Home PC Games Linux Windows Database Network Programming Server Mobile  
           
  Home \ Programming \ HttpClient Tutorial     - KVM installation under CentOS 5.5 (Linux)

- CentOS 6.0 system security level (Linux)

- Orabbix binding Python send graphical reports (Linux)

- Struts2 interceptor simulation (Programming)

- Linux Getting Started tutorial: How to backup Linux systems (Linux)

- Proficient in C / C ++ can also find a very good job (Programming)

- Installation Android IDE development tools, Android Studio 1.5 under Ubuntu (Linux)

- Oracle TDE transparent data encryption (Database)

- GO five stages of language learning (Programming)

- Docker + OpenvSwitch build experimental environment VxLAN (Server)

- How Bluetooth turned off by default in Ubuntu 14.04 (Linux)

- Struts2 dynamic call DMI and error Solution (Programming)

- Linux using TCP-Wrapper Service Management (Linux)

- Taught you how to build your own VPS server (Server)

- Linux system security check notes on performance (Linux)

- Kubernetes (k8s) environment to build combat (Server)

- Java uses JDBC connect database (Programming)

- Analysis of MySQL Dockerfile 5.6 (Database)

- Linux system monitoring, top command of the diagnostic tool Detailed (Linux)

- CentOS 7 source code to compile and install PHP5.6 Nginx1.7.9 and MySQL (LNMP build environment) (Server)

 
         
  HttpClient Tutorial
     
  Add Date : 2018-11-21      
         
         
         
  Foreword
Hypertext Transfer Protocol (HTTP) is perhaps the most important protocol used on the Internet today. Web services, development of network-enabled devices and network computing, has continued to expand the role of the HTTP protocol, beyond the scope of Web browser used by the user, while also increasing the number of required HTTP protocol support applications.

Although the java.net package provides basic functionality to access resources via HTTP, but it does not provide complete flexibility and many other functions required by the application. HttpClient is sought to fill this gap in the assembly, by providing an efficient, keep it updated, feature-rich software package to achieve the client the latest HTTP standards and recommendations.

Designed for the expansion, while providing for the basic HTTP protocol strong support, HttpClient component perhaps build HTTP client applications, such as web browser, web server, or extended use of the HTTP protocol for distributed communication system developers concerns.

1. HttpClient range of
Implementation library based HttpCore [http://hc.apache.org/httpcomponents-core/index.html] client HTTP transport
Based on the classic (blocking) I / O
Unrelated to content
2. What is the HttpClient can not do
HttpClient is not a browser. It is a communication HTTP client library implementations. HttpClient goal is to send and receive HTTP packets. HttpClient will not go to the cache, performing embedded in HTML pages javascript code to guess the content type, reformat request / redirection URI, HTTP, or other irrelevant and transport function.
The first chapter basis
1.1 execution request
HttpClient most important function is to perform HTTP methods. HTTP perform a method comprising one or more HTTP request / HTTP response exchange, usually handled by the interior of HttpClient. The desired object is to provide users with a request to be executed, while HttpClient desired transmission request to the target server and returns the corresponding response object, or throw an exception when executed successfully.

Naturally, the main entry point HttpClient API is defined described above Statute HttpClient interface.

Here's a very simple example of the implementation process of the request:

HttpClient httpclient = new DefaultHttpClient ();
HttpGet httpget = new HttpGet ( "http: // localhost /");
HttpResponse response = httpclient.execute (httpget);
HttpEntity entity = response.getEntity ();
if (entity! = null) {
InputStream instream = entity.getContent ();
int l;
byte [] tmp = new byte [2048];
while ((l = instream.read (tmp))! = -1) {
}
}
1.1.1 HTTP request
All HTTP requests to have a combination of the method name, the request URI and HTTP protocol version of the request line.

HttpClient supports all defined in the HTTP / 1.1 version of the HTTP methods: GET, HEAD, POST, PUT, DELETE, TRACE, and OPTIONS. For each method has a special type of class: HttpGet, HttpHead, HttpPost, HttpPut, HttpDelete, HttpTrace and HttpOptions.

The request URI is a Uniform Resource Locator, which identifies the top of which is applied to the requested resource. HTTP request URI contains a protocol scheme, host name, an optional port resource path, an optional query and optional fragment.

HttpGet httpget = new HttpGet (
"Http://www.google.com/search?hl=en&q=httpclient&btnG=Google+Search&aq=f&oq=");
HttpClient provides many tools to simplify the creation and modification of the method execution URI.
URI can also be programmed to assemble:
URI uri = URIUtils.createURI ( "http", "www.google.com", -1, "/ search",
"Q = httpclient & btnG = Google + Search & aq = f & oq =", null);
HttpGet httpget = new HttpGet (uri);
System.out.println (httpget.getURI ());
The output is:

http://www.google.com/search?q=httpclient&btnG=Google+Search&aq=f&oq=

The query string is also available from independent parameters to generate the:

List < NameValuePair> qparams = new ArrayList < NameValuePair> ();
qparams.add (new BasicNameValuePair ( "q", "httpclient"));
qparams.add (new BasicNameValuePair ( "btnG", "Google Search"));
qparams.add (new BasicNameValuePair ( "aq", "f"));
qparams.add (new BasicNameValuePair ( "oq", null));
URI uri = URIUtils.createURI ( "http", "www.google.com", -1, "/ search",
URLEncodedUtils.format (qparams, "UTF-8"), null);
HttpGet httpget = new HttpGet (uri);
System.out.println (httpget.getURI ());
The output is:

http://www.google.com/search?q=httpclient&btnG=Google+Search&aq=f&oq=

1.1.2 HTTP response
HTTP responses are received and interpreted by the server sends back to the client's request packet after packet. The first line of response packet contains the protocol version followed by a numeric status codes and text segments associated.

HttpResponse response = new BasicHttpResponse (HttpVersion.HTTP_1_1,
HttpStatus.SC_OK, "OK");
System.out.println (response.getProtocolVersion ());
System.out.println (response.getStatusLine () getStatusCode ().);
System.out.println (response.getStatusLine () getReasonPhrase ().);
System.out.println (response.getStatusLine () toString ().);
The output is:

HTTP / 1.1
200
OK
HTTP / 1.1 200 OK
1.1.3 packet header processing
HTTP packets can contain a lot of information such as content description header length, content type and other information about the properties.

HttpClient provide access, add, remove, and enumerate header information.

HttpResponse response = new BasicHttpResponse (HttpVersion.HTTP_1_1,
HttpStatus.SC_OK, "OK");
response.addHeader ( "Set-Cookie",
"C1 = a; path = /; domain = localhost");
response.addHeader ( "Set-Cookie",
"C2 = b; path = \" / \ ", c3 = c; domain = \" localhost \ "");
Header h1 = response.getFirstHeader ( "Set-Cookie");
System.out.println (h1);
Header h2 = response.getLastHeader ( "Set-Cookie");
System.out.println (h2);
Header [] hs = response.getHeaders ( "Set-Cookie");
System.out.println (hs.length);
The output is:

Set-Cookie: c1 = a; path = /; domain = localhost
Set-Cookie: c2 = b; path = "/", c3 = c; domain = "localhost"
To obtain a given type of header information of all the most effective way is to use HeaderIterator interface.

HttpResponse response = new BasicHttpResponse (HttpVersion.HTTP_1_1,
HttpStatus.SC_OK, "OK");
response.addHeader ( "Set-Cookie",
"C1 = a; path = /; domain = localhost");
response.addHeader ( "Set-Cookie",
"C2 = b; path = \" / \ ", c3 = c; domain = \" localhost \ "");
HeaderIterator it = response.headerIterator ( "Set-Cookie");
while (it.hasNext ()) {
System.out.println (it.next ());
}
The output is:

Set-Cookie: c1 = a; path = /; domain = localhost
Set-Cookie: c2 = b; path = "/", c3 = c; domain = "localhost"
It also provides analytical HTTP packet header information into a separate method element method.

HttpResponse response = new BasicHttpResponse (HttpVersion.HTTP_1_1,
HttpStatus.SC_OK, "OK");
response.addHeader ( "Set-Cookie",
"C1 = a; path = /; domain = localhost");
response.addHeader ( "Set-Cookie",
"C2 = b; path = \" / \ ", c3 = c; domain = \" localhost \ "");
HeaderElementIterator = new BasicHeaderElementIterator (
response.headerIterator ( "Set-Cookie"));
while (it.hasNext ()) {
HeaderElement elem = it.nextElement ();
System.out.println (elem.getName () + "=" + elem.getValue ());
NameValuePair [] params = elem.getParameters ();
for (int i = 0; i < params.length; i ++) {
System.out.println ( "" + params [i]);
}
}
The output is:

c1 = a
path = /
domain = localhost
c2 = b
path = /
c3 = c
domain = localhost
1.1.4 HTTP entity
HTTP packets can carry and the contents of the request or response related entities. Entities can be found in a number of requests and responses, because they are also optional. Use the requesting entity is referred to as a closed entity requests. HTTP specification defines two methods closed entity: POST and PUT. Response is usually desirable to include a content entity. There are exceptions to this rule, such as HEAD methods of response and the 204 No Content, 304 Not Modified and 205 Reset Content responses.

HttpClient Where to distinguish between three types of entities based on its content by:

streamed streaming: Content obtained from the stream, or generated on the fly. In particular, this category of entities acquired from the HTTP response. Streaming entity is unrepeatable generated.
self-contained self-contained: content or through a separate connection, or other entity in memory. Self-contained entity can be repeated generated. This type of entity will be closed for regular HTTP request entity.
wrapping Package: The content is obtained from another entity.
When the acquisition stream content from an HTTP response, this distinction is important for connection management. For created by the application and use only HttpClient request entity, streaming and self-contained different not so important. In this case, it is recommended to consider such as the streaming of such entities can not be repeated, and can repeat the self-contained entity.

1.1.4.1 Repeat entity
Entity may be repeated, it means that its contents can be read many times. This is just a self contained entities (like ByteArrayEntity or StringEntity).

1.1.4.2 Use HTTP entity
As a representative of either entity can represent binary content and character content, it also supports character encoding (character content that is supported by the latter).

When using a closed entity is content to execute the request, or created when the request has been successfully performed, or when the body in response to the results sent to the client when the work.

From reading the contents of the entity, can be obtained from the input stream by HttpEntity # getContent () method, which returns a java.io.InputStream object, or to provide an output flow HttpEntity # writeTo (OutputStream) method, which will Back once all writes to the given stream content.

When an entity through a received packet to obtain when, HttpEntity # getContentType () method and HttpEntity # getContentLength () method can be used to read common metadata such as Content-Type and Content-Length header information (if they are usable). Because the Content-Type header can contain text MIME type of character encoding, such as text / plain or text / html, HttpEntity # getContentEncoding () method is used to read this information. If the header information is not available, then it returns the length of -1 and the content type returns NULL. If the Content-Type header information is available, it will return a Header object.

When an outgoing packet is created entity, the metadata have to be provided by the entity creator.

