当前位置: 首页 » java

Supplying credentials safely to a RESTFUL API

I've created a RESTful server app that sits and services requests at useful URLs such as www.site.com/get/someinfo. It's built in Spring. However, these accesses are password protected. I'm now building a client app that will connect to this RESTful app and request data via a URL. How can I pass the credentials across? Currently, it just pops up the user/password box to the user

2018-06-07 03:38:08

将凭据安全地提供给RESTFUL API

我创建了一个RESTful服务器应用程序,可以在有用的URL(例如www.site.com/get/someinfo)上访问并提供请求服务。 它建在春天。 但是,这些访问受密码保护。 我现在正在构建一个客户端应用程序,该应用程序将连接到此RESTful应用程序并通过URL请求数据。 我如何传递凭据? 目前,它只是弹出用户/密码框给用户,但我希望用户能够在客户端应用程序的框中键入用户名和密码,并让客户端应用程序将凭据提供给RESTful应用程序它请

2018-06-07 03:38:08

Protect RESTful webservice URL

This question already has an answer here: RESTful Authentication 13 answers From the server's point of view there is no difference between answering a restful service request and answering a page request. Thus you can use exactly the same mechanisms. This is valid whatever way the rest service is requested : from an application, from Angular, etc Concrete example The most common i

2018-06-07 03:28:49

保护REST风格的Web服务网址

这个问题在这里已经有了答案: RESTful认证13个答案 从服务器的角度来看,回答一个安静的服务请求和回答一个页面请求没有区别。 因此,您可以使用完全相同的机制。 无论请求其他服务如何,这都是有效的:来自应用程序,来自Angular等 具体的例子 最常见的方法是使用带密码验证的登录,该验证为用户提供了一个cookie,当该请求稍后发送时,该cookie将与请求一起发送。 为了做到这一点,你可以有一个安静的API端点,

2018-06-07 03:28:49

Send “POST” JSON Data to Server

I used this code to send post data to server using android. Could anyone give me any idea or your sample how to send POST OR GET json data to server TOMCAT..! Steps tips : create HttpClient make POST request to the given URL build jsonObject convert JSONObject to JSON to String set json to StringEntity set httpPost Entity Set some headers to inform server about the type of the con

2018-06-07 03:24:41

发送“POST”JSON数据到服务器

我用这个代码发送数据到服务器使用android。 任何人都可以给我任何想法或您的示例如何发送POST或GET JSON数据到服务器TOMCAT ..! 步骤提示: 创建HttpClient 对给定的URL发出POST请求 构建jsonObject 将JSONObject转换为JSON为String 将json设置为StringEntity 设置httpPost实体 设置一些标题通知服务器关于内容的类型 对给定的URL执行POST请求 作为inputStream接收响应 将inputstream转换为字符串 返

2018-06-07 03:24:41

How do I pass a JSONObject from Android application to a PHP file?

I want to send a simple JSON object to PHP server,but when i try to retrieve that object on the server side,there is nothing i mean my $_POST variable is empty. The server side is PHP 5.2 and I'm using android emulator 10...Could someone have a look on my code and tell me what is going wrong? Thanks a lot public void uploadJSon() throws ClientProtocolException, IOException, JSONException{

2018-06-07 03:22:37

如何将Android应用程序的JSONObject传递给PHP文件?

我想发送一个简单的JSON对象到PHP服务器,但是当我尝试在服务器端检索该对象时,我的意思是我的$ _POST变量是空的。 服务器端是PHP 5.2,我使用的是Android模拟器10 ...有人可以看看我的代码并告诉我发生了什么问题吗? 非常感谢 public void uploadJSon() throws ClientProtocolException, IOException, JSONException{ HttpClient httpclient = new DefaultHttpClient(); String url = "http://so-dev-deb.niv

2018-06-07 03:22:36

Liquibase: How to drop unique constraint with no constraint name?

This is what my column looks like <column name="name" type="VARCHAR(255)"> <constraints nullable="false" unique="true"/> </column> I want to remove unique=true constraint. I looked at what liquibase has to offer and it has <changeSet author="liquibase-docs" id="dropUniqueConstraint-example"> <dropUniqueConstraint catalogName="cat"

2018-06-07 03:09:12

Liquibase:如何删除没有约束名称的唯一约束?

这是我的专栏的样子 <column name="name" type="VARCHAR(255)"> <constraints nullable="false" unique="true"/> </column> 我想删除unique=true约束。 我研究了liquibase必须提供的功能 <changeSet author="liquibase-docs" id="dropUniqueConstraint-example"> <dropUniqueConstraint catalogName="cat" constraintName="const_name"

2018-06-07 03:09:12

What JVM optimization is causing these performance results?

