401 Unauthorized 客户试图未经授权访问受密码保护的页面

wingware

浏览: 141919 次
性别:
来自: 北京

最近访客更多访客>>

mqiezi

maomaohou

coolmayi

coronach_joe

博主相关

博客

微博

相册

留言

关于我

文章分类

全部博客 (62)

社区版块

存档分类

SNS Cache SUN Windows 浏览器

401 Unauthorized 客户试图未经授权访问受密码保护的页面。应答中会包含一个WWW-Authenticate头，浏览器据此显示用户名字/密码对话框，然后在填写合适的Authorization头后再次发出请求。

response.setHeader("Cache-Control", "no-store");
response.setDateHeader("Expires", 0);
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
response.setHeader("WWW-Authenticate","Basic realm=\"SNS Secure Area\"");

获取用户名密码为:

sun.misc.BASE64Decoder decoder = new sun.misc.BASE64Decoder();
		String authorization = request.getHeader("authorization");
		System.out.println("authorization:"+authorization);
		
		String userName = null;
		String password = null;
		
		if (authorization != null && authorization.length()>0) {
		  if (authorization.startsWith("Basic")){
		    authorization = authorization.substring(authorization.indexOf(' ')+1);
		    byte[] bytes = decoder.decodeBuffer(authorization);
		    authorization = new String(bytes);
		    userName = authorization.substring(0,authorization.indexOf(':'));
		    password = authorization.substring(authorization.indexOf(':')+1);
		    System.out.println("userName:"+userName);
		    System.out.println("password:"+password);
		  }else if (authorization.startsWith("Digest")){
			userName = authorization.substring(authorization.indexOf("username="));
		    userName = userName.substring("username=\"".length());
		    userName = userName.substring(0,userName.indexOf('"'));
		    password = authorization.substring(authorization.indexOf("response="));
		    password = password.substring("response=\"".length());
		    password = password.substring(0,password.indexOf('"'));
		  }
		  
		  System.out.println("userName:"+userName+"\npassword:"+password);
		  
		}

05:19:08,515 INFO [STDOUT] ====================x-requested-with:XMLHttpRequest
05:19:11,421 INFO [STDOUT] ====================accept-language:zh-cn
05:19:13,078 INFO [STDOUT] ====================referer:http://localhost:8080/ams/lephone/2.5/appreview.do?lcaid=4104
05:19:14,218 INFO [STDOUT] ====================accept:*/*
05:19:18,203 INFO [STDOUT] ====================content-type:application/x-www-form-urlencoded
05:19:47,343 INFO [STDOUT] ====================accept-encoding:gzip, deflate
05:19:20,734 INFO [STDOUT] ====================user-agent:Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.2)
05:19:48,656 INFO [STDOUT] ====================host:localhost:8080
05:19:22,750 INFO [STDOUT] ====================content-length:48
05:19:49,921 INFO [STDOUT] ====================connection:Keep-Alive
05:19:50,578 INFO [STDOUT] ====================cache-control:no-cache
05:19:25,421 INFO [STDOUT] ====================cookie:JSESSIONID=D744F0509E590D7F3EA343326882BDEA; clientid=null661a1d2a5e97432c80ebf82fb23da2bb; lpsust=""
05:19:26,343 INFO [STDOUT] ====================authorization:Basic b29vb29vb29vbzpkZGRkZGRkZGRkZGRkZGRkZGRkZGRkZGRkZGRk

分享到：