StringEntity myEntity = new StringEntity ( "important message",
"UTF-8");
System.out.println (myEntity.getContentType ());
System.out.println (myEntity.getContentLength ());
System.out.println (EntityUtils.getContentCharSet (myEntity));
System.out.println (EntityUtils.toString (myEntity));
System.out.println (EntityUtils.toByteArray (myEntity) .length);
Output within the

Content-Type: text / plain; charset = UTF-8
17
UTF-8
important message
17
1.1.5 ensure that the release of low-level resources
Upon completion of a response entity, the entity to ensure that all the content has been completely consumed is very important, so the connection can be safely put back into the connection pool, but also through the connection manager for subsequent requests to reuse a connection. The most convenient way to handle this operation is to call HttpEntity # consumeContent () method to consume the stream to any available content. HttpClient probe has reached the tail of the content stream to the rear, immediately will automatically release the lower connection, and put back the connection manager. HttpEntity # consumeContent () method is called multiple times safe.

There may be special circumstances when the whole response content for a small part of the need to acquire, consume the remaining contents and loss of performance, as well as the cost of reuse connections is too high, you can simply abort the request by invoking HttpUriRequest # abort () method.

HttpGet httpget = new HttpGet ( "http: // localhost /");
HttpResponse response = httpclient.execute (httpget);
HttpEntity entity = response.getEntity ();
if (entity! = null) {
InputStream instream = entity.getContent ();
int byteOne = instream.read ();
int byteTwo = instream.read ();
// Do not need the rest
httpget.abort ();
}
The connection will not be reused, but resources at all levels held by it will be properly released.

1.1.6 consume substantial contents
Recommended way consume substantial contents using its HttpEntity # getContent () or HttpEntity # writeTo (OutputStream) method. HttpClient also comes EntityUtils class, which exposes several static methods that can be more easily read the content or information from the entity. Instead of directly reading the java.io.InputStream, you can also use this method in a class as a string / byte array to obtain the entire contents thereof. However, EntityUtils use is strongly discouraged unless the responding entity from reliable HTTP server and the known length limit.

HttpGet httpget = new HttpGet ( "http: // localhost /");
HttpResponse response = httpclient.execute (httpget);
HttpEntity entity = response.getEntity ();
if (entity! = null) {
long len = entity.getContentLength ();
if (len! = -1 && len < 2048) {
System.out.println (EntityUtils.toString (entity));
} Else {
// Stream content out
}
}
More than one entity might read in some cases. In this case the contents of the entity must somehow be buffered up in memory or on disk. The easiest method is accomplished by using BufferedHttpEntity class to wrap the source entity. This will cause the contents of the source entity is read into memory buffer. In all other ways, the entity wrapper will be a source entity.

HttpGet httpget = new HttpGet ( "http: // localhost /");
HttpResponse response = httpclient.execute (httpget);
HttpEntity entity = response.getEntity ();
if (entity! = null) {
entity = new BufferedHttpEntity (entity);
}
1.1.7 generated substantial contents
HttpClient provides classes that can be used to generate a valid connection to obtain the contents of the output stream via HTTP. In order to close the output entity obtained from the HTTP request, the instances of those classes can be closed and associated entities such as POST and PUT requests. HttpClient is a lot of common data container, such as strings, byte arrays, and file input stream provides classes: StringEntity, ByteArrayEntity, InputStreamEntity and FileEntity.

File file = new File ( "somefile.txt");
FileEntity entity = new FileEntity (file, "text / plain; charset = \" UTF-8 \ "");
HttpPost httppost = new HttpPost ( "http: //localhost/action.do");
httppost.setEntity (entity);
Please note InputStreamEntity is not repeatable, because it only reads the contents of a data stream from the lower layer. In general, we recommend HttpEntity implement a custom class, which is self-contained, used instead of using generic InputStreamEntity. FileEntity is also a good starting point.

1.1.7.1 Dynamic content entity
Typically, HTTP entities need to be dynamically generated based on the context of a particular implementation. By using EntityTemplate ContentProducer entity classes and interfaces, HttpClient provides support for dynamic entity. Content Builder is an object to generate their contents in accordance with the demand, they will be written to an output stream. Each time they are requested to generate content. Therefore, an entity created by EntityTemplate usually self-contained and can be repeated.

ContentProducer cp = new ContentProducer () {
public void writeTo (OutputStream outstream) throws IOException {
Writer writer = new OutputStreamWriter (outstream, "UTF-8");
writer.write ( "< response>");
writer.write ( "< content>");
writer.write ( "important stuff");
writer.write ( "< / content>");
writer.write ( "< / response>");
writer.flush ();
}
};
HttpEntity entity = new EntityTemplate (cp);
HttpPost httppost = new HttpPost ( "http: //localhost/handler.do");
httppost.setEntity (entity);
1.1.7.2 HTML form
Many applications require frequent simulate an HTML form submission process, for example, in order to record a Web application or submit output data. HttpClient provides a special entity class UrlEncodedFormEntity to satisfy this process.

List < NameValuePair> formparams = new ArrayList < NameValuePair> ();
formparams.add (new BasicNameValuePair ( "param1", "value1"));
formparams.add (new BasicNameValuePair ( "param2", "value2"));
UrlEncodedFormEntity entity = new UrlEncodedFormEntity (formparams, "UTF-8");
HttpPost httppost = new HttpPost ( "http: //localhost/handler.do");
httppost.setEntity (entity);
UrlEncodedFormEntity instance will be encoded using the URL encoding parameters generate the following contents:

param1 = value1 & param2 = value2

1.1.7.3 Content Chunking
In general, we recommend leaving HttpClient selected based on HTTP packets to be delivered attribute most suitable transcoding. It is possible, however, to set HttpEntity # setChunked () method is the preferred notification is true HttpClient chunked encoding. Please note HttpClient will use the logo as a reminder. When using the HTTP protocol version as HTTP / 1.0 version does not support chunked encoding, this value is ignored.

StringEntity entity = new StringEntity ( "important message",
"Text / plain; charset = \" UTF-8 \ "");
entity.setChunked (true);
HttpPost httppost = new HttpPost ( "http: //localhost/acrtion.do");
httppost.setEntity (entity);
1.1.8 Response Controller
Control response of the easiest and most convenient way is to use ResponseHandler interface. This is done completely relieve users worry about the connection management. When using ResponseHandler, HttpClient will automatically connect to the concerns and to ensure the release of the connection manager to go, regardless of whether the request is executed successfully or caused an exception.

HttpClient httpclient = new DefaultHttpClient ();
HttpGet httpget = new HttpGet ( "http: // localhost /");
ResponseHandler < byte []> handler = new ResponseHandler < byte []> () {
public byte [] handleResponse (
HttpResponse response) throws ClientProtocolException, IOException {
HttpEntity entity = response.getEntity ();
if (entity! = null) {
return EntityUtils.toByteArray (entity);
} Else {
return null;
}
}
};
byte [] response = httpclient.execute (httpget, handler);
Environment 1.2 HTTP executed
Initially, HTTP is designed to be stateless, facing the request - response protocol. However, the real applications often need some logically related request - response to persistent state information exchange. To enable applications to maintain the state of a process, HttpClient allow HTTP requests in a particular execution environment to execute, referred to as HTTP context. If the same environment reused between consecutive requests, so many kinds of logically related requests can participate in a logical session. HTTP context features and java.util.Map < String, Object> very similar. It is just an arbitrary collection of named parameter values. Before an application can request or in the context of checking the implementation of the completion of the property and later filled context.

In this process the HTTP request execution, HttpClient adds the following attributes to the execution context:

'Http.connection': HttpConnection instance represents a real connection to the target server connection.
'Http.target_host': HttpHost instance representing the connection target.
'Http.proxy_host': If you are using, HttpHost instance representing the proxy connection.
'Http.request': HttpRequest instance represents a real HTTP requests.
'Http.response': HttpResponse instance represents a real HTTP response.
'Http.request_sent': java.lang.Boolean object represents an implied true whether the request has been completely transferred to the identified target connection.
For example, to determine the final redirect target, after the request execution, can check the value http.target_host property:

DefaultHttpClient httpclient = new DefaultHttpClient ();
HttpContext localContext = new BasicHttpContext ();
HttpGet httpget = new HttpGet ( "http://www.google.com/");
HttpResponse response = httpclient.execute (httpget, localContext);
HttpHost target = (HttpHost) localContext.getAttribute (
ExecutionContext.HTTP_TARGET_HOST);
System.out.println ( "Final target:" + target);
HttpEntity entity = response.getEntity ();
if (entity! = null) {
entity.consumeContent ();
}
The output is:

Final target: http://www.google.ch

1.3 Exception Handling
HttpClient can throw two types of exceptions: When I / O failure, such as a socket connection times out or is reset java.io.IOException exception, there are signs of failure signal HTTP request, such as HTTP protocol violation HttpException abnormal. Usually I / O errors are considered non-lethal and can be restored, and the HTTP protocol errors are considered fatal and can not be automatically restored.

1.3.1 HTTP transport safety
To understand the HTTP protocol does not support all types of applications are suitable, it is important. HTTP is a simple for request / response protocol that was originally designed to support retrieve static or dynamically generated content. It never developed to support transactional operations direction. For example, if successfully received and processed requests, HTTP server will consider whether to complete its part, generates a response and sends a status code to the client. If the client since the reading out, the request to cancel or system crashes entity fails to receive a response, the server does not attempt to roll back the transaction. If the client decided to reopen the request, the server will inevitably execute the same transaction more than once. In some cases, this causes the application data corruption or inconsistent application state.

Although HTTP was never designed to support transactional process, but it can also be used as a transport protocol for mission-critical applications to determine the state is satisfied. To ensure HTTP transport layer security system must ensure that the HTTP method idempotency application layer.

1.3.2 idempotent method
HTTP / 1.1 clearly defines methods idempotent, as described below

[Method may also have "idempotent" property in those (except error or expiration issues) the side effects of N> 0 identical requests and independent requests is the same]
In other words, the application should be prepared to ensure the implementation to handle more of the same method performed. This can be achieved, for example, by providing a separate transaction ID and other methods to avoid performing the same logic operation.

Note that this problem is not specific for HttpClient. Limit the application of the same problem particularly popular browsers and non-idempotent HTTP-based approach related.
HttpClient assuming no entity includes methods, such as GET and HEAD are idempotent, while the entity includes methods, such as POST and PUT are not.

1.3.3 Abnormal automatic recovery
By default, HttpClient will attempt to automatically recover from the I / O exception. The default auto-recovery mechanism is known that a small part of this anomaly is safe limit.

HttpClient not (those that are derived from HttpException class out) from any logic or HTTP protocol error recovery.
HttpClient will automatically re-run it is assumed that the method is idempotent.
HttpClient will automatically re-implement those methods fail due to abnormal transport failure, while the HTTP request is still delivered to the destination server (that is, the request is sent to the server is not completely).
HttpClient will automatically re-execute those has been completely sent to the server, but the server using the HTTP status code (server only lost connection without returning any thing) response to the failure of the method. In this case, assuming that the server request was not processed, and the state of the application has not changed. If this assumption is possible for your target Web server application is incorrect, then it is strongly recommended to provide a custom exception handler.
1.3.4 requests retry processing
To enable custom exception recovery mechanism should be provided to achieve a HttpRequestRetryHandler interface.

