Log;import org.apache.http.HttpResponse;import org.apache.http.HttpStatus;import org.apache.http.HttpVersion;import org.apache.http.client.HttpClient;import org.apache.http.client.methods.HttpGet;import org.apache.http.conn.ClientConnectionManager;import org.apache.http.conn.scheme.PlainSocketFactory;import org.apache.http.conn.scheme.Scheme;import org.apache.http.conn.scheme.SchemeRegistry;import org.apache.http.conn.ssl.SSLSocketFactory;import org.apache.http.impl.client.DefaultHttpClient;import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager;import org.apache.http.params.BasicHttpParams;import org.apache.http.params.HttpConnectionParams;import org.apache.http.params.HttpParams;import org.apache.http.params.HttpProtocolParams;import org.apache.http.protocol.HTTP;import org.apache.http.util.EntityUtils;import java.net.SocketException;import java.net.UnknownHostException;import java.security.KeyStore;/** * Https get请求 */public class HttpsGetThread extends Thread {private Handler handler;private String httpUrl;private int mWhat;// public static final int ERROR = 404;// public static final int SUCCESS = 200;public HttpsGetThread(Handler handler, String httpUrl) {super();this.handler = handler;this.httpUrl = httpUrl;mWhat = 200;}public HttpsGetThread(Handler handler, String httpUrl, int what) {super();this.handler = handler;this.httpUrl = httpUrl;mWhat = what;}@Overridepublic void run() {// TODO Auto-generated method stubtry {HttpParams httpParameters = new BasicHttpParams();HttpConnectionParams.setConnectionTimeout(httpParameters, 10000);HttpConnectionParams.setSoTimeout(httpParameters, 10000);HttpClient hc = getHttpClient(httpParameters);HttpGet get = new HttpGet(httpUrl);get.setParams(httpParameters);HttpResponse response = null;try {response = hc.execute(get);} catch (UnknownHostException e) {throw new Exception("Unable to access "+ e.getLocalizedMessage());} catch (SocketException e) {throw new Exception(e.getLocalizedMessage());}int sCode = response.getStatusLine().getStatusCode();if (sCode == HttpStatus.SC_OK) {String result = EntityUtils.toString(response.getEntity(),HTTP.UTF_8);handler.sendMessage(Message.obtain(handler, mWhat, result)); // 请求成功Log.i("info", "result = " + result);} else {String result = EntityUtils.toString(response.getEntity(),HTTP.UTF_8);Log.i("info", "result = " + result);}} catch (Exception e) {e.printStackTrace();Log.i("info", "=============异常退出==============");handler.sendMessage(Message.obtain(handler, 404, "异常退出"));}super.run();}/** * 获取HttpClient * * @param params * @return */public static HttpClient getHttpClient(HttpParams params) {try {KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());trustStore.load(null, null);SSLSocketFactory sf = new SSLSocketFactoryImp(trustStore);sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);HttpProtocolParams.setUseExpectContinue(params, true);// 设置http https支持SchemeRegistry registry = new SchemeRegistry();registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));registry.register(new Scheme("https", sf, 443));// SSL/TSL的认证过程,端口为443ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);return new DefaultHttpClient(ccm, params);} catch (Exception e) {return new DefaultHttpClient(params);}}}
Http Post请求