Doing Java REST service performance test I see a pattern that was unexpected: a method that creates and returns always the same value object in each invocation runs faster than another version that just returns the value object stored in a class or object field. Code: @POST @Path("inline") public Response inline(String s) { return Response.status(Status.CREATED).build(); } private s

2018-06-07 03:01:59

什么JVM优化导致这些性能结果?

执行Java REST服务性能测试我发现一个意外的模式:在每次调用中创建并返回始终相同的值对象的方法运行得比另一个只返回存储在类或对象字段中的值对象的版本快。 码: @POST @Path("inline") public Response inline(String s) { return Response.status(Status.CREATED).build(); } private static final Response RESP = Response.status(Status.CREATED).build(); @POST @Path("staticfield") public Response st

2018-06-07 03:01:58

How to create keystore and truststore using self

We have JAVA server and client communicate over network using SSL. The server and client mutually authenticate each other using certificates. The keystore type used by server and client is JKS. The keystore and truststore file names for the server and client are: server.keystore, server.truststore, client.keystore, and client.truststore. I am using Self-Signed certificates for testing only.

2018-06-07 02:30:56

如何使用self创建密钥库和信任库

我们有JAVA服务器和客户端通过使用SSL的网络进行通信。 服务器和客户端使用证书相互验证身份。 服务器和客户端使用的密钥库类型是JKS。 服务器和客户端的密钥库和信任库文件名是:server.keystore,server.truststore,client.keystore和client.truststore。 我正在使用自签名证书进行测试。 问题: Q1。 我想知道为什么我需要在第6步中将服务器和客户端自己的证书添加到其各自的信任库中。 Q2。 我可以减少数字步

2018-06-07 02:30:55

Java7 Refusing to trust certificate in trust store

I've a weird problem - a supplier uses TLS SSLv3 with both a self signed client and server certificate. This hasn't been a problem with Java1.5 and Java1.6 - simply import client certificate and private key into a keystore and the server public certificate into the truststore. Everything works fine. However with Java7 the server certificate fails to be trusted even though the same trus

2018-06-07 02:29:54

Java7拒绝信任存储中的证书

我有一个奇怪的问题 - 供应商将TLS SSLv3与自签名客户端和服务器证书一起使用。 这对于Java1.5和Java1.6来说并不是问题 - 只需将客户端证书和私钥导入密钥库并将服务器公共证书导入到信任库。 一切正常。 但是,对于Java7,即使使用相同的信任库,服务器证书也不可信。 我尝试过使用Java7(1.7.03,04和05,x86和x64版本)的Windows和Red Hat,但都没有成功。 我从零开始重新创建密钥库/信任库,它们只包含这些证书。 已经

2018-06-07 02:29:53

why doesn't java send the client certificate during SSL handshake?

I'm trying to connect to a secure webservice. I was getting a handshake failure even though my keystore and truststore have been set correctly. After several days of frustration, endless googling and asking everyone around I found out that the only problem was that java chose not to send the client certificate to the server during the handshake. Specifically: Server requested a client

2018-06-07 02:28:52

为什么在SSL握手期间java不发送客户端证书?

我试图连接到一个安全的web服务。 即使我的密钥库和信任库已正确设置,我仍遇到握手失败。 经过几天的无奈之后,无尽的搜索结果并询问身边的人,我发现唯一的问题是java在握手期间选择不发送客户端证书到服务器。 特别: 服务器请求客户端证书(CN = RootCA) - 即“给我一个由根CA签名的证书” Java查看密钥存储库,只发现我的客户端证书由“SubCA”签名,而“SubCA”则由“RootCA”签发。 它没有费心去查看信任库......嗯,

2018-06-07 02:28:51

Trust Store vs Key Store

I understand that the keystore would usually hold private/public keys and the trust store only public keys (and represents the list of trusted parties you intend to communicate with). Well, that's my first assumption, so if that's not correct, I probably haven't started very well... I was interested though in understanding how / when you distinguish the stores when using keytool.

2018-06-07 02:27:50

信托店vs钥匙店

我知道密钥库通常会拥有私钥/公钥和只有公用密钥的信任存储区(并且代表您希望与之通信的可信方的列表)。 那么,这是我的第一个假设,所以如果这是不正确的,我可能还没有开始很好...... 我对使用keytool时了解商店的方式/时间区分商店感兴趣。 所以,我已经创建了一个keystore keytool -import -alias bob -file bob.crt -keystore keystore.ks 它创建我的keystore.ks文件。 我对这个问题的回答yes ,但我不清楚这是否

2018-06-07 02:27:49