DefaultHttpClient httpclient = new DefaultHttpClient ();
HttpRequestRetryHandler myRetryHandler = new HttpRequestRetryHandler () {
public boolean retryRequest (IOException exception,
int executionCount, HttpContext context) {
if (executionCount> = 5) {
// If more than the maximum number of retries, then do not continue the
return false;
}
if (exception instanceof NoHttpResponseException) {
// If the server lost connection, then try again
return true;
}
if (exception instanceof SSLHandshakeException) {
// Do not retry the SSL handshake exception
return false;
}
HttpRequest request = (HttpRequest) context.getAttribute (
ExecutionContext.HTTP_REQUEST);
boolean idempotent = (request instanceof HttpEntityEnclosingRequest)!;
if (idempotent) {
// If the request is considered to be idempotent, then try again
return true;
}
return false;
}
};
httpclient.setHttpRequestRetryHandler (myRetryHandler);
1.4 abort request
In some cases, due to high load or client requests the target server has a lot of activity, then HTTP will perform at the expected time frame and failed requests. In this case, you may have to prematurely abort a request to unblock the I / O execution threads blockade. HTTP requests can be executed by calling HttpClient HttpUriRequest # abort () method discontinued at any stage of implementation. This method is thread-safe, and can be called from any thread. When an HTTP request is aborted, its execution thread blocked in I / O operations, and it guaranteed by throwing InterruptedIOException exception to unlock.

1.5 HTTP protocol interceptor
HTTP protocol interceptor is a realization of specific agreements HTPP practice. Typically protocol interceptors want action on a specific header information, or to receive a family of related header information packets, or use a specific head or the head of a family of related information filled packets sent. Protocol interceptors can also manipulate content entities contained in the packet, transparent content compression / decompression is a good example. Normally this is the wrapper entity class uses "decorators" to decorate the original entity model completed. Some protocol interceptors from one logical unit to combine.

Protocol interceptors can also work together by sharing information - such as handling state - execution context via HTTP. You can use the HTTP protocol interceptors content for one or more consecutive requests to store a processing status.

Specific execution context state is usually the order of interceptors and their execution should not be based on the relevant. If protocol interceptors have interdependencies, they must be performed in a particular order, as the order in which they want to do the same, they should be added to the protocol processor in the same sequence.

Protocol interceptors must be implemented as thread-safe. And Servlet similar protocol interceptors should not use instance variables, those variables unless access is synchronized.

This example gives the local content in the continuous requests for how to be a lasting process state:

DefaultHttpClient httpclient = new DefaultHttpClient ();
HttpContext localContext = new BasicHttpContext ();
AtomicInteger count = new AtomicInteger (1);
localContext.setAttribute ( "count", count);
httpclient.addRequestInterceptor (new HttpRequestInterceptor () {
public void process (final HttpRequest request,
final HttpContext context) throws HttpException, IOException {
AtomicInteger count = (AtomicInteger) context.getAttribute ( "count");
request.addHeader ( "Count", Integer.toString (count.getAndIncrement ()));
}
});
HttpGet httpget = new HttpGet ( "http: // localhost /");
for (int i = 0; i < 10; i ++) {
HttpResponse response = httpclient.execute (httpget, localContext);
HttpEntity entity = response.getEntity ();
if (entity! = null) {
entity.consumeContent ();
}
}
1.6 HTTP parameters
HttpParams interface represents a collection of custom components runtime behavior of a constant value. In many cases, HttpParams and HttpContext similar. The main difference between the two is different they use at runtime. Both interface represents a collection of objects, which are regarded as the key to access the object's value Map, but serve different purposes:

HttpParams intended to contain simple objects: integers, floats, strings, collections, as well run the same object.
HttpParams want to be used in the "write once - many ready" mode. HttpContext is intended to encompass changes may occur in the HTTP packet processing in the process of complex object
HttpParams goal is to define the behavior of other components. Typically each component has its own complex of HttpParams objects. HttpContext goal is to represent the state of the implementation of an HTTP process. Generally share the same execution context object in a lot of cooperation.
1.6.1 Parameter level
HTTP request execution process, HttpParams HttpRequest object is used to execute the request and HttpParams HttpClient instance linked. This makes the level set in the parameter setting request priority HttpParams HTTP client level in HTTP. The recommended approach is to set the general parameters for all the HTTP level HTTP client requests shared, and can be selectively rewrite specific level parameters in the HTTP request.

DefaultHttpClient httpclient = new DefaultHttpClient ();
httpclient.getParams () setParameter (CoreProtocolPNames.PROTOCOL_VERSION, HttpVersion.HTTP_1_0).;
. Httpclient.getParams () setParameter (CoreProtocolPNames.HTTP_CONTENT_CHARSET, "UTF-8");
HttpGet httpget = new HttpGet ( "http://www.google.com/");
httpget.getParams () setParameter (CoreProtocolPNames.PROTOCOL_VERSION, HttpVersion.HTTP_1_1).;
httpget.getParams () setParameter (CoreProtocolPNames.USE_EXPECT_CONTINUE, Boolean.FALSE).;
httpclient.addRequestInterceptor (new HttpRequestInterceptor () {
public void process (final HttpRequest request,
final HttpContext context) throws HttpException, IOException {
System.out.println (request.getParams (). GetParameter (
CoreProtocolPNames.PROTOCOL_VERSION));
System.out.println (request.getParams (). GetParameter (
CoreProtocolPNames.HTTP_CONTENT_CHARSET));
System.out.println (request.getParams (). GetParameter (
CoreProtocolPNames.USE_EXPECT_CONTINUE));
System.out.println (request.getParams (). GetParameter (
CoreProtocolPNames.STRICT_TRANSFER_ENCODING));
}
});
The output is:

HTTP / 1.1
UTF-8
false
null
1.6.2 HTTP parameters bean
HttpParams interface allows the configuration process components great flexibility. It is important that the new parameters can be introduced without affecting older versions of binary compatibility. However, when compared with conventional Java bean, HttpParams also has a drawback: HttpParams DI framework can not be used in combination. To alleviate this limitation, HttpClient contains some bean classes, they can be used in order to use standard Java eban practice initialization HttpParams object.

HttpParams params = new BasicHttpParams ();
HttpProtocolParamBean paramsBean = new HttpProtocolParamBean (params);
paramsBean.setVersion (HttpVersion.HTTP_1_1);
paramsBean.setContentCharset ( "UTF-8");
paramsBean.setUseExpectContinue (true);
System.out.println (params.getParameter (
CoreProtocolPNames.PROTOCOL_VERSION));
System.out.println (params.getParameter (
CoreProtocolPNames.HTTP_CONTENT_CHARSET));
System.out.println (params.getParameter (
CoreProtocolPNames.USE_EXPECT_CONTINUE));
System.out.println (params.getParameter (
CoreProtocolPNames.USER_AGENT));
The output is:

HTTP / 1.1
UTF-8
false
null
1.7 HTTP request execution parameters
These parameters will affect the process request execution:

'Http.protocol.version': If you do not set an explicit version information in the request object, it defines the use of HTTP protocol version. The value of a parameter expect ProtocolVersion type. If this parameter is not set, then use HTTP / 1.1.
'Http.protocol.element-charset': defines the character set encoding HTTP protocol elements. This parameter expect a value of type java.lang.String. If this parameter is not set, then use the US-ASCII.
'Http.protocol.eontent-charset': defines the content body coding for each of the default character set. This parameter expect a value of type java.lang.String. If this parameter is not set, then use the ISO-8859-1.
'Http.useragent': it defines the contents of the User-Agent header. This parameter expect a value of type java.lang.String. If this parameter is not set, then the HttpClient will automatically generate a value for it.
'Http.protocol.strict-transfer-encoding': defines the response headers if it contains an illegal Transfer-Encoding, have refused to fall.
'Http.protocol.expect-continue': an entity that contains the method of activation Expect: 100-Continue handshake. Expect: 100-Continue handshake purpose is to allow the client to use the request body sends a request message to determine whether the source server want client sends a request to give the request (based on the request headers) before the body. Expect: 100-Continue handshake needs of the target server can use authentication entity (such as POST and PUT) that contains the request result in significant performance improvements. Expect: 100-Continue handshake should be used with caution, because it HTTP server does not support HTTP / 1.1 protocol proxy use can cause problems. The value of a parameter expect java.lang.Boolean type. If this parameter is not set HttpClient will then attempt to use the handshake.
'Http.protocol.wait-for-continue': defines the client should wait for the 100-Continue response maximum millisecond interval. This parameter expect a value of type java.lang.Integer. If this parameter is not set HttpClient will then request body before resuming transmission for the confirmation wait 3 seconds.

Chapter Connection Management


HttpClient has a connection initialization and termination, as well as the activity on the connection complete control I / O operations. Many aspects of the operation of the connection can use some parameters to control.

2.1 connection parameters

These parameters can affect the join operation:
'Http.socket.timeout': defines the socket millisecond timeout (SO_TIMEOUT), which is waiting for data, in other words, between two consecutive packets maximum idle time. If timeout is 0 is interpreted as an infinite timeout. This parameter expect a value of type java.lang.Integer. If this parameter is not set, then the read operation will not timeout (infinite timeout).

'Http.tcp.nodelay': determines whether the Nagle algorithm. Nagle algorithm view by minimizing the number of packets sent to save bandwidth. When the application wants to reduce network latency and improve performance, they can turn off the Nagle algorithm (ie open TCP_NODELAY). Data will be sent earlier, increased bandwidth consumption written. The value of a parameter expect java.lang.Boolean type. If this parameter is not set, then the TCP_NODELAY will open (no delay).

'Http.socket.buffer-size': determines the size of the internal socket buffer used to buffer data while receiving / transmitting HTTP packets. This parameter expect a value of type java.lang.Integer. If this parameter is not set, then the HttpClient will allocate 8192 bytes of the socket buffer.

'Http.socket.linger': using the specified number of seconds delay time to set SO_LINGER. Maximum connection timeout value is platform-specific. A value of 0 implies that this option is turned off. A value of -1 implies the use of default JRE. This setting only affects socket close operations. If this parameter is not set, then it is assumed that a value of -1 (JRE default).

'Http.connection.timeout': determines the millisecond timeout until a connection is established when. A value of 0 is interpreted as an infinite timeout big time. This parameter expect a value of type java.lang.Integer. If this parameter is not set, the connection operation will not timeout (infinite timeout).

'Http.connection.stalecheck': decide whether to use the old connection check. When over a connection to execute a request to connect the server has shut down, shut down the old connection check may result in access to an I / O error risk when significant performance increase (for each request to check the time up to 30 ms) . The value of a parameter expect java.lang.Boolean type. For critical operating performance check it should be closed. If this parameter is not set, then the old connection will be executed before each request execution.

'Http.connection.max-line-length': the decision to limit the maximum length of the request line. If set to a positive number, and any HTTP request line exceeds this limit will trigger an exception java.io.IOException. Negative or zero will be closed this check. This parameter expect a value of type java.lang.Integer. If this parameter is not set, then no mandatory limits.

'Http.connection.max-header-count': determines the maximum number of allowed HTTP header information. If set to a positive number, HTTP header information number obtained from the data stream over the limit will be raised java.io.IOException exception. Negative or zero will be closed this check. This parameter expect a value of type java.lang.Integer. If this parameter is not set, then no

Mandatory limits.

