Android: log into website and preserve session/cookie using DefaultHttpClient

前端 未结 4 1686
死守一世寂寞
死守一世寂寞 2021-02-08 11:08

I\'ve been through different tutorials and this website, but couldn\'t find a proper solution. On the other hand, I\'ve seen apps logging into websites and requesting further in

相关标签:
4条回答
  • 2021-02-08 11:41

    You can do it this way, though it's rather a workaround.

    @Override
    public void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_main);
    
        WebView webv = (WebView)findViewById(R.id.MainActivity_webview);         
        webv.setWebViewClient(new WebViewClient(){
                @Override
                public boolean shouldOverrideUrlLoading(WebView view, String url) {
                    view.loadUrl(url);
                    return true;
                }
        });
    
        String postData = FIELD_NAME_LOGIN + "=" + LOGIN +
                "&" + FIELD_NAME_PASSWD + "=" + PASSWD;
    
        // this line logs you in and you stay logged in
        // I suppose it works this way because in this case WebView handles cookies itself
        webv.postUrl(URL, EncodingUtils.getBytes(postData, "utf-8"));
    }
    
    0 讨论(0)
  • 2021-02-08 11:46

    In an application that I have to login to. First i have to run a GET followed by a POST and then the GET again. The First get will instantiate a Jsession Id for my connection. The POST will authenticate my ID and then the original get GET will return the real content.

    The code below is for an app running in JBoss

    public boolean login() {
        HttpGet  httpGet = new HttpGet(  "http://localhost:8080/gwt-console-server/rs/identity/secure/sid/");
        HttpPost httpPost = new HttpPost("http://localhost:8080/gwt-console-server/rs/identity/secure/j_security_check");
        HttpResponse response = null;
    
        List<NameValuePair> nvps = new ArrayList<NameValuePair>();
        nvps.add(new BasicNameValuePair(USER_FIELD, userName));
        nvps.add(new BasicNameValuePair(PASS_FIELD, password));
    
        try {
            httpPost.setEntity(new UrlEncodedFormEntity(nvps, HTTP.UTF_8));
    
            response = httpClient.execute(httpGet);
            EntityUtils.consume(response.getEntity());
    
            response = httpClient.execute(httpPost);
            EntityUtils.consume(response.getEntity());
    
            response = httpClient.execute(httpGet);
            String sessionId =EntityUtils.toString(response.getEntity());
    
            String cookieId =""; 
            List<Cookie> cookies = ((AbstractHttpClient) httpClient).getCookieStore().getCookies();
            for (Cookie cookie: cookies){
                if (cookie.getName().equals("JSESSIONID")){
                    cookieId = cookie.getValue();
                }
            }
    
            if(sessionId!= null && sessionId.equals(cookieId) ){
                return true;
            }
        } catch (ClientProtocolException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (IOException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
        return false;   
    }
    
    0 讨论(0)
  • 2021-02-08 12:03

    Assuming your httpclient object is the same in both cases, and assuming the RESTRICTED_URL is in the same domain as the LOGIN_URL, then I would think what you have should work.

    You might wish to use Wireshark or a proxy or something to examine the HTTP requests you are making, to see if the cookie is actually being attached to the request. It may be that the cookie is being attached, in which case there is something else wrong that is causing your second request to fail.

    0 讨论(0)
  • 2021-02-08 12:07

    You have to make DefaultHttpClient httpclient with singleton pattern so sessioncookie that you have still hold session from login.

    This is the Mainactivity class :

    public static DefaultHttpClient httpClient;
    
    @Override
    public void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        RequestPage request = new RequestPage();
        request.post("http://www.example.com/login.php");
    
        RequestPage requestProfile =new RequestPage();
        requestProfile.post("http://www.example.com/profile.php");
    }
    

    and this is the RequestPage class:

    private InputStream post(String url){
        String paramUsername = "username";
        String paramPassword = "pass";
    
        if(MainActivity.httpClient==null){
            MainActivity.httpClient = new DefaultHttpClient();
        }
        DefaultHttpClient httpClient = MainActivity.httpClient;
    
        // In a POST request, we don't pass the values in the URL.
        //Therefore we use only the web page URL as the parameter of the HttpPost argument
        HttpPost httpPost = new HttpPost(url);
    
                // Because we are not passing values over the URL, we should have a mechanism to pass the values that can be
        //uniquely separate by the other end.
        //To achieve that we use BasicNameValuePair             
        //Things we need to pass with the POST request
        BasicNameValuePair usernameBasicNameValuePair = new BasicNameValuePair("username", paramUsername);
        BasicNameValuePair passwordBasicNameValuePAir = new BasicNameValuePair("password", paramPassword);
    
        // We add the content that we want to pass with the POST request to as name-value pairs
        //Now we put those sending details to an ArrayList with type safe of NameValuePair
        List<NameValuePair> nameValuePairList = new ArrayList<NameValuePair>();
        nameValuePairList.add(usernameBasicNameValuePair);
        nameValuePairList.add(passwordBasicNameValuePAir);
    
        try {
            // UrlEncodedFormEntity is an entity composed of a list of url-encoded pairs. 
            //This is typically useful while sending an HTTP POST request. 
            UrlEncodedFormEntity urlEncodedFormEntity = new UrlEncodedFormEntity(nameValuePairList);
    
            // setEntity() hands the entity (here it is urlEncodedFormEntity) to the request.
            httpPost.setEntity(urlEncodedFormEntity);
    
            try {
                // HttpResponse is an interface just like HttpPost.
                //Therefore we can't initialize them
                HttpResponse httpResponse = httpClient.execute(httpPost);
    
                // According to the JAVA API, InputStream constructor do nothing. 
                //So we can't initialize InputStream although it is not an interface
    
    
                return httpResponse.getEntity().getContent();
    
            } catch (ClientProtocolException cpe) {
                System.out.println("First Exception caz of HttpResponese :" + cpe);
                cpe.printStackTrace();
            } catch (IOException ioe) {
                System.out.println("Second Exception caz of HttpResponse :" + ioe);
                ioe.printStackTrace();
            }
    
        } catch (UnsupportedEncodingException uee) {
            System.out.println("An Exception given because of UrlEncodedFormEntity argument :" + uee);
            uee.printStackTrace();
        }
    
        return null;
    }
    
    0 讨论(0)
提交回复
热议问题