热门标签
热门文章
- 1one piece_娜美_01_one piece hentai
- 2CrossOver软件2023破解激活码_crossover-wine注册
- 3Spring Boot(四):Thymeleaf 使用详解_spring thymeleaf
- 4NX+Ubuntu18.04+ROS Realsense(RealSenseD435i )的安装与使用_realsense安装
- 5记录:rosdep update
- 6js通过a标签的方式下载文件并对其重命名的完整方案_a标签下载文件重命名
- 7JavaScript中的Array.prototype.forEach()方法(简介+重写)_js array.prototype.foreach
- 8leetcode 94 二叉树的中序遍历(java)_lecode中树的输入root = [1,null,3,2,4,null,5,6]是怎么转化成节点的
- 9R语言入门笔记2.1
- 10c#--正则表达式(项目常用)_c# 正则表达式 数字
当前位置: article > 正文
调用HTTPS与HTTP接口区别_java 请求带http带和不带s的调用是否一样
作者:weixin_40725706 | 2024-02-09 13:03:27
赞
踩
java 请求带http带和不带s的调用是否一样
调用HTTPS与HTTP接口
1 http与https
-
http是一种普通的传输协议,在互联网上,所有的文件都要遵守这个HTTP协议,同时超文本也是http传输的基本部分,实现客户端和服务器的相互请求。
-
https是http的安全版本 就是http+ssl,也叫超文本安全传输,https是有加密传输协议的通道,并且SSL提供了安全加密基础 SSL需要证书,https主要是用于http的传输,并且在HTTP与TCP之间有一个特殊的加密/身份验证。
2 https和http的区别
- 1、https的端口是443,而http的端口是80,且两者的连接方式不同;
- 2、http传输是明文的,而https是用ssl进行加密的,https的安全性更高;
- 3、https是需要申请证书的,而http不需要。
3 HttpClient方式调用https接口实现
3.1 正常使用HttpClient调用http接口
//此处使用DefaultHttpClient为了在之后体现与HttpClient调用HTTPS的区别
DefaultHttpClient client = new DefaultHttpClient();
HttpPost post = new HttpPost("https://autumnfish.cn/api/joke/list?num=2");
try {
HttpResponse res = client.execute(post);
String result = EntityUtils.toString(res.getEntity());
System.out.println("result==>"+result);
} catch (IOException e) {
e.printStackTrace();
}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
3.1.1正常调HTTP方式调用HTTPS接口结果
3.2 httpClient调用https接口实现具体步骤
3.2.1 创建SSLClient类继承DefaultHttpClient(重新DefaultHttpClient)
为了避免需要证书,所以用一个类继承DefaultHttpClient类,忽略校验过程
代码
import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; import org.apache.http.conn.ClientConnectionManager; import org.apache.http.conn.scheme.Scheme; import org.apache.http.conn.scheme.SchemeRegistry; import org.apache.http.conn.ssl.SSLSocketFactory; import org.apache.http.impl.client.DefaultHttpClient; public class SSLClient extends DefaultHttpClient { public SSLClient() throws Exception{ super(); //SSL:Secure Sockets Layer,一种加密协议规范,如https就使用它进行加解密 //TLS:安全传输层协议(TLS)用于在两个通信应用程序之间提供保密性和数据完整性。该协议由两层组成: TLS 记录协议(TLS Record)和 TLS 握手协议(TLS Handshake)。 //创建SSL的上下文类 SSLContext ctx = SSLContext.getInstance("TLS"); //实现自己的x509TrustManager类,并复写三种方法 X509TrustManager tm = new X509TrustManager() { //给出同位体提供的部分或完整的证书链,构建到可信任的根的证书路径,并且返回是否可以确认和信任将其用于基于验证类型的客户端 ssl 验证。 //原本这三个方法中验证SSL,复写置其内容为空 @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @Override public X509Certificate[] getAcceptedIssuers() { return null; } }; //初始化SSLContext 传入数组 ctx.init(null, new TrustManager[]{tm}, null); //工厂创建SSL套接字 //ALLOW_ALL_HOSTNAME_VERIFIER 允许所有主机名验证器 SSLSocketFactory ssf = new SSLSocketFactory(ctx,SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); //主要作用是用于创建http连接的工厂使用,管理[长连接](https://baike.baidu.com/item/%E9%95%BF%E8%BF%9E%E6%8E%A5/568486?fr=kg_general),同步化访问长连接,保证同一时间只有一个线程访问连接。不再推荐使用 ClientConnectionManager ccm = this.getConnectionManager(); //scheme 策略 //策略注册 SchemeRegistry sr = ccm.getSchemeRegistry(); //方法参数列表:String name(策略名), int port(端口号), SchemeSocketFactory factory(策略套接字工厂) sr.register(new Scheme("https", 443, ssf)); } }
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
3.2.2 HttpClientUtil中使用该新建的DefaultHttpClient 复写类
代码
httpClient = new SSLClient();
- 1
此处上篇文章有相关方法以及参数的含义描述讲解,此处略
import com.example.httpstest.client.SSLClient; import org.apache.http.HttpEntity; import org.apache.http.HttpResponse; import org.apache.http.StatusLine; import org.apache.http.client.HttpClient; import org.apache.http.client.methods.HttpGet; import org.apache.http.client.methods.HttpPost; import org.apache.http.entity.StringEntity; import org.apache.http.message.BasicHeader; import org.apache.http.util.EntityUtils; public class HttpClientUtil { public static String doGet(String url,String charset) throws Exception{ HttpClient httpClient = null; HttpGet httpGet = null; String result = null; httpClient = new SSLClient(); httpGet = new HttpGet(url); httpGet.addHeader("Content-Type", "application/json"); //httpGet.setEntity(se); HttpResponse response = httpClient.execute(httpGet); if(response != null){ HttpEntity resEntity = response.getEntity(); if(resEntity != null){ result = EntityUtils.toString(resEntity,charset); } } return result; } public static String doPost(String url,String json,String charset) throws Exception{ HttpClient httpClient = null; HttpPost httpPost = null; String result = null; httpClient = new SSLClient(); httpPost = new HttpPost(url); httpPost.addHeader("Content-Type", "application/json"); StringEntity se = new StringEntity(json); se.setContentType("text/json"); se.setContentEncoding(new BasicHeader("Content-Type", "application/json")); httpPost.setEntity(se); HttpResponse response = httpClient.execute(httpPost); if(response != null){ HttpEntity resEntity = response.getEntity(); if(resEntity != null){ result = EntityUtils.toString(resEntity,charset); } } return result; } }
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
3.3 Demo测试调用
3.3.1 post调用HTTPS请求
代码
//post调用HTTPS
String url = "https://autumnfish.cn/api/user/reg";
String json = "{\n" +
" \"username\":\"Mike\"\n" +
"}";
String str = null;
try {
str = HttpClientUtil.doPost(url, json, "utf-8");
} catch (Exception e) {
e.printStackTrace();
}
System.out.println("post调用HTTPS==>"+str);
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
3.3.1.1 调用结果
3.3.2 get调用HTTPS请求
代码
//get调用HTTPS
String url2 = "https://autumnfish.cn/api/joke/list?num=2";
String str2 = null;
try {
str2 = HttpClientUtil.doGet(url2, "utf-8");
} catch (Exception e) {
e.printStackTrace();
}
System.out.println("get调用HTTPS==>"+str2);
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
3.3.2.1 调用结果
4 总结
4.1 DefaultHttpClient与HttpClient的区别
4.1.1 代码变化
HttpClient client = new DefaultHttpClient();
//变为:
HttpClient client = HttpClientBuilder.create().build();
//CloseableHttpClient是HttpClient子类
//即:
CloseableHttpClient client = HttpClients.createDefault();
- 1
- 2
- 3
- 4
- 5
- 6
4.1.2 变化原因(过时原因)
前者不再更新维护,后者提供更好的性能以及更大的灵活性
4.2 HttpClient调用https接口原理
4.2.1 以下是上述的进一步完善(可以根据url中是否https进行连接建立)
原理如下:
根源在于在连接管理器中注册了不同的连接创建工厂。当访问url的schema为http时,调用明文连接套接字工厂来建立连接;当访问url的schema为https时,调用SSL连接套接字工厂来建立连接。
让我们的HttpClient具有多线程处理的能力,连接管理器选用了PoolingHttpClientConnectionManager,将协议注册信息传入连接管理器,最后再次利用构造器的模式创建出我们需要的HttpClient。随后的GET/POST请求发起方法http和https之间没有差异。
代码如下:
private CloseableHttpClient createClient(HttpUriRequest request) { HttpClientBuilder httpBuilder = HttpClients.custom(); //不进行重定向 if (this.redirect) { httpBuilder.disableRedirectHandling(); } //URI是https的请求 if (request.getURI().getScheme().equals("https")) { //创建重写的SSL上下文去绕过验证 SSLContext sslcontext = createIgnoreVerifySSL(); //设置协议http和https对应的处理socket链接工厂的对象 //明文套接字与SSL套接字 Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create() .register("http", PlainConnectionSocketFactory.INSTANCE) .register("https", new SSLConnectionSocketFactory(sslcontext)) .build(); //创建ConnectionManager,添加Connection配置信息 PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry); httpBuilder.setConnectionManager(connManager); } //返回创建的CloseableHttpClient return httpBuilder.build(); }
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
//创建SSL的上下文类方法,返回类型是SSLContext public static SSLContext createIgnoreVerifySSL() { SSLContext sc = null; try { //SSLv3.0 与 TLS 相比几乎没有做什么改动 sc = SSLContext.getInstance("SSLv3"); //实现自己的x509TrustManager类,并复写三种方法 X509TrustManager trustManager = new X509TrustManager() { @Override public void checkClientTrusted( java.security.cert.X509Certificate[] paramArrayOfX509Certificate, String paramString) throws CertificateException { } @Override public void checkServerTrusted( java.security.cert.X509Certificate[] paramArrayOfX509Certificate, String paramString) throws CertificateException { } @Override public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } }; //初始化SSLContext 传入TrustManager数组 sc.init(null, new TrustManager[]{trustManager}, null); } catch (NoSuchAlgorithmException | KeyManagementException e) { e.printStackTrace(); throw new RuntimeException(e); } //返回 return sc; }
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/weixin_40725706/article/detail/72030?site
推荐阅读
相关标签
