我正在使用HttpClient 4.5.x调用具有NTLM身份验证的SOAP Web服务。身份验证成功进行。这是3种方式的握手。例如,如果我进行包含图像或其他数据内容的后请求,则对于每个握手请求,都会发送数据。
来自HttpClients资料在线的一个建议是先执行便宜的请求,然后将相同的客户端上下文对象用于后续的大请求。它还在文档中说明了这一点-从4.1版开始,HttpClient自动缓存有关已成功通过身份验证的主机的信息。
我尝试过相同的方法。我随后以相同的方法和相同的线程发生了这两个请求。 (默认)缓存不会发生。两次都发生了3次握手。
在日志中,我看到以下语句[org.apache.http.client.protocol.RequestAuthCache] Auth cache not set in the context
可能是此默认设置不适用于NTLM。是否有任何标志可以打开缓存?还是应该自己创建AuthCache并进行维护?看起来仅用于抢占式身份验证,它会创建一个身份验证缓存。因此,我怀疑它是否适用于我的情况。
private void callServiceWithAuthentication (ByteArrayEntity entity)
{
try {
/*
AuthScope authScope = new AuthScope("WEBSERVICE-HOST", 443, AuthScope.ANY_REALM, "ntlm");
*/
CloseableHttpClient httpclient = HttpClients.createDefault();
NTCredentials ntCredentials = new NTCredentials(this.userName, this.password, null, "DOMAIN");
CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(AuthScope.ANY, ntCredentials);
httpClientContext = HttpClientContext.create();
httpClientContext.setCredentialsProvider(credentialsProvider);
HttpHost targetHost = new HttpHost ("WEBSERVICE_HOST", 443);
HttpGet httpGet = new HttpGet ("WEBSERVICE_URL");
CloseableHttpResponse httpResponse = httpclient.execute(httpGet, httpClientContext);
HttpEntity getResponseEntity = httpResponse.getEntity();
HttpPost post = new HttpPost("WEBSERVICE_URL");
post.setEntity(entity);
// Execute request
try {
CloseableHttpResponse response = httpclient.execute(post, httpClientContext);
StatusLine statusLine = response.getStatusLine();
HttpEntity rentity = response.getEntity();
System.out.println ("HTTP Response Code: " + statusLine.getStatusCode());
if (statusLine.getStatusCode() >= 300) {
throw new HttpResponseException(
statusLine.getStatusCode(),
statusLine.getReasonPhrase());
}
if (entity == null) {
throw new ClientProtocolException("Response contains no content");
}
System.out.println (rentity.getContent());
}
catch (Exception e) {
e.printStackTrace();
}
finally {
// Release current connection to the connection pool once you are done
post.releaseConnection();
}
}
catch (Exception e) {e.printStackTrace();}
finally {
}
}
我必须在第二个请求之前先消耗第一个响应实体。然后,第二个请求不再进行(三向握手)身份验证。
EntityUtils.consume(getResponseEntity);
我还有更多清理工作要做