Hello everyone,
Below is a simple code I am trying to run to consume a REST service
with Apache's httpclient 4.1. I was of the opinion authscope would take
care of the sessions but I was obviously wrong Can someone please point
out what I am missing. Kind of stuck. Session keeps getting expired
bbetween REST requests.
//Main Class
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.util.EntityUtils;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
/**
* A simple example that uses HttpClient to execute an HTTP request
against
* a target site that requires user authentication.
*/
public class ClientAuthentication {
public static void main(String[] args) throws Exception {
DefaultHttpClient httpclient =
HttpClientIgnoreInvalidSSLCertificate.createClient();
//DefaultHttpClient httpclient = new DefaultHttpClient();
try {
httpclient.getCredentialsProvider().setCredentials(
new AuthScope("dam-vchg01.land.virtual", 443),
new UsernamePasswordCredentials("rjose",
"rjose6345"));
HttpGet httpget = new HttpGet("https://dam-
vchg01.land.virtual/vCenter-CB/api/costModels/");
System.out.println("executing request" +
httpget.getRequestLine());
HttpResponse response = httpclient.execute(httpget);
HttpEntity entity = response.getEntity();
System.out.println("---------------------------------------
-");
System.out.println(response.getStatusLine());
if (entity != null) {
System.out.println("Response content length: " +
entity.getContentLength());
try {
BufferedReader reader = new BufferedReader(
new
InputStreamReader(response.getEntity().getContent()));
String line = "";
System.out.println("nHere's the response:n");
while ((line=reader.readLine())!= null)
{
System.out.println(line);
}
} catch (IOException ex) {
ex.printStackTrace();
throw ex;
} catch (RuntimeException ex) {
httpget.abort();
throw ex;
} finally {
//Nothing
}
}
EntityUtils.consume(entity);
} finally {
httpclient.getConnectionManager().shutdown();
}
}
}
//Another Helper Class
import org.apache.http.impl.client.DefaultHttpClient;
import java.security.cert.X509Certificate;
import java.security.cert.CertificateException;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
//import org.apache.http.conn.ssl.X509HostnameVerifier;
public class HttpClientIgnoreInvalidSSLCertificate {
public static DefaultHttpClient createClient() {
try {
DefaultHttpClient base = new DefaultHttpClient();
SSLContext ctx = SSLContext.getInstance("TLS");
X509TrustManager tm = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] xcs,
String string) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] xcs,
String string) throws CertificateException {
}
public X509Certificate[] getAcceptedIssuers() {
return null;
}
};
ctx.init(null, new TrustManager[]{tm}, null);
//ssf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)
;
SSLSocketFactory ssf = new
SSLSocketFactory(ctx,SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER );
ClientConnectionManager ccm = base.getConnectionManager();
SchemeRegistry sr = ccm.getSchemeRegistry();
sr.register(new Scheme("https", 443, ssf));
return new DefaultHttpClient(ccm, base.getParams());
} catch (Exception ex) {
ex.printStackTrace();
return null;
}
}
}
Console Output:
executing requestGET https://dam-vchg01.land.virtual/vCenter-
CB/api/costModels/ HTTP/1.1
----------------------------------------
HTTP/1.1 200 OK
Response content length: 318
Here's the response:
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; status="failure">
Someone please help me or atleast point me in the right direction as to
how I can access this REST service without having to provide the
authentication details over and over and without getting session
expired error.
Note: Actually the REST response should be an xml.
Thanks,
Richard
