java 获取HttpRequest Header的几种方法(必看篇)
在开发应用程序的过程中,如果有多个应用,通常会通过一个portal门户来集成,这个portal 是所有应用程序的入口,用户一旦在portal登录之后,进入另外一个系统,就需要类似的单点登录(SSO).进入各个子系统的时候,就不需要再次登录,当然类似的功能,你可以通过专业的单点登录软件来实现,也可以自己写数据库token等方式来实现。其实还有一个比较简单的方法,就是通过portal封装已经登录过的用户的消息,写到httpheader之中,然后把请求forward到各个子系统中去,而各子系统从httpheader中获取用户名,作为是否登录过的校验或者合法的校验。
总结了几种处理httpHeader的方法:
利用HttpServletRequest
importjavax.servlet.http.HttpServletRequest;
//...
privateHttpServletRequestrequest;
//getrequestheaders
privateMap<String,String>getHeadersInfo(){
Map<String,String>map=newHashMap<String,String>();
EnumerationheaderNames=request.getHeaderNames();
while(headerNames.hasMoreElements()){
Stringkey=(String)headerNames.nextElement();
Stringvalue=request.getHeader(key);
map.put(key,value);
}
returnmap;
}
一个典型的例子如下:
"headers":{
"Host":"yihaomen.com",
"Accept-Encoding":"gzip,deflate",
"X-Forwarded-For":"66.249.x.x",
"X-Forwarded-Proto":"http",
"User-Agent":"Mozilla/5.0(compatible;Googlebot/2.1;+
http://www.google.com/bot.html
)",
"X-Request-Start":"1389158003923",
"Accept":"*/*",
"Connection":"close",
"X-Forwarded-Port":"80",
"From":"googlebot(at)googlebot.com"
}
获取user-agent
importjavax.servlet.http.HttpServletRequest;
//...
privateHttpServletRequestrequest;
privateStringgetUserAgent(){
returnrequest.getHeader("user-agent");
}
一个典型的例子如下:
Mozilla/5.0(compatible;Googlebot/2.1;+ http://www.google.com/bot.html )
利用springmvc获取 HttpRequestHeader的例子
importjava.util.Enumeration;
importjava.util.HashMap;
importjava.util.Map;
importjavax.servlet.http.HttpServletRequest;
importorg.springframework.beans.factory.annotation.Autowired;
importorg.springframework.stereotype.Controller;
importorg.springframework.web.bind.annotation.PathVariable;
importorg.springframework.web.bind.annotation.RequestMapping;
importorg.springframework.web.bind.annotation.RequestMethod;
importorg.springframework.web.servlet.ModelAndView;
@Controller
@RequestMapping("/site")
publicclassSiteController{
@Autowired
privateHttpServletRequestrequest;
@RequestMapping(value="/{input:.+}",method=RequestMethod.GET)
publicModelAndViewgetDomain(@PathVariable("input")Stringinput){
ModelAndViewmodelandView=newModelAndView("result");
modelandView.addObject("user-agent",getUserAgent());
modelandView.addObject("headers",getHeadersInfo());
returnmodelandView;
}
//getuseragent
privateStringgetUserAgent(){
returnrequest.getHeader("user-agent");
}
//getrequestheaders
privateMap<String,String>getHeadersInfo(){
Map<String,String>map=newHashMap<String,String>();
EnumerationheaderNames=request.getHeaderNames();
while(headerNames.hasMoreElements()){
Stringkey=(String)headerNames.nextElement();
Stringvalue=request.getHeader(key);
map.put(key,value);
}
returnmap;
}
}
也许有人会说,HttpHeader 是可以模拟的,那么自己可以构造一个用来欺骗这些系统,是的,的确是这样,所以在用HttpHeader来传值得时候,一定要记得,所有的请求都必须经过portal来处理,然后forward到各子系统,就不会出现这个问题了。因为portal首先拦截用户发起的所有的请求,如果是构造的用户,在portal的sessiion也是没有记录的,仍然会跳转到登录页面,如果在protal的session中记录,而且 HttpHeader中也有记录,那么在子系统就是合法的用户,然后自己可以根据一些要求处理业务逻辑了
JSP/Java获取HTTPheader信息(request)例子
<%
//header.jsp
out.println("Protocol:"+request.getProtocol()+"<br>");
out.println("Scheme:"+request.getScheme()+"<br>");
out.println("ServerName:"+request.getServerName()+"<br>");
out.println("ServerPort:"+request.getServerPort()+"<br>");
out.println("Protocol:"+request.getProtocol()+"<br>");
out.println("ServerInfo:"+getServletConfig().getServletContext().getServerInfo()+"<br>");
out.println("RemoteAddr:"+request.getRemoteAddr()+"<br>");
out.println("RemoteHost:"+request.getRemoteHost()+"<br>");
out.println("CharacterEncoding:"+request.getCharacterEncoding()+"<br>");
out.println("ContentLength:"+request.getContentLength()+"<br>");
out.println("ContentType:"+request.getContentType()+"<br>");
out.println("AuthType:"+request.getAuthType()+"<br>");
out.println("HTTPMethod:"+request.getMethod()+"<br>");
out.println("PathInfo:"+request.getPathInfo()+"<br>");
out.println("PathTrans:"+request.getPathTranslated()+"<br>");
out.println("QueryString:"+request.getQueryString()+"<br>");
out.println("RemoteUser:"+request.getRemoteUser()+"<br>");
out.println("SessionId:"+request.getRequestedSessionId()+"<br>");
out.println("RequestURL:"+request.getRequestURL()+"<br>");
out.println("RequestURI:"+request.getRequestURI()+"<br>");
out.println("ServletPath:"+request.getServletPath()+"<br>");
out.println("Created:"+session.getCreationTime()+"<br>");
out.println("LastAccessed:"+session.getLastAccessedTime()+"<br>");
out.println("Accept:"+request.getHeader("Accept")+"<br>");
out.println("Host:"+request.getHeader("Host")+"<br>");
out.println("Referer:"+request.getHeader("Referer")+"<br>");
out.println("Accept-Language:"+request.getHeader("Accept-Language")+"<br>");
out.println("Accept-Encoding:"+request.getHeader("Accept-Encoding")+"<br>");
out.println("User-Agent:"+request.getHeader("User-Agent")+"<br>");
out.println("Connection:"+request.getHeader("Connection")+"<br>");
out.println("Cookie:"+request.getHeader("Cookie")+"<br>");
%>
关于request.getHeader("Referer")的说明
request.getHeader("Referer")获取来访者地址。只有通过链接访问当前页的时候,才能获取上一页的地址;否则request.getHeader("Referer")的值为Null,通过window.open打开当前页或者直接输入地址,也为Null。
以上就是小编为大家带来的java获取HttpRequestHeader的几种方法(必看篇)的全部内容了,希望对大家有所帮助,多多支持毛票票~