'Http.connection.max-status-line-garbage': it determines the maximum number of HTTP responses expect the request line can be ignored until the status line. Use HTTP / 1.1 persistent connections, broken a result of this script will return an incorrect Content-Length (there are more than the specified bytes sent). Unfortunately, in some cases, this can not be detected in error response later, only before the next. So HttpClient must skip those extra lines in this way. This parameter expect a value of type java.lang.Integer. 0 is not allowed all garbage / empty lines before the state line. Use java.lang.Integer # MAX_VALUE set does not limit the number. If this parameter is not set then the assumption is not limited.

2.2 persistent connection

From one host to another to establish a connection process is quite complex, and contains a lot of exchange of packets between two terminals, it is quite time-consuming. Overhead connection handshake is very important, especially for a small amount of HTTP packets. If you open the connection can be re-used to execute multiple requests, then we can achieve high data throughput.

HTTP / 1.1 HTTP connections stressed by default can be reused for multiple requests. HTTP / 1.0-compatible terminal can also use a similar mechanism to clearly communicate their preferences to ensure that the connection is active, use it to handle multiple requests. HTTP proxy can also keep an idle connection is active for some time to prevent a connection to the same destination host might need for subsequent requests. The ability to maintain an active connection commonly referred to as a persistent connection. HttpClient fully supports persistent connections.

2.3 HTTP connection route

HttpClient can establish a direct connection or through a route to the target host, this will involve a plurality of intermediate connection, also known as jump. HttpClient distinction between routing and general connection channel and layering. Channel is connected to the target host using a plurality of intermediate agent also known as a proxy chain.

Normal route to the destination connected by the first or the only agency to create. Channel routing connections through a proxy chain to target the first channel to be established. No agent, the route is not hierarchical routing channels through existing hierarchical protocol to establish the connection. Agreement can only be layered or on directly connected without the agent on the target channel.

2.3.1 Route calculation

RouteInfo interface represents information about the end involve one or more intermediate steps or jump destination host routes. HttpRoute is a concrete implementation RouteInfo, which can not be changed (is constant). HttpTracker is variable RouteInfo realized by HttpClient used internally to keep track of the remaining hops largest route to the destination. HttpTracker can successfully execute the next hop routing destination after the update. HttpRouteDirector is a helper class that can be used to calculate the route to the next hop. This class is used internally by the HttpClient.

HttpRoutePlanner is a representative of the calculation to the execution context to a given target complete routing policy based interface. HttpClient comes with two default HttpRoutePlanner implementation. ProxySelectorRoutePlanner is based on the java.net.ProxySelector. By default, it will select the JVM proxy settings or run an application from a browser from the system properties. DefaultHttpRoutePlanner achieve neither any Java system properties, does not use the system or browser proxy settings. It only calculates routes HTTP parameters as described below based.

2.3.2 Secure HTTP connection

If the information transmitted between the two terminals can not be performed by a non-certified third-party read or modified in, HTTP connections can be considered safe. SSL / TLS HTTP transport protocol is used to ensure the safety of the most widely used technology. While other encryption techniques may also be used. Typically, HTTP transmission is SSL / TLS encrypted connections over hierarchical.

2.4 HTTP routing parameters

These parameters can affect the route calculation:

'Http.route.default-proxy': definitions can be set without using the default route JRE proxy host planners use. The value of a parameter expect HttpHost type. If this parameter is not set, it will try to connect directly to the target.

'Http.route.local-address': define a local address with all default route planners to use. The machine has multiple network interfaces, this parameter can be used to select a network interface from a connected source. The value of a parameter expect java.net.InetAddress type. If this parameter is not set, it will automatically use the local address.

'Http.route.forced-route': the definition of a forced default route of all routes used by planners. Instead of calculating the route, given route will be forced to return, even though it points to a completely different target host. The value of a parameter expect HttpRoute type. If this parameter is not set, then the default rule to establish a connection to the target server.

2.5 socket factory

LayeredSocketFactory is SocketFactory interface expansion. HTTP layered socket factory can be connected internally java.net.Socket object to handle the transmission of data on the wire. They rely SocketFactory interface to create, initialize and connection sockets. This allows users HttpClient can be provided at runtime initialization code specified socket applications. PlainSocketFactory is created and initialized an ordinary (non-encrypted) socket factory default.

Create a socket connected to the host process and the process is not right, so the sockets when connecting operation can be blocked off.


PlainSocketFactory sf = PlainSocketFactory.getSocketFactory ();

Socket socket = sf.createSocket ();

HttpParams params = new BasicHttpParams ();

params.setParameter (CoreConnectionPNames.CONNECTION_TIMEOUT, 1000L);

sf.connectSocket (socket, "locahost", 8080, null, -1, params);

2.5.1 Secure Sockets layered

LayeredSocketFactory is SocketFactory interface expansion. Layered socket factory can be created on top of existing ordinary socket layered socket. Sockets layered main to create a secure socket through a proxy. HttpClient comes with implements SSL / TLS layered SSLSocketFactory. Please note that HttpClient does not use any custom encryption. It is completely dependent on the standard Java Cryptography (JCE) and Secure Sockets (JSEE) extension.

2.5.2 SSL / TLS customization

HttpClient use SSLSocketFactory to create an SSL connection. SSLSocketFactory allow highly customized. It can be used as a parameter javax.net.ssl.SSLContext instance, and use it to create custom SSL connection.


TrustManager easyTrustManager = new X509TrustManager () {

@Override

public void checkClientTrusted (X509Certificate [] chain,

String authType) throws CertificateException {

// Oh, that was easy!

}

@Override

public void checkServerTrusted (X509Certificate [] chain,

String authType) throws CertificateException {

// Oh, that was easy!

}

@Override

public X509Certificate [] getAcceptedIssuers () {

return null;

}

};

SSLContext sslcontext = SSLContext.getInstance ( "TLS");

sslcontext.init (null, new TrustManager [] {easyTrustManager}, null);

SSLSocketFactory sf = new SSLSocketFactory (sslcontext);

SSLSocket socket = (SSLSocket) sf.createSocket ();

socket.setEnabledCipherSuites (new String [] { "SSL_RSA_WITH_RC4_128_MD5"});

HttpParams params = new BasicHttpParams ();

params.setParameter (CoreConnectionPNames.CONNECTION_TIMEOUT, 1000L);

sf.connectSocket (socket, "locahost", 443, null, -1, params);

SSLSocketFactory customized implies a certain degree of SSL / TLS protocol familiar with the concept, the detailed explanation is beyond the scope of this document. Please refer to the Java Secure Socket Extension [http://java.sun.com/j2se/1.5.0/docs/guide/

security / jsse / JSSERefGuide.html], which is a detailed description javax.net.ssl.SSLContext and related tools.

2.5.3 Host Name Verification

In addition to trust and verify client authentication performed on the SSL / TLS protocol level, once the connection is established, HttpClient can optionally verify the name of the target host name matches the information stored in the server's X.509 certificates. This certification can provide a real guarantee any material additional server. X509 hostname verification interface represents the hostname verification strategy. HttpClient X509 comes with three host name verifier. Very important point is: hostname verification should not be confused SSL trust validation.

StrictHostnameVerifier: Strict hostname verification in Sun Java 1.4, Sun Java 5 Sun Java 6 and is the same. But also very close to IE6. This realization seems to be compatible with RFC 2818 processing wildcards. The hostname must match the first CN or any subject-alt. Wildcards may appear in the CN and any other subject-alt in.

BrowserCompatHostnameVerifier: hostname verifier and works Curl and Firefox are the same. The hostname must match the first CN or any subject-alt. Wildcards may appear in the CN and any other subject-alt in. BrowserCompatHostnameVerifier and
The only difference is the use of BrowserCompatHostnameVerifier StrictHostnameVerifier wildcard match all subdomains (such as "* .foo.com"), including "a.b.foo.com".

AllowAllHostnameVerifier: The hostname verifier is substantially closed hostname verification. This implementation is a no-op, but does not throw javax.net.ssl.SSLException exception.

Each default HttpClient use BrowserCompatHostnameVerifier implementation. If desired, it can specify a different host name verifier implementation.


SSLSocketFactory sf = new SSLSocketFactory (SSLContext.getInstance ( "TLS"));

sf.setHostnameVerifier (SSLSocketFactory.STRICT_HOSTNAME_VERIFIER);

2.6 protocol mode

Scheme class represents a protocol mode, such as "http" or "https" protocol contains a number of attributes, such as the default port for a given protocol creates an instance java.net.Socket socket factory. SchemeRegistry class used to maintain a set of Scheme, when to establish a connection request URI, HttpClient can choose from:


Scheme http = new Scheme ( "http", PlainSocketFactory.getSocketFactory (), 80);

SSLSocketFactory sf = new SSLSocketFactory (SSLContext.getInstance ( "TLS"));

sf.setHostnameVerifier (SSLSocketFactory.STRICT_HOSTNAME_VERIFIER);

Scheme https = new Scheme ( "https", sf, 443);

SchemeRegistry sr = new SchemeRegistry ();

sr.register (http);

sr.register (https);

2.7 HttpClient proxy configuration

Although HttpClient understand complex routing mode and proxy chaining, it only supports straightforward jump out of the box or proxy connection.

The easiest way to tell HttpClient through a proxy to connect to the target host by setting the default proxy parameters:


DefaultHttpClient httpclient = new DefaultHttpClient ();

HttpHost proxy = new HttpHost ( "someproxy", 8080);

httpclient.getParams () setParameter (ConnRoutePNames.DEFAULT_PROXY, proxy).;

You can also use a standard JRE build HttpClient proxy selector to obtain the proxy information:


DefaultHttpClient httpclient = new DefaultHttpClient ();

ProxySelectorRoutePlanner routePlanner = new ProxySelectorRoutePlanner (

httpclient.getConnectionManager (). getSchemeRegistry (),

ProxySelector.getDefault ());

httpclient.setRoutePlanner (routePlanner);

Alternatively, you can provide a custom implementation to get RoutePlanner complex control HTTP route calculation process on:


DefaultHttpClient httpclient = new DefaultHttpClient ();

httpclient.setRoutePlanner (new HttpRoutePlanner () {

public HttpRoute determineRoute (HttpHost target,

HttpRequest request,

HttpContext context) throws HttpException {

return new HttpRoute (target, null, new HttpHost ( "someproxy", 8080),

"Https" .equalsIgnoreCase (target.getSchemeName ()));

}

});

2.8 HTTP Connection Manager

2.8.1 Connecting operator

Linking is connected to the low-level socket client or through an external entity, commonly referred to as the state of being connected to the operation of the operation. OperatedClientConnection interface extends HttpClientConnection Interface defines methods and additional control connection socket. ClientConnectionOperator interface represents create an instance of the object and update those low-level socket policy. Implementation class most likely to use to create SocketFactory java.net.Socket instance. ClientConnectionOperator Interface allows users HttpClient provides a customized policy connecting operation and the ability to provide alternative implementation OperatedClientConnection interface.

2.8.2 Manage Connections and Connection Manager

HTTP connections are complex, there is a state, not thread-safe objects need the right management in order to properly perform the functions. HTTP connections only by only one thread of execution used at the same time. HttpClient uses a special entity to manage access to HTTP connection, which is called the HTTP connection manager, on behalf of the ClientConnectionManager interface. An HTTP connection manager is intended to serve as a factory new HTTP connection, and manage a persistent connection to synchronize access to persistent connections to ensure that the same time only one thread can access a connection.

