訪問https介面
阿新 • • 發佈:2019-01-24
前言:
在android開發中,會涉及到安全比較高的業務,比如銀行,網上交易等,這就涉及到https協議的互動
對於https 互動過程分兩個階段
1. 客戶端獲取伺服器的證書,並驗證證書的內容是否可信
2. 客戶端和伺服器端進行握手協議,並進行資料傳輸
對於https 互動過程,第一點,採用了網站可信的方式,如有需要驗證域名和證書是否一致的,請自我擴充套件
實現的過程:
1): 註冊scheme of https
注意:
HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
如果需要驗證,則,自己繼承HostnameVerifier ,並實現介面。
2):獲取 httpClient 和 httpPost
3):獲取資料
下面是實現的原始碼,引數就是https路徑:
public String GetData(String URL)
{
String returns="";
//Step One register scheme of https
HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
SchemeRegistry registry = new SchemeRegistry();
SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory();
socketFactory.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
registry.register(new Scheme("https", socketFactory, 443));
registry.register(new Scheme("http",PlainSocketFactory.getSocketFactory (), 80));
//Step Two Get httpClient and httpPost
DefaultHttpClient client = new DefaultHttpClient();
SingleClientConnManager mgr = new SingleClientConnManager(client.getParams(), registry);
DefaultHttpClient httpClient = new DefaultHttpClient(mgr, client.getParams());
//------- Set verifier
HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
// -------Example send http request
// final String url = "https://martinreichart.com/_tmpdata/login_valid.json";
HttpPost httpPost = new HttpPost(URL);
//Step Three Get Data
try {
HttpResponse response = httpClient.execute(httpPost);
if (response.getStatusLine().getStatusCode() == HttpStatus.SC_OK) {
// 解析返回的內容
returns = EntityUtils.toString(response.getEntity());
}
}
catch(Exception ex)
{
String aa =ex.toString();
}
return returns;
}
在android開發中,會涉及到安全比較高的業務,比如銀行,網上交易等,這就涉及到https協議的互動
對於https 互動過程分兩個階段
1. 客戶端獲取伺服器的證書,並驗證證書的內容是否可信
2. 客戶端和伺服器端進行握手協議,並進行資料傳輸
對於https 互動過程,第一點,採用了網站可信的方式,如有需要驗證域名和證書是否一致的,請自我擴充套件
實現的過程:
1): 註冊scheme of https
注意:
HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
如果需要驗證,則,自己繼承HostnameVerifier ,並實現介面。
2):獲取 httpClient 和 httpPost
3):獲取資料
下面是實現的原始碼,引數就是https路徑:
public String GetData(String URL)
{
String returns="";
//Step One register scheme of https
HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
SchemeRegistry registry = new SchemeRegistry();
SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory();
socketFactory.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
registry.register(new Scheme("https", socketFactory, 443));
registry.register(new Scheme("http",PlainSocketFactory.getSocketFactory (), 80));
//Step Two Get httpClient and httpPost
DefaultHttpClient client = new DefaultHttpClient();
SingleClientConnManager mgr = new SingleClientConnManager(client.getParams(), registry);
DefaultHttpClient httpClient = new DefaultHttpClient(mgr, client.getParams());
//------- Set verifier
HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
// -------Example send http request
// final String url = "https://martinreichart.com/_tmpdata/login_valid.json";
HttpPost httpPost = new HttpPost(URL);
//Step Three Get Data
try {
HttpResponse response = httpClient.execute(httpPost);
if (response.getStatusLine().getStatusCode() == HttpStatus.SC_OK) {
// 解析返回的內容
returns = EntityUtils.toString(response.getEntity());
}
}
catch(Exception ex)
{
String aa =ex.toString();
}
return returns;
}