Question
I am having a problem calling the same https URL several times in a row. The first requests are successful, but after an indeterminate amount of time, a 401 HTTP error code exception is thrown, suggesting that the user credentials are invalid.
I discussed this problem with the person in charge of the database/server and he told me that the problem I was experiencing was normal because after some fixed amount of time, the server invalidates session data, causing subsequent calls to the same URL with the same user credentials to result in a 401 HTTP error code.
He indicated that if I let different URLConnection objects handle all the calls that need to be made, then I should not have to worry about expired session data.
His explanation seems to make sense, but as the snippet of code below shows, I am already using a brand new URLConnection object for each request to the same url with the same user credentials. So if what I was told is correct, then I guess that the problem is that the URLConnection objects are all using the same underlying connection and for that reason sharing the same session data.
Assuming that I am on the right track, how should I modify my code so that each time I make a new request to the same URL with the same user credentials I don't run into problems caused by expired session data? Is it just a matter of calling disconnect() on the underlying HttpsURLConnection object?
https://stackoverflow.com/questions/17841456
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianpublic static void main(String[] args)
{
String url = "https://...";//some https url
int x = 0;
while(true)
{
try
{
System.out.print("call#: " + (++x));
//call download() with a valid username & password
String result = download(url, "some-valid-username", "some-valid-password");
System.out.println(result);
}
catch(Throwable e)
{
//after hundreds of successful calls,
//a 401 HTTP error code exception
e.printStackTrace();
break;
}
}
}
public static String download(String url, String user, String pass) throws IOException
{
//new URLConnection object
java.net.URLConnection connection = new java.net.URL(url).openConnection();
connection.setRequestProperty("Authorization",
"Basic " +
javax.xml.bind.DatatypeConverter.printBase64Binary(
(user + ":" + pass).getBytes("UTF-8")));
//get response
InputStream is = null;
byte[] response = null;
try
{
is = connection.getInputStream();
ByteArrayOutputStream stream = new ByteArrayOutputStream();
byte[] bytes = new byte[16384];
int x = 0;
while((x = is.read(bytes, 0, bytes.length)) != -1){
stream.write(bytes, 0, x);
}
stream.flush();
response = stream.toByteArray();
}
finally
{
if (is != null)
{
is.close();
}
}
//((javax.net.ssl.HttpsURLConnection)connection).disconnect();// ?
return response != null ? new String(response, "UTF-8") : null;
}
Solution
Based on your login credentials server will create the session id and that will maintain by the server. Your subsequent calls will be validated against the session id not by your credentials. You need to get the session id at first time and maintain with in your application. Pass that to server for subsequent calls. The session will be expired after certain predifined time period if no request sent to the server.
Please read it