Internal HTTP connection manager and OperatedClientConnection instances work together, but they provide examples of service consumption is ManagedClientConnection. ManagedClientConnection play connection management state control over all I / O operations OperatedClientConnection instance wrapper. It also abstract socket operations, providing open and update the routing socket to create a convenient method. Learn ManagedClientConnection instance produce their links to Connection Manager, and is based on the fact that, when no longer in use, they must be returned to the manager. ManagedClientConnection ConnectionReleaseTrigger class also implements the interface that can be used to trigger the release of the connection is returned to the manager. Upon release of the connection operation is triggered, packed connection from ManagedClientConnection wrapper off, OperatedClientConnection instance is returned to the manager. Although the service consumption is still holding references ManagedClientConnection instance, it does not go to perform any I / O operations or unintentionally altered OperatedClientConnection state.

Here is an example of obtaining the connection from the Connection Manager:


HttpParams params = new BasicHttpParams ();

Scheme http = new Scheme ( "http", PlainSocketFactory.getSocketFactory (), 80);

SchemeRegistry sr = new SchemeRegistry ();

sr.register (http);

ClientConnectionManager connMrg = new SingleClientConnManager (params, sr);

// Request a new connection. This may be a very long process.

ClientConnectionRequest connRequest = connMrg.requestConnection (

new HttpRoute (new HttpHost ( "localhost", 80)), null);

// Wait for connection 10 seconds

ManagedClientConnection conn = connRequest.getConnection (10, TimeUnit.SECONDS);

try {

// Connector doing useful things. Upon completion of the release of the connection.

conn.releaseConnection ();

} Catch (IOException ex) {

// On I / O error terminates the connection.

conn.abortConnection ();

throw ex;

}

If desired, the connection request by calling to ClientConnectionRequest # abortRequest () method prematurely interrupted. This will unlock ClientConnectionRequest # getConnection () method, blocked threads.

Once the content of the response is completely consumed, BasicManagedEntity wrapper classes can be used to ensure that automatic release low-level connection. HttpClient internal use this mechanism to implement transparent releasable connection to all available from HttpClient # execute () method in response:


ClientConnectionRequest connRequest = connMrg.requestConnection (

new HttpRoute (new HttpHost ( "localhost", 80)), null);

ManagedClientConnection conn = connRequest.getConnection (10, TimeUnit.SECONDS);

try {

BasicHttpRequest request = new BasicHttpRequest ( "GET", "/");

conn.sendRequestHeader (request);

HttpResponse response = conn.receiveResponseHeader ();

conn.receiveResponseEntity (response);

HttpEntity entity = response.getEntity ();

if (entity! = null) {

BasicManagedEntity managedEntity = new BasicManagedEntity (entity, conn, true);

// Replace entity

response.setEntity (managedEntity);

}

// Use the response object to do useful things. When the content of the response is consumed in this connection will be automatically released.

} Catch (IOException ex) {

// On I / O error terminates the connection.

conn.abortConnection ();

throw ex;

}

2.8.3 Simple Connection Manager

SingleClientConnManager is a simple connection manager, at the same time it maintains only one connection. Although this class is thread-safe, but it should be used for a thread of execution. SingleClientConnManager For subsequent requests for the same route will try to reuse a connection. If persistent connections route does not match the connection request, then it will shut down after a connection exists on a given route and then open a new one. If the connection has already been assigned, an exception will be thrown java.lang.IllegalStateException.

For each default connection, HttpClient use SingleClientConnManager.

2.8.4 connection pool manager

ThreadSafeClientConnManager is a complex implementation to manage client connection pooling, it can also perform thread connection requests from a plurality of services. For each basic routing, connections are pool management. Request for routing, management at the pool has persistent connection is available, the service will be connected from the pool lease, rather than creating a new connection.

ThreadSafeClientConnManager maintain maximum connection limit per basic route. Each default connect each given route will create no more than two concurrent connections, and the total is not more than 20. For many real-world applications, this limit has proved a lot of constraints, particularly in the service they use HTTP as the transport protocol. Connection limit, you can use HTTP parameters to be adjusted.

This example shows how the connection pool parameters to adjust:


HttpParams params = new BasicHttpParams ();

// Increase the maximum connection to 200

ConnManagerParams.setMaxTotalConnections (params, 200);

// Increase the default maximum of 20 connections per route

ConnPerRouteBean connPerRoute = new ConnPerRouteBean (20);

// To localhost: 80 to 50 to increase the maximum connection

HttpHost localhost = new HttpHost ( "locahost", 80);

connPerRoute.setMaxForRoute (new HttpRoute (localhost), 50);

ConnManagerParams.setMaxConnectionsPerRoute (params, connPerRoute);

SchemeRegistry schemeRegistry = new SchemeRegistry ();

schemeRegistry.register (

new Scheme ( "http", PlainSocketFactory.getSocketFactory (), 80));

schemeRegistry.register (

new Scheme ( "https", SSLSocketFactory.getSocketFactory (), 443));

ClientConnectionManager cm = new ThreadSafeClientConnManager (params, schemeRegistry);

HttpClient httpClient = new DefaultHttpClient (cm, params);

2.8.5 Connection Manager Close

When an HttpClient instance is no longer needed, and soon out of range, then close the connection manager to ensure that the activities held by the manager of all the connection is closed, the connection is released by the allocation of system resources is very important.


DefaultHttpClient httpclient = new DefaultHttpClient ();

HttpGet httpget = new HttpGet ( "http://www.google.com/");

HttpResponse response = httpclient.execute (httpget);

HttpEntity entity = response.getEntity ();

System.out.println (response.getStatusLine ());

if (entity! = null) {

entity.consumeContent ();

}

httpclient.getConnectionManager () shutdown ().;

2.9 Connection Management Parameters

These parameters can be used to customize a standard HTTP connection manager to achieve:

'Http.conn-manager.timeout': defines the millisecond timeout when retrieving ManagedClientConnection instance from ClientConnectionManager used. The value of a parameter expect java.lang.Long type. If this parameter is not set, the connection request will not timeout (infinite timeout).

'Http.conn-manager.max-per-route': define the maximum number of connections for each route. This restriction by the client connection manager to interpret, and apply to an independent manager instance. The value of a parameter expect ConnPerRoute type.

'Http.conn-manager.max-total': define the maximum number of total connections. This restriction by the client connection manager to interpret, and apply to an independent manager instance. This parameter expect a value of type java.lang.Integer.

Over 2.10 thread execution request

When equipped with a connection pool manager, such as ThreadSafeClientConnManager, HttpClient can be used to perform multiple requests simultaneously, using multiple threads of execution.

ThreadSafeClientConnManager will be allocated based on its configuration connection. If all connections for a given route have been leased, then the connection request will be blocked until a connection is released back to the connection pool. It can be set up 'http.conn-manager.timeout' is a positive number to ensure that the connection manager will not be blocked indefinitely in connection request execution. If the connection request is not within a given time period is a response, an exception will be thrown ConnectionPoolTimeoutException.


HttpParams params = new BasicHttpParams ();

SchemeRegistry schemeRegistry = new SchemeRegistry ();

schemeRegistry.register (

new Scheme ( "http", PlainSocketFactory.getSocketFactory (), 80));

ClientConnectionManager cm = new ThreadSafeClientConnManager (params, schemeRegistry);

HttpClient httpClient = new DefaultHttpClient (cm, params);

// Perform GET method URI

String [] urisToGet = {

"Http://www.domain1.com/",

"Http://www.domain2.com/",

"Http://www.domain3.com/",

"Http://www.domain4.com/"

};

// URI to create a thread for each

GetThread [] threads = new GetThread [urisToGet.length];

for (int i = 0; i < threads.length; i ++) {

HttpGet httpget = new HttpGet (urisToGet [i]);

threads [i] = new GetThread (httpClient, httpget);

}

 

// Start executing the thread

for (int j = 0; j < threads.length; j ++) {

threads [j] .start ();

}

// Merge thread

for (int j = 0; j < threads.length; j ++) {

threads [j] .join ();

}

static class GetThread extends Thread {

private final HttpClient httpClient;

private final HttpContext context;

private final HttpGet httpget;

public GetThread (HttpClient httpClient, HttpGet httpget) {

this.httpClient = httpClient;

this.context = new BasicHttpContext ();

this.httpget = httpget;

}

@Override

public void run () {

try {

HttpResponse response = this.httpClient.execute (this.httpget, this.context);

HttpEntity entity = response.getEntity ();

if (entity! = null) {

// Entity to do something useful ...

// Ensure that the connection can be released back to the manager

entity.consumeContent ();

}

} Catch (Exception ex) {

this.httpget.abort ();

}

}

}

2.11 Connection eviction policies

The main disadvantage of a classic blocking I / O model is a network socket only when I / O operations can be blocked in response to I / O events. When a connection is released to return to manage, which can be kept active but can not monitor the state of the socket and respond to any I / O event. If the connection is closed on the server side, the client can not connect to detect the connection state changes and close the socket of the end to make an appropriate response.

HttpClient by testing whether the connection is outdated to try to alleviate this problem, which is no longer valid because it has been closed on the server side, before you use the connection to perform HTTP requests. Obsolete connection check also not 100% stable, but on each request to perform but also to increase 10-30 ms overhead. The only viable model to the socket threads without involving solutions for each idle connection is to use a dedicated thread to monitor for a long time to recover because inactivity is considered expired connections. Monitor thread can call periodically ClientConnectionManager # closeExpiredConnections () method to close all expired connections, back off from the connection pool. It can also selectively call ClientConnectionManager # closeIdleConnections () method to close all been idle for more than a given time period of connection.


public static class IdleConnectionMonitorThread extends Thread {

private final ClientConnectionManager connMgr;

private volatile boolean shutdown;

public IdleConnectionMonitorThread (ClientConnectionManager connMgr) {

super ();

this.connMgr = connMgr;

}

@Override

public void run () {

try {

while (! shutdown) {

synchronized (this) {

wait (5000);

// Close connection expired

connMgr.closeExpiredConnections ();

// Alternatively, idle more than 30 seconds to close the connection

connMgr.closeIdleConnections (30, TimeUnit.SECONDS);

}

}

} Catch (InterruptedException ex) {

// Termination

}

}

public void shutdown () {

shutdown = true;

synchronized (this) {

notifyAll ();

}

}

}

2.12 Policy connection remains active

HTTP specification does not define a persistent connection may remain active or how long it should be. Some servers use non-standard HTTP Keep-Alive header to tell the client that they want the server to keep the connection active period in seconds. If this information is available, HttClient it will take advantage of this. If the Keep-Alive header is not present in the response, HttpClient assume the connection remains active indefinitely. However, many real-world HTTP server is configured after a certain period of inactivity lose persistent connection to conserve system resources, which is not often notice the client. If the default policy proved to be too optimistic, then someone will want to provide a customized policy remains active.