package com.test;import android.os.Handler;import android.os.Message;import org.apache.http.HttpResponse;import org.apache.http.HttpStatus;import org.apache.http.HttpVersion;import org.apache.http.NameValuePair;import org.apache.http.client.HttpClient;import org.apache.http.client.entity.UrlEncodedFormEntity;import org.apache.http.client.methods.HttpPost;import org.apache.http.conn.ClientConnectionManager;import org.apache.http.conn.params.ConnManagerParams;import org.apache.http.conn.scheme.PlainSocketFactory;import org.apache.http.conn.scheme.Scheme;import org.apache.http.conn.scheme.SchemeRegistry;import org.apache.http.conn.ssl.SSLSocketFactory;import org.apache.http.impl.client.DefaultHttpClient;import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager;import org.apache.http.params.BasicHttpParams;import org.apache.http.params.HttpConnectionParams;import org.apache.http.params.HttpParams;import org.apache.http.params.HttpProtocolParams;import org.apache.http.protocol.HTTP;import org.apache.http.util.EntityUtils;import java.net.SocketException;import java.net.UnknownHostException;import java.security.KeyStore;import java.util.List;/** * Https Post请求 */public class HttpsPostThread extends Thread {private Handler handler;private String httpUrl;private List<NameValuePair> valueList;private int mWhat;public static final int ERROR = 404;public static final int SUCCESS = 200;public HttpsPostThread(Handler handler, String httpUrl,List<NameValuePair> list, int what) {super();this.handler = handler;this.httpUrl = httpUrl;this.valueList = list;this.mWhat = what;}public HttpsPostThread(Handler handler, String httpUrl,List<NameValuePair> list) {super();this.handler = handler;this.httpUrl = httpUrl;this.valueList = list;this.mWhat = SUCCESS;}@Overridepublic void run() {// TODO Auto-generated method stubString result = null;try {HttpParams httpParameters = new BasicHttpParams();// 设置连接管理器的超时ConnManagerParams.setTimeout(httpParameters, 10000);// 设置连接超时HttpConnectionParams.setConnectionTimeout(httpParameters, 10000);// 设置socket超时HttpConnectionParams.setSoTimeout(httpParameters, 10000);HttpClient hc = getHttpClient(httpParameters);HttpPost post = new HttpPost(httpUrl);post.setEntity(new UrlEncodedFormEntity(valueList, HTTP.UTF_8));post.setParams(httpParameters);HttpResponse response = null;try {response = hc.execute(post);} catch (UnknownHostException e) {throw new Exception("Unable to access "+ e.getLocalizedMessage());} catch (SocketException e) {throw new Exception(e.getLocalizedMessage());}int sCode = response.getStatusLine().getStatusCode();if (sCode == HttpStatus.SC_OK) {result = EntityUtils.toString(response.getEntity(), HTTP.UTF_8);if (handler != null) {handler.sendMessage(Message.obtain(handler, mWhat, result)); // 请求成功}} else {result = "请求失败" + sCode; // 请求失败// 404 - 未找到if (handler != null) {handler.sendMessage(Message.obtain(handler, ERROR, result));}}} catch (Exception e) {e.printStackTrace();if (handler != null) {result = "请求失败,异常退出";handler.sendMessage(Message.obtain(handler, ERROR, result));}}super.run();}/** * 获取HttpClient * * @param params * @return */public static HttpClient getHttpClient(HttpParams params) {try {KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());trustStore.load(null, null);SSLSocketFactory sf = new SSLSocketFactoryImp(trustStore);sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);HttpProtocolParams.setUseExpectContinue(params, true);// 设置http https支持SchemeRegistry registry = new SchemeRegistry();registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));registry.register(new Scheme("https", sf, 443));// SSL/TSL的认证过程,端口为443ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);return new DefaultHttpClient(ccm, params);} catch (Exception e) {return new DefaultHttpClient(params);}}}
SSLSocketFactoryImp类:
如果要进行证书认证,可以在该方法中实现
