Java apache http maven

Advanced configuration to HttpClient HTTP Wagon

Advanced Configuration of the HttpClient HTTP Wagon

You can use the default wagon implementation for a given protocol, or you can select an alternative wagon provider on a per-protocol basis. For more information, see the Guide to Wagon Providers [3]. The default wagon http(s) is the HttpClient based on Apache Http Client 4.5. HTTP connection pooling prevents reopening new connections to the same server for each request. This pool feature is configurable with some parameters [4]. The default wagon comes with some default configuration:

  • http(s) connection pool: default to 20.
  • readTimeout: default to 1,800,000ms (~30 minutes) (see section Read time out below)
  • default Preemptive Authentication only with PUT (GET doesn’t use anymore default Preemptive Authentication)

Introduction

The HttpClient-based HTTP wagon offers more control over the configuration used to access HTTP-based Maven repositories. For starters, you have fine-grained control over what HTTP headers are used when resolving artifacts. In addition, you can also configure a wide range of parameters to control the behavior of HttpClient itself. Best of all, you have the ability to control these headers and parameters for all requests, or individual request types (GET, HEAD, and PUT).

The Basics

Without any special configuration, Maven’s HTTP wagon uses some default HTTP headers and client parameters when managing artifacts. The default headers are:

Cache-control: no-cache Cache-store: no-store Pragma: no-cache Expires: 0 Accept-Encoding: gzip

In addition, PUT requests made with the HTTP wagon use the following HttpClient parameter:

http.protocol.expect-continue=true

From the HttpClient documentation[2], this parameter provides the following functionality:

Activates 'Expect: 100-Continue' handshake for the entity enclosing methods. The 'Expect: 100-Continue' handshake allows a client that is sending a request message with a request body to determine if the origin server is willing to accept the request (based on the request headers) before the client sends the request body. The use of the 'Expect: 100-continue' handshake can result in noticeable performance improvement for entity enclosing requests (such as POST and PUT) that require the target server's authentication. 'Expect: 100-continue' handshake should be used with caution, as it may cause problems with HTTP servers and proxies that do not support HTTP/1.1 protocol.

Without this setting, PUT requests that require authentication transfer their entire payload to the server before that server issues an authentication challenge. In order to complete the PUT request, the client must then re-send the payload with the proper credentials specified in the HTTP headers. This results in twice the bandwidth usage, and twice the time to transfer each artifact.

Another option to avoid this double transfer is what’s known as preemptive authentication, which involves sending the authentication headers along with the original PUT request. However, there are a few potential issues with this approach. For one thing, in the event you have an unused entry that specifies an invalid username/password combination, some servers may respond with a 401 Unauthorized even if the server doesn’t actually require any authentication for the request. In addition, blindly sending authentication credentials with every request regardless of whether the server has made a challenge can result in a security hole, since the server may not make provisions to secure credentials for paths that don’t require authentication.

Читайте также:  Управление подсветкой asus python

We’ll discuss preemptive authentication in another example, below.

Configuring GET, HEAD, PUT, or All of the Above

Starting with Maven 3.9.0 native HTTP transport will pick up the «all» settings only (get, head, put are neglected!)» but it will WARN about it’s deprecation. For users sticking with Wagon nothing changes.

In all of the examples below, it’s important to understand that you can configure the HTTP settings for all requests made to a given server, or for only one method. To configure all methods for a server, use the following section of the settings.xml file:

 [. ]  the-server   [ Your configuration here. ]     

On the other hand, if you can live with the default configuration for most requests — say, HEAD and GET requests, which are used to check for the existence of a file and retrieve a file respectively — maybe you only need to configure the PUT method:

 [. ]  the-server   [ Your configuration here. ]     

For clarity, the other two sections are for GET requests, and for HEAD requests. I know that’s going to be hard to remember.

Taking Control of Your HTTP Headers

As you may have noticed above, the default HTTP headers do have the potential to cause problems. For instance, some websites set the encoding for downloading GZipped files as gzip , in spite of the fact that the HTTP request itself isn’t being sent using GZip compression. If the client is using the Accept-Encoding: gzip header, this can result in the client itself decompressing the GZipped file during the transfer and writing the decompressed file to the local disk with the original filename. This can be misleading to say the least, and can use up an inordinate amount of disk space on the local computer.

To turn off this default behavior, simply disable the default headers. Then, respecify the other headers that you are still interested in, like this:

 [. ]  openssl   false  Cache-control no-cache  Cache-store no-store  Pragma no-cache  Expires 0  Accept-Encoding *       [. ] [. ] 

Fine-Tuning HttpClient Parameters

Going beyond the power of HTTP request parameters, HttpClient provides a host of other configuration options. In most cases, you won’t need to customize these. But in case you do, Maven provides access to specify your own fine-grained configuration for HttpClient. Again, you can specify these parameter customizations per-method (HEAD, GET, or PUT), or for all methods of interacting with a given server. For a complete list of supported parameters, see the link[2] in Resources section below.

Non-String Parameter Values

Many of the configuration parameters for HttpClient have simple string values; however, there are important exceptions to this. In some cases, you may need to specify boolean, integer, or long values. In others, you may even need to specify a collection of string values. You can specify these using a simple formatting syntax, as follows:

  1. booleans: %b,
  2. integer: %i,
  3. long: %l, (yes, that’s an ‘L’, not a ‘1’)
  4. double: %d,
  5. collection of strings: %c,,,. , which could also be specified as:

As you may have noticed, this syntax is similar to the format-and-data strategy used by functions like sprintf() in many languages. The syntax has been chosen with this similarity in mind, to make it a little more intuitive to use.

Example: Using Preemptive Authentication

Using the above syntax, you can configure preemptive authentication for PUT requests using the boolean HttpClient parameter http.authentication.preemptive , like this:

   my-server     http.authentication.preemptive %b,true        

Another option is to make