DefaultHttpClient httpclient = new DefaultHttpClient ();

httpclient.setKeepAliveStrategy (new ConnectionKeepAliveStrategy () {

public long getKeepAliveDuration (HttpResponse response, HttpContext context) {

// Honor 'keep-alive' header information

HeaderElementIterator = new BasicHeaderElementIterator (

response.headerIterator (HTTP.CONN_KEEP_ALIVE));

while (it.hasNext ()) {

HeaderElement he = it.nextElement ();

String param = he.getName ();

String value = he.getValue ();

if (value! = null && param.equalsIgnoreCase ( "timeout")) {

try {

return Long.parseLong (value) * 1000;

} Catch (NumberFormatException ignore) {

}

}

}

HttpHost target = (HttpHost) context.getAttribute (

ExecutionContext.HTTP_TARGET_HOST);

if ( "www.naughty-server.com" .equalsIgnoreCase (target.getHostName ())) {

// Only keep alive five seconds

return 5 * 1000;

} Else {

// Otherwise remain active 30 seconds

return 30 * 1000;

}

}

});

Chapter HTTP State Management

The original HTTP is designed to be stateless, for request / response protocol, there are no special provisions state, through a number of logically related request / response exchange session. Since the HTTP protocol is becoming increasingly popular and popular, more and more in the past it did not intend to use the system also started to use it as an application, such as e-commerce applications transmission. Thus, support for state management becomes very necessary.

Netscape, became the leading direction Web client and server software developers, based on proprietary specifications in their products to achieve support for HTTP state management. After Netscape attempt by publishing the draft specification to standardize such a mechanism. Their efforts contributed by these standards track RFC specification. However, in many applications the draft state management is still not compatible with Netscape-based official specifications. Many major Web browser developers feel the need to keep those standards compatibility greatly promote the application segments.

3.1 HTTP cookies

Cookie is a HTTP proxy and the target server can maintain the exchange token or short packet session status information. Netscape engineers use it to refer to the "magic cookie" and the name stuck.

HttpClient Cookie use interfaces to represent abstract cookie token. In its simplest form, the HTTP cookie is almost name / value pairs. Usually a HTTP cookie also contains a number of attributes, such as version number, legitimate domain name, specify the cookie application where the source server URL subset path, cookie effective longest time.

SetCookie interface represents a response sent by the source server to the HTTP proxy in the Set-Cookie header to maintain a conversational state. SetCookie2 Interface and Set-Cookie2 method specified extended SetCookie.

SetCookie interfaces and the ability to obtain additional raw cookie as properties, as if they were the source server specified by the client-specific features extend the Cookie interface. This generates Cookie head is very important, because some cookie specification requires. Cookie header should be included in the specified Set-Cookie or Set-Cookie2 header specific properties.

Version 3.1.1 Cookie

Compatible with Netscape Cookie draft standard, but the version 0 is considered to be incompatible with the official specifications. The standard version is a cookie expectations. HttpClient can handle based on different versions of the cookie.

There is a re-created draft Netscape cookie examples:


BasicClientCookie netscapeCookie = new BasicClientCookie ( "name", "value");

netscapeCookie.setVersion (0);

netscapeCookie.setDomain ( "mycompany.com.");

netscapeCookie.setPath ( "/");

This is an example of a re-created standard cookie. Note that standard must retain all the properties of the cookie sent by the source server:


BasicClientCookie stdCookie = new BasicClientCookie ( "name", "value");

stdCookie.setVersion (1);

stdCookie.setDomain ( "mycompany.com.");

stdCookie.setPath ( "/");

stdCookie.setSecure (true);

// Set accurately attribute sent by the server

stdCookie.setAttribute (ClientCookie.VERSION_ATTR, "1");

stdCookie.setAttribute (ClientCookie.DOMAIN_ATTR, ".mycompany.com");

This is a re-created Set-Cookie2 compatible instance of the cookie. Note that standard must retain all the properties of the cookie sent by the source server:


BasicClientCookie2 stdCookie = new BasicClientCookie2 ( "name", "value");

stdCookie.setVersion (1);

stdCookie.setDomain ( "mycompany.com.");

stdCookie.setPorts (new int [] {80,8080});

stdCookie.setPath ( "/");

stdCookie.setSecure (true);

// Set accurately attribute sent by the server

stdCookie.setAttribute (ClientCookie.VERSION_ATTR, "1");

stdCookie.setAttribute (ClientCookie.DOMAIN_ATTR, ".mycompany.com");

stdCookie.setAttribute (ClientCookie.PORT_ATTR, "80,8080");

3.2 Cookie Specification

CookieSpec interface represents cookie management specification. Cookie management practices hope the following points:

Set-Cookie parsing rules. Optional Set-Cookie2 header information.

Verify resolve cookie rules.

Cookie header format given host, port, and the original path.

HttpClient comes with some CookieSpec implementation:

Netscape draft: This specification conforming to the original draft specification published by the Netscape Communications. It should be avoided unless absolutely necessary to be compatible with legacy code.

RFC 2109: official HTTP state management specification and replace the old version is RFC 2965 replaced.

RFC 2965: official HTTP state management specification.

Browser Compatibility: This is hard to realize that closely mimics achieve (mis) common Web browser application. Such as Microsoft's Internet Explorer and Mozilla FireFox browser.

Best Bets: 'Meta' (yuan) specification adopted some cookie-based and HTTP response cookie format to send the cookie policy. It basically aggregates all of the above in order to achieve a class.

It is strongly recommended to use Best Match strategy so HttpClient at run time based on the execution context using some suitable compatibility level.

3.3 HTTP cookie parameters and state management

These are used to customize HTTP state management and independent cookie regulate behavior parameters.

'Http.protocol.cookie-datepatterns': it defines the legal date format used to resolve non-standard property expires. Just compatible with non-compliance, the draft still use Netscape expires defined without the use of a standard max-age attribute server needs. This parameter value expect a java.util.Collection type. Collection element must be of type java.lang.String to java.text.SimpleDateFormat compatible syntax. If this parameter is not set, then the default option is to CookieSpec implementation specification values. Note that this application parameters.

'Http.protocol.single-cookie-header': it defines whether the cookie should be forced into a separate Cookie request header information. Otherwise, each cookie is treated as an isolated Cookie header information format. The value of a parameter expect java.lang.Boolean type. If this parameter is not set, then the default option is to CookieSpec implementation specification values. Note that this parameter is only strictly applied cookie specification (RFC 2109 and RFC 2965). Netscape browser compatibility and draft strategy will place all of a cookie to the request header information.

'Http.protocol.cookie-policy': defines the specification for HTTP cookie state management name. This parameter expect a value of type java.lang.String. If this parameter is not set, then the legal date format is CookieSpec implementation specification values.

3.4 Cookie Specification registry

HttpClient use CookieSpecRegistry class maintains a registry of available cookie specification. The following specifications are registered for each of the default of:
Compatibility: browser compatibility (liberal policies).
Netscape: Netscape draft.
rfc2109: RFC 2109 (obsolete strict policy).
rfc2965: RFC 2965 (standard strict policy compliance).
best-match: best match meta (meta) strategy.

3.5 Select cookie policy

Cookie policy can be set in the HTTP client, if necessary, rewrite HTTP request level.

HttpClient httpclient = new DefaultHttpClient ();

// The default policy for each cookie strict enforcement

httpclient.getParams (). setParameter (

ClientPNames.COOKIE_POLICY, CookiePolicy.RFC_2965);

HttpGet httpget = new HttpGet ( "http://www.broken-server.com/");

// Overrides the default policy for this request

httpget.getParams (). setParameter (

ClientPNames.COOKIE_POLICY, CookiePolicy.BROWSER_COMPATIBILITY);

3.6 custom cookie policy

In order to implement custom cookie policy, we should create CookieSpec custom class that implements the interface, create a CookieSpecFactory implement custom implementation to create and initialize an instance of HttpClient and and register the factory. Once the custom implementation is registered, it can achieve the same standard cookie activity.

CookieSpecFactory csf = new CookieSpecFactory () {

public CookieSpec newInstance (HttpParams params) {

return new BrowserCompatSpec () {

@Override

public void validate (Cookie cookie, CookieOrigin origin)

throws MalformedCookieException {

// This is quite simple

}

};

}

};

DefaultHttpClient httpclient = new DefaultHttpClient ();

. Httpclient.getCookieSpecs () register ( "easy", csf);

httpclient.getParams (). setParameter (

ClientPNames.COOKIE_POLICY, "easy");

3.7 Cookie Persistence

HttpClient can achieve a persistent cookie stored CookieStore interface and used with any physical representation. The default implementation is called CookieStore BasicClientCookie, it is by virtue of a simple implementation of java.util.ArrayList. Stored in a cookie BasicClientCookie object when the container object is garbage collection mechanism will be lost. If desired, the user can provide more complex implementations.

DefaultHttpClient httpclient = new DefaultHttpClient ();

// Create an instance of a local cookie store

CookieStore cookieStore = new MyCookieStore ();

// If you need to fill the cookie

BasicClientCookie cookie = new BasicClientCookie ( "name", "value");

cookie.setVersion (0);

cookie.setDomain ( "mycompany.com.");

cookie.setPath ( "/");

cookieStore.addCookie (cookie);

// Settings are stored

httpclient.setCookieStore (cookieStore);

3.8 HTTP state management and execution context

In the course of HTTP request execution, HttpClient adds the following objects and state management related to the execution context:

'Http.cookiespec-registry': CookieSpecRegistry instance representing the actual cookie specifications registry. Set the value of the property in the local content in preference to the default.

'Http.cookie-spec': CookieSpec instance representing the real cookie specification.

'Http.cookie-origin': CookieOrigin instance represents detailed information about the real source server.

'Http.cookie-store': CookieStore instance representing the real cookie storage. In the local content value of this attribute takes precedence over the default.

Local HttpContext object can be used to customize the HTTP state management contents prior to execute the request or check the status after the request execution:


HttpClient httpclient = new DefaultHttpClient ();

HttpContext localContext = new BasicHttpContext ();

HttpGet httpget = new HttpGet ( "http: // localhost: 8080 /");

HttpResponse response = httpclient.execute (httpget, localContext);

CookieOrigin cookieOrigin = (CookieOrigin) localContext.getAttribute (

ClientContext.COOKIE_ORIGIN);

System.out.println ( "Cookie origin:" + cookieOrigin);

CookieSpec cookieSpec = (CookieSpec) localContext.getAttribute (

ClientContext.COOKIE_SPEC);

System.out.println ( "Cookie spec used:" + cookieSpec);

3.9 per user / state management thread

We can use a separate local execution context to manage each user (or each thread) state. Specification defined cookie cookie stored in the local registry and content will take precedence over the default settings in the HTTP client level in those.

HttpClient httpclient = new DefaultHttpClient ();

// Create a local instance of the cookie store

CookieStore cookieStore = new BasicCookieStore ();

// Create a local HTTP content

HttpContext localContext = new BasicHttpContext ();

// Bind custom cookie store local content

localContext.setAttribute (ClientContext.COOKIE_STORE, cookieStore);

HttpGet httpget = new HttpGet ( "http://www.google.com/");

// Passed as a parameter local content

HttpResponse response = httpclient.execute (httpget, localContext)

Chapter IV HTTP Authentication

HttpClient provides full support for standards defined by the HTTP authentication model. HttpClient's authentication framework can be extended to support non-standard authentication mode, such as NTLM and SPNEGO.