package com.test;import java.io.IOException;import java.net.Socket;import java.net.UnknownHostException;import java.security.KeyManagementException;import java.security.KeyStore;import java.security.KeyStoreException;import java.security.NoSuchAlgorithmException;import java.security.UnrecoverableKeyException;import javax.net.ssl.SSLContext;import javax.net.ssl.TrustManager;import javax.net.ssl.X509TrustManager;import org.apache.http.conn.ssl.SSLSocketFactory;public class SSLSocketFactoryImp extends SSLSocketFactory {final SSLContext sslContext = SSLContext.getInstance("TLS");public SSLSocketFactoryImp(KeyStore truststore)throws NoSuchAlgorithmException, KeyManagementException,KeyStoreException, UnrecoverableKeyException {super(truststore);TrustManager tm = new X509TrustManager() {public java.security.cert.X509Certificate[] getAcceptedIssuers() {return null;}@Overridepublic void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType)throws java.security.cert.CertificateException {}@Overridepublic void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType)throws java.security.cert.CertificateException {}};sslContext.init(null, new TrustManager[] { tm }, null);}@Overridepublic Socket createSocket(Socket socket, String host, int port,boolean autoClose) throws IOException, UnknownHostException {return sslContext.getSocketFactory().createSocket(socket, host, port,autoClose);}@Overridepublic Socket createSocket() throws IOException {return sslContext.getSocketFactory().createSocket();}}
测试类:
package com.test;import android.app.Activity;import android.os.Bundle;import android.os.Handler;import android.os.Message;import android.util.Log;import android.view.View;import android.widget.Button;import org.apache.http.NameValuePair;import org.apache.http.message.BasicNameValuePair;import java.util.ArrayList;import java.util.List;public class MainActivity extends Activity {private Button btn, btn1;private Handler mHandler;@Overrideprotected void onCreate(Bundle savedInstanceState) {super.onCreate(savedInstanceState);setContentView(R.layout.activity_main);initView();initListener();initData();}private void initView() {btn = (Button) findViewById(R.id.btn);btn1 = (Button) findViewById(R.id.btn1);}private void initListener() {btn.setOnClickListener(new View.OnClickListener() {@Overridepublic void onClick(View v) {List<NameValuePair> list = new ArrayList<NameValuePair>();HttpsPostThread thread = new HttpsPostThread(mHandler,"https://certs.cac.washington.edu/CAtest/", list, 200);thread.start();}});btn1.setOnClickListener(new View.OnClickListener() {@Overridepublic void onClick(View v) {HttpsGetThread thread = new HttpsGetThread(mHandler,"https://certs.cac.washington.edu/CAtest/", 200);thread.start();}});}private void initData() {mHandler = new Handler() {@Overridepublic void handleMessage(Message msg) {super.handleMessage(msg);String result = (String) msg.obj;switch (msg.what) {case 200:// 请求成功Log.e("TAG", "返回参数===" + result);break;case 404:// 请求失败Log.e("TAG", "请求失败!");break;}}};}}
4 0
- Android中的Https网络请求get和post 不进行认证
- Android中的Https网络请求get和post
- Android中的http带参数网络请求,GET和POST
- JAVA利用HttpClient进行POST和GET请求(HTTPS)
- Android网络请求库okHttp进行post、get请求
- Android-封装post和get 网络请求
- Android中的GET和POST请求
- android网络请求之post和get请求方式
- 网络请求,get和post
- Get和post网络请求
- curl请求https POST和GET方法
- android-java中的网络请求:get与post
- RestTemplate的两种请求GET和POST.不含摘要和基本认证
- 同步网络请求 类封装,包括get请求和post请求,可选择是否进行JSON解析
- Android开发网络请求之GET和POST
- android网络应用URLConnection提交请求GET和POST
- get和post请求,Android
- android get和post请求
- Spark图计算GraphX介绍及实例
- 局部敏感哈希深度解析(locality-sensetive hashing, LSH)(一)
- java项目——P2P理财之资金托管(2)
- Tomcat 下载、安装与配置
- 6.30微信基础
- Android中的Https网络请求get和post 不进行认证
- Android面试一天一题(13 Day: AsyncTask)
- Centos7.2 搭建Apache+Php+Mysql环境
- scrollview 实现滑动到底部再滑动加载数据的功能
- java项目——P2P理财之资金托管(1)
- Android中的Service(使用StartService 方式启动)
- 用VC6.0建立MFC工程,建立对话框和简单的实现跳转
- java项目——P2P理财之资金托管(1)
- BZOJ 3673/3674(可持久化并查集 by zky,可持久化并查集加强版-可持久化数组)