个人中心
gpt4 book ai didi

java - 休息模板错误403

转载 作者:行者123 更新时间:2023-11-30 08:48:07 34 4
gpt4 key购买 nike

我正在尝试实现一个请求方法,但我不知道如何将 X-XSRF-TOKEN 发送到我的网络服务。

在webservice中,token配置为X-XSRF-TOKEN

<beans:bean id="csrfTokenRepository"
    class="org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository">
    <beans:property name="headerName" value="X-XSRF-TOKEN" />
</beans:bean>

我在我的安卓应用程序中有它

public class WSConfig {
private static String urlBase = "http://192.168.25.226:8080/webapi/";
private static HttpHeaders httpHeaders;
private static RestTemplate restTemplate = new RestTemplate();
private static HttpEntity<String> httpEntity = new HttpEntity(getXSRF());
private static ResponseEntity<String> response;

public static HttpHeaders getXSRF() {
    try {
    HttpEntity<String> responseEntity = restTemplate.exchange(urlBase, HttpMethod.GET, null, String.class);
    CookieManager cookieManager = new CookieManager();
    List<String> cookieHeader = responseEntity.getHeaders().get("Set-Cookie");
    httpHeaders = new HttpHeaders();
    httpHeaders.setAccept(Arrays.asList(MediaType.APPLICATION_JSON));

    if (cookieHeader != null) {
        for (String cookie : cookieHeader) {
            String[] tokens = TextUtils.split(cookie, "=");
            if (tokens[0].equals("XSRF-TOKEN")) {
                String[] tokenValue = TextUtils.split(tokens[1],";");
                httpHeaders.add("X-XSRF-TOKEN", tokenValue[0]);
            }
            if (tokens[0].equals("JSESSIONID")) {
                String[] tokenValue = TextUtils.split(tokens[1],";");
                httpHeaders.add("Cookie", "JSSESSIONID="+tokenValue[0]);
            }
        }
    }
    } finally {
        return httpHeaders;
    }
}

public static HttpEntity<String> makeRequest(String uri, HttpMethod method) {
    try {
        restTemplate.setErrorHandler(new DefaultResponseErrorHandler(){
            protected boolean hasError(HttpStatus statusCode) {
                return false;
            }});

        System.out.println(httpEntity.getHeaders());
        response = restTemplate.exchange(urlBase + "registrar", HttpMethod.POST, null, String.class);
        System.out.println(response.getHeaders());
        System.out.println(response.getBody());
    } catch (HttpStatusCodeException e) {
        e.printStackTrace();
    }
    return null;
}
}

在我的 LogCat 中,我从 System.outs 中得到了这些结果

System.out.println(httpEntity.getHeaders());
{Accept=[application/json], Cookie=[JSSESSIONID=D0D537D4C38D2D69B01BF4F98B540763], X-XSRF-TOKEN=[8c21c671-bba4-4624-ada1-ff1e9e8f2e22]}

System.out.println(response.getHeaders());
{Server=[Apache-Coyote/1.1], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-XSS-Protection=[1; mode=block], X-Frame-Options=[DENY], X-Content-Type-Options=[nosniff], Set-Cookie=[JSESSIONID=7DBA84F6218BC9A8328A97587FC6293A; Path=/webapi/; HttpOnly], Content-Type=[text/html;charset=utf-8], Content-Language=[en], Content-Length=[1073], Date=[Thu, 20 Aug 2015 00:53:46 GMT], X-Android-Sent-Millis=[1440032027763], X-Android-Received-Millis=[1440032027805], X-Android-Response-Source=[NETWORK 403]}

而且,错误

System.out.println(response.getBody());
HTTP Status 403 - Expected CSRF token not found. Has your session expired?

我不知道我必须做什么,我正确发送了 header ,但无法发布。

已更新

我认为这个错误与 JSESSIONID 有关,而不是与 XSRF-TOKEN 有关,在我第一次 GET(获取 XSRF)之后的某个时间, session 即将过期。

最佳答案

解决方案

正如我所说,这个错误与 JSESSIONID 有关。

当我拆分 JSESSIONID cookie 时,它​​丢失了一些使 cookie 存活所需的东西(可能是路径?)

所以,不要像这样添加 cookie

httpHeaders.add("Cookie", "JSSESSIONID="+tokenValue[0]);

我是这样贴的

httpHeaders.add("Cookie", cookie);

制作它,我确保所有内容都附加到新标题。

最后的方法。

public static HttpHeaders getXSRF() {
    try {
    HttpEntity<String> responseEntity = restTemplate.exchange(urlBase, HttpMethod.GET, null, String.class);
    CookieManager cookieManager = new CookieManager();
    List<String> cookieHeader = responseEntity.getHeaders().get("Set-Cookie");
    httpHeaders = new HttpHeaders();
    httpHeaders.setAccept(Arrays.asList(MediaType.APPLICATION_JSON));

    if (cookieHeader != null) {
        for (String cookie : cookieHeader) {
            String[] tokens = TextUtils.split(cookie, "=");
            if (tokens[0].equals("XSRF-TOKEN")) {
                String[] tokenValue = TextUtils.split(tokens[1],";");
                httpHeaders.add("X-XSRF-TOKEN", tokenValue[0]);
            }
            if (tokens[0].equals("JSESSIONID"))
                httpHeaders.add("Cookie", cookie);
        }
    }
    } finally {
        return httpHeaders;
    }
}

关于java - 休息模板错误403,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/32107926/

34 4 0
文章推荐: python - 在 Keras 中拟合模型时,批量大小和轮数应该是多少?
文章推荐: java - 将 META-INF 文件复制到 gradle 中的 jar
文章推荐: python - 处理神经网络中未定义的数据
文章推荐: java - Robolectric 3 找不到资源错误
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com