4.1 user credentials

Any user authentication process requires a set can be used to establish user identity credentials. The simplest form of user credentials may be only a username / password pair. UsernamePasswordCredentials represents a set of credentials contain safety rules and plaintext passwords. This implementation of the standard certification mode is defined by the HTTP standard specification is enough


UsernamePasswordCredentials creds = new UsernamePasswordCredentials ( "user", "pwd");

System.out.println (creds.getUserPrincipal () getName ().);

System.out.println (creds.getPassword ());

The output is:


user

pwd

NTCredentials is Microsoft Windows specific implementation, which contains in addition to username / password outside, an extra set of Windows specific attributes, such as user domain name, such as Microsoft's Windows network, the same user authentication different settings can It belongs to a different domain.


NTCredentials creds = new NTCredentials ( "user", "pwd", "workstation", "domain");

System.out.println (creds.getUserPrincipal () getName ().);

System.out.println (creds.getPassword ());

The output is:


DOMAIN / user

pwd

4.2 Authentication Mode

AuthScheme interface represents the abstract, for the Challenge - Response authentication mode. A desired authentication mode supports the following features:
Parsing and processing challenges posed by the target server in response to a protected resource request sent back.
Providing processing challenges attributes: type of authentication mode and its parameters, if available, such as the authentication model that can be applied in the field.
For a given set of credentials and HTTP requests to the real authentication challenge response generates an authentication string.

Note that there may be a certification model state, it involves a series of challenge - response exchange. HttpClient comes with some AuthScheme implementation:

Basic (Basic): Basic authentication mode defined in the 2617 RFC. This authentication mode is unsafe because credentials are transmitted in clear text. Although it is not secure, and if used in TLS / SSL encryption combinations, Basic authentication scheme is fully adequate.
Digest (Abstract): Digest authentication mode defined in the 2617 RFC. Digest authentication mode significantly enhance security than Basic, you do not want to through TLS / SL fully encrypted transport safety on overhead application is also a good choice.
NTLM: NTLM is developed by Microsoft to optimize Windows platform proprietary authentication mode. NTLM is considered more secure than Digest mode. This mode requires an external NTLM engine to work. For more details, please refer to the release package contains the NTLM_SUPPORT.txt document in HttpClient.

4.3 HTTP authentication parameters

Some parameters can be used to customize HTTP authentication process and independent certification mode behavior:
'Http.protocol.handle-authentication': defines whether authentication should be handled automatically. This parameter value is expected to give a java.lang.Boolean type. If this parameter is not set, HttpClient will automatically handle authentication.
'Http.auth.credential-charset': defines the character set used when encoding the user credentials to use. This parameter expect a value of type java.lang.String. If this parameter is not set, it will use US-ASCII.

4.4 authentication mode registry

HttpClient use AuthSchemeRegistry class maintains a registry of available authentication mode. For each of the following default mode is registered in:
Basic: Basic authentication mode
Digest: Digest authentication mode

Note NTLM mode is not registered for each default were. NTLM should not be on the licensed and legal reasons for each enabled by default. For more details on how to enable NTLM support see this part.


4.5 Credential Provider

Credential Provider is intended to maintain a set of user credentials, and can produce a specific user credentials to the scope of certification. Scope of certification including the host name, port number, domain name and authentication mode name. When using the credentials provided to register the credentials, we can provide a wildcard (any host, any port, any art, any mode) to replace the property value determined. If the direct match is not found, the credentials provided is expected to be used to find the best match for a particular range.

HttpClient can be any implementation of the interface CredentialsProvider credentials provide the physical representatives work together. The default CredentialsProvider realization is called BasicCredentialsProvider, it is simple to achieve with java.util.HashMap.


CredentialsProvider credsProvider = new BasicCredentialsProvider ();

credsProvider.setCredentials (

new AuthScope ( "somehost", AuthScope.ANY_PORT),

new UsernamePasswordCredentials ( "u1", "p1"));

credsProvider.setCredentials (

new AuthScope ( "somehost", 8080),

new UsernamePasswordCredentials ( "u2", "p2"));

credsProvider.setCredentials (

new AuthScope ( "otherhost", 8080, AuthScope.ANY_REALM, "ntlm"),

new UsernamePasswordCredentials ( "u3", "p3"));

System.out.println (credsProvider.getCredentials (

new AuthScope ( "somehost", 80, "realm", "basic")));

System.out.println (credsProvider.getCredentials (

new AuthScope ( "somehost", 8080, "realm", "basic")));

System.out.println (credsProvider.getCredentials (

new AuthScope ( "otherhost", 8080, "realm", "basic")));

System.out.println (credsProvider.getCredentials (

new AuthScope ( "otherhost", 8080, null, "ntlm")));

The output is:


[Principal: u1]

[Principal: u2]

null

[Principal: u3]

4.6 HTTP authentication and execution context

HttpClient relies on AuthState class to track detailed information about the status of the certification process. HTTP request execution process, HttpClient AuthState create two instances: a target host for authentication and another for proxy authentication. If the target server or proxy requires user authentication, AuthScope respective AuthState instance will be used in the authentication process, AuthScheme and Crednetials to fill. AuthState can be checked to find out what type of authentication request, and match AuthScheme implementation, whether credential provider for a given certification scope to find user credentials.

In the course of HTTP request execution, HttpClient adds the following objects and certification related to the execution context:
'Http.authscheme-registry': AuthSchemeRegistry instance representing the real certification model registry. The value of this property is set in the local content precedence over the default.

'Http.auth.credentials-provider': CookieSpec instance representing a real credential provider. The value of this property is set in the local content precedence over the default.

'Http.auth.target-scope': AuthState instance representing the real target certification status. The value of this property is set in the local content precedence over the default.

'Http.auth.proxy-scope': AuthState instance representing the state's proxy authentication. The value of this property is set in the local content precedence over the default.

Local HttpContext object can be used to customize the content of HTTP authentication, and prior to or after the request execution request is performed to check its status:


HttpClient httpclient = new DefaultHttpClient ();

HttpContext localContext = new BasicHttpContext ();

HttpGet httpget = new HttpGet ( "http: // localhost: 8080 /");

HttpResponse response = httpclient.execute (httpget, localContext);

AuthState proxyAuthState = (AuthState) localContext.getAttribute (

ClientContext.PROXY_AUTH_STATE);

System.out.println ( "Proxy auth scope:" + proxyAuthState.getAuthScope ());

System.out.println ( "Proxy auth scheme:" + proxyAuthState.getAuthScheme ());

System.out.println ( "Proxy auth credentials:" + proxyAuthState.getCredentials ());

AuthState targetAuthState = (AuthState) localContext.getAttribute (

ClientContext.TARGET_AUTH_STATE);

System.out.println ( "Target auth scope:" + targetAuthState.getAuthScope ());

System.out.println ( "Target auth scheme:" + targetAuthState.getAuthScheme ());

System.out.println ( "Target auth credentials:" + targetAuthState.getCredentials ());

4.7 preemption certification

HttpClient is not supported out of the box to seize the certification, due to abuse or reuse incorrect authentication preemption may cause serious security problems, such as user credentials are sent in clear text to non-certified third party. Therefore, users expect in their assessment and certification can only seize the environmental benefits of the contents of the potential security risk application, and require the use of such as adding support for preemption certification standards HttpClient extension mechanism protocol interceptors.

This is a simple protocol interceptors, if no authentication attempt to pre-empt the introduction BasicScheme instance to execution context. Please note that the interceptors must be certified before the standard interceptors added to the protocol processing chain.


HttpRequestInterceptor preemptiveAuth = new HttpRequestInterceptor () {

public void process (final HttpRequest request,

final HttpContext context) throws HttpException, IOException {

AuthState authState = (AuthState) context.getAttribute (

ClientContext.TARGET_AUTH_STATE);

CredentialsProvider credsProvider = (CredentialsProvider) context.getAttribute (ClientContext.CREDS_PROVIDER);

HttpHost targetHost = (HttpHost) context.getAttribute (

ExecutionContext.HTTP_TARGET_HOST);

// If not initialized auth mode

if (authState.getAuthScheme () == null) {

AuthScope authScope = new AuthScope (

targetHost.getHostName (),

targetHost.getPort ());

// Get the credentials match the target host

Credentials creds = credsProvider.getCredentials (authScope);

// If found, the first generation BasicScheme

if (creds! = null) {

authState.setAuthScheme (new BasicScheme ());

authState.setCredentials (creds);

}

}

}

};

DefaultHttpClient httpclient = new DefaultHttpClient ();

// As the first interceptor was added to the protocol chain

httpclient.addRequestInterceptor (preemptiveAuth, 0);

4.8 NTLM authentication

Current HttpClient no mention of the box support for NTLM authentication mode may never be. The reason for this is a legal rather than a technical one. However, NTLM authentication can use external NTLM engine such JCIFS [http://jcifs.samba.org/] to open, the library by the Samba [http://www.samba.org/] project development, as they are for Windows part of the interaction program suite. For details, please refer to the HttpClient release NTLM_SUPPORT.txt documentation included in the package.

4.8.1 NTLM connection persistence

NTLM authentication mode is calculated in terms of the cost of more expensive, but on the standard Basic and Digest mode is also a great performance. This is probably why Microsoft chose to NTLM authentication mode as one of the main reasons of state. That is, once authenticated, the user ID is connected to the entire life cycle and associated. State characteristics NTLM connection makes connection persistence is very complicated, for obvious reasons, can not be connected to persistent NTLM user different user ID reuse. Standard connection manager included with HttpClient is fully able to manage state of the connection. And logically related, using the same session and execution context in order to make them understand that the request of the current user identity is extremely important. Otherwise, HttpClient will terminate create a new HTTP connection to each protected resource based NTLM HTTP request. For a detailed discussion on stateful HTTP connection, refer to this section.

Because NTLM connection status is generally recommended to use a relatively simple way to trigger NTLM authentication, such as GET or HEAD, and reuse the same connection to perform more costly approach, especially as they contain the requesting entity, such as POST or PUT.

DefaultHttpClient httpclient = new DefaultHttpClient ();

NTCredentials creds = new NTCredentials ( "user", "pwd", "myworkstation", "microsoft.com");

httpclient.getCredentialsProvider () setCredentials (AuthScope.ANY, creds).;

HttpHost target = new HttpHost ( "www.microsoft.com", 80, "http");

// Ensure that the same content to be used to perform logic-related requests

HttpContext localContext = new BasicHttpContext ();

// First perform simple method. This triggers NTLM authentication

HttpGet httpget = new HttpGet ( "/ ntlm-protected / info");

HttpResponse response1 = httpclient.execute (target, httpget, localContext);

HttpEntity entity1 = response1.getEntity ();

if (entity1! = null) {

entity1.consumeContent ();

}

After // use the same content (and connection) to perform overhead approach.

HttpPost httppost = new HttpPost ( "/ ntlm-protected / form");

httppost.setEntity (new StringEntity ( "lots and lots of data"));

HttpResponse response2 = httpclient.execute (target, httppost, localContext);

HttpEntity entity2 = response2.getEntity ();

if (entity2! = null) {

entity2.consumeContent ();

}

Chapter HTTP Client Service

5.1 HttpClient facade

HttpClient interface represents the most important contract HTTP request execution. It did not request execution limit or impose specific details on the process, and in the connection management, state management, certification and redirected to deal with the details of implementation left. This should make it easier to use the additional features such as content caching respond to decorate the interface.

DefaultHttpClient is the default implementation HttpClient interface. This class has played a lot of special user interface program or policy dealing with specific aspects of the HTTP protocol, such as redirected to the authentication process or make the connection on the facade of persistence and holding duration of the activity decision. This allows users to choose to replace the default implementation of certain aspects of the use of custom specific procedures.


DefaultHttpClient httpclient = new DefaultHttpClient ();

httpclient.setKeepAliveStrategy (new DefaultConnectionKeepAliveStrategy () {

@Override

public long getKeepAliveDuration (HttpResponse response,

HttpContext context) {

long keepAlive = super.getKeepAliveDuration (response, context);

if (keepAlive == -1) {

// If the keep-alive value is not explicitly set by the server, then stay connected for 5 seconds.

keepAlive = 5000;

}

return keepAlive;

}

});

DefaultHttpClient also maintains a set of protocol interceptors, intended to deal with the request and response in leaving imminent arrival, but also provides a method to manage those interceptors. The new protocol interceptors can be introduced to the protocol processor chain, or removed when needed. Internal protocol interceptors are stored in a simple java.util.ArrayList in. They are added to the list in the natural order of execution.


DefaultHttpClient httpclient = new DefaultHttpClient ();

httpclient.removeRequestInterceptorByClass (RequestUserAgent.class);

httpclient.addRequestInterceptor (new HttpRequestInterceptor () {

public void process (

HttpRequest request, HttpContext context)

throws HttpException, IOException {

request.setHeader (HTTP.USER_AGENT, "My-own-client");

}

});

DefaultHttpClient is thread safe. The same recommendation instance of this class is re-used to perform multiple requests. When a DefaultHttpClient instance is no longer needed but also departing from the scope, and the connection manager associated with it must call ClientConnectionManager # shutdown () method to close.


HttpClient httpclient = new DefaultHttpClient ();

// Do something useful

httpclient.getConnectionManager () shutdown ().;

5.2 HttpClient parameters

These are the parameters that can be used to customize the default behavior of HttpClient to achieve:
'Http.protocol.handle-redirects': defines whether redirects should be handled automatically. The value of a parameter expect java.lang.Boolean type. If this parameter is not set, HttpClient will automatically handle redirection.

'Http.protocol.reject-relative-redirect': defines whether relative redirects should be rejected. HTTP specification requires an absolute position value is a URI. The value of a parameter expect java.lang.Boolean type. If this parameter is not set, then allow relative redirects.

'Http.protocol.max-redirects': defines the maximum number of redirects to follow. This restriction is intended to prevent redirection number of server-side script from the crushing caused by an infinite loop. This parameter expect a value of type java.lang.Integer. If this parameter is not set, then not only allow extra 100 redirects.

'Http.protocol.allow-circular-redirects': defines whether the ring redirect (redirect to the same path) is allowed. HTTP specification annular redirection is not enough to allow a clear presentation, so this can be used as an optional open. The value of a parameter expect java.lang.Boolean type. If this parameter is not set, then the ring redirection is not allowed.

'Http.connection-manager.factory-class-name': defines the type of default ClientConnectionManager achieve. This parameter expect a value of type java.lang.String. If this parameter is not set, the default will be used for each SingleClientConnManager.

'Http.virtual-host': defines the virtual host name used in the Host header information in place of the physical host name. The value of a parameter expect HttpHost type. If this parameter is not set, it will use the name or IP address of the target host.

'Http.default-headers': defines the default header information for each request sent. This parameter is expected to give a value of type java.util.Collection object that contains Header.

'Http.default-host': defines the default host. If the destination host is not in the request URI (relative URI) explicitly specified, then the default value. The value of a parameter expect HttpHost type.

5.3 automatic redirection process

HttpClient handling automatic redirection of all types, except those prohibited by the HTTP specification, such as requiring user intervention. References to other (status code 303) POST and PUT requests are redirected to convert HTTP specification requires a GET request on the grounds.

5.4 HTTP client and execution context

DefaultHttpClient the HTTP request as the same object, and never assume that during implementation of change request. Instead, it creates a copy of the original request object variable private, property based on a copy of the execution context to update. Thus, as the primary goal and the key type of request parameters final request URI can be executed after the request by checking the local HTTP context to decide.


DefaultHttpClient httpclient = new DefaultHttpClient ();

HttpContext localContext = new BasicHttpContext ();

HttpGet httpget = new HttpGet ( "http: // localhost: 8080 /");

HttpResponse response = httpclient.execute (httpget, localContext);

HttpHost target = (HttpHost) localContext.getAttribute (

ExecutionContext.HTTP_TARGET_HOST);

HttpUriRequest req = (HttpUriRequest) localContext.getAttribute (

ExecutionContext.HTTP_REQUEST);

System.out.println ( "Target host:" + target);

System.out.println ( "Final request URI:" + req.getURI ());

System.out.println ( "Final request method:" + req.getMethod ());

Chapter VI Advanced Topics

6.1 custom client connection

Under certain conditions, you may need to customize HTTP packets to pass through the line, over the HTTP parameters may be used to handle non-standard behavior is not compatible manner. For example, for a Web crawler, it may be necessary to force HttpClient accepts a malformed response headers to rescue contents of the message.

Usually insert a packet parser custom procedures or custom connectors implementation requires several steps:

Provide a custom LineParser / LineFormatter interface. If you need to implement packet parsing / formatting logic.


class MyLineParser extends BasicLineParser {

@Override

public Header parseHeader (

final CharArrayBuffer buffer) throws ParseException {

try {

return super.parseHeader (buffer);

} Catch (ParseException ex) {

// Suppress abnormal ParseException

return new BasicHeader ( "invalid", buffer.toString ());

}

}

}

I mentioned a custom OperatedClientConnection implementation. Replace the need to customize the default request definition / resolver response, request / response formatter. If necessary, to achieve different packet writing / reading code.


class MyClientConnection extends DefaultClientConnection {

@Override

protected HttpMessageParser createResponseParser (

final SessionInputBuffer buffer,

final HttpResponseFactory responseFactory,

final HttpParams params) {

return new DefaultResponseParser (buffer,

new MyLineParser (), responseFactory, params);

}

}

In order to create a new connection class offers a custom ClientConnectionOperator interface. If necessary, implement a different socket initialization code.


class MyClientConnectionOperator extends

DefaultClientConnectionOperator {

public MyClientConnectionOperator (

final SchemeRegistry sr) {

super (sr);

}

@Override

public OperatedClientConnection createConnection () {

return new MyClientConnection ();

}

}

To create a new class of connection operation, providing ClientConnectionManager custom interface.


class MyClientConnManager extends SingleClientConnManager {

public MyClientConnManager (

final HttpParams params,

final SchemeRegistry sr) {

super (params, sr);

}

@Override

protected ClientConnectionOperator createConnectionOperator (

final SchemeRegistry sr) {

return new MyClientConnectionOperator (sr);

}

}

6.2 stateful HTTP connections

HTTP session state information specification assumes HTTP cookie format usually embedded in HTTP packets, so HTTP connections are usually stateless, in real life, this assumption is often wrong. There are also some cases when HTTP connections to use a specific user identity or specific security context created, and therefore can not be shared with other users, it can be reused by the user. Examples of such stateful HTTP connections that use NTLM authentication connections and client certificate authentication SSL connection.

6.2.1 user token processor

HttpClient rely UserTokenHandler interfaces to determine whether a given execution context is specified by the user. If the context is a user-specified or if the context does not contain any resources or to specify details about the current user but null, token object returned by the processor, it is desirable that uniquely identifies the current user. User token will be used to ensure that resources are not specified by the user and other users to share or reuse.


If it can be obtained from the execution context given in, UserTokenHandler default implementation of the interface is to use one instance of the main class to represent the state of the object HTTP connections. UserTokenHandler will use based on the user, such as NTLM or SSL client authentication open session authentication modes for the main connection. If neither is available, then it will not return token.

If the default does not meet their needs, the user can provide a custom implementation of:


DefaultHttpClient httpclient = new DefaultHttpClient ();

httpclient.setUserTokenHandler (new UserTokenHandler () {

public Object getUserToken (HttpContext context) {

return context.getAttribute ( "my-token");

}

});

6.2.2 User Token and execution context

In the course of HTTP request execution, HttpClient adds the following objects and user identification related to the execution context:


'Http.user-token': object instances represent the true identity of the user, it is often desirable examples of Principle interface.

We can be executed after the request, by checking the contents of the local HTTP context, to find out whether there is a connection request execution state.


DefaultHttpClient httpclient = new DefaultHttpClient ();

HttpContext localContext = new BasicHttpContext ();

HttpGet httpget = new HttpGet ( "http: // localhost: 8080 /");

HttpResponse response = httpclient.execute (httpget, localContext);

HttpEntity entity = response.getEntity ();

if (entity! = null) {

entity.consumeContent ();

}

Object userToken = localContext.getAttribute (ClientContext.USER_TOKEN);

System.out.println (userToken);

6.2.2.1 persistent stateful connection

Please note that persistent connection with the state of the object only when the request is executed, the same state of the object is bound to the execution context can be reused. Therefore, to ensure the same execution context for the subsequent re-users of the same, or a user token is bound to the HTTP request before the request execution context is very important.

DefaultHttpClient httpclient = new DefaultHttpClient ();

HttpContext localContext1 = new BasicHttpContext ();

HttpGet httpget1 = new HttpGet ( "http: // localhost: 8080 /");

HttpResponse response1 = httpclient.execute (httpget1, localContext1);

HttpEntity entity1 = response1.getEntity ();

if (entity1! = null) {

entity1.consumeContent ();

}

Principal principal = (Principal) localContext1.getAttribute (

ClientContext.USER_TOKEN);

HttpContext localContext2 = new BasicHttpContext ();

localContext2.setAttribute (ClientContext.USER_TOKEN, principal);

HttpGet httpget2 = new HttpGet ( "http: // localhost: 8080 /");

HttpResponse response2 = httpclient.execute (httpget2, localContext2);

HttpEntity entity2 = response2.getEntity ();

if (entity2! = null) {

entity2.consumeContent ();

}
     
         
         
         
  More:      
 
- Security: Unix operating system intrusion tracking Strikes Back (Linux)
- IOS distributed management using GitHub project development (Linux)
- Under CentOS Linux automatic backup MySQL database daily (Database)
- iTerm - let your command line can also be colorful (Linux)
- Oracle Database Delete Delete million or more common method of heap table data (Database)
- The Linux-based security settings Ipchains Firewall (Linux)
- Learning MySQL data types (Database)
- Customize own small private Linux system (Linux)
- Linux and SELinux Exploration Program Manager (Linux)
- Linux System Getting Started Learning: compile and install ixgbe driver in Ubuntu or Debian (Linux)
- Kafka cluster deployment (Server)
- Big Data Common Glossary (Linux)
- PostgreSQL-XL installation and deployment (Database)
- Understanding Linux firewall Iptables (Linux)
- CentOS 6.2 install git error Perl5 (Linux)
- Linux firewall anti-hacker disguise malicious attacks (Linux)
- LaTeX Getting Started Tutorial (Linux)
- Servlet life cycle works (Programming)
- Linux System Getting Started Learning: Change the name of the network interface on CentOS7 (Linux)
- Linux operating system security tools of the Logs (Linux)
     
           
     
  CopyRight 2002-2022 newfreesoft.com, All Rights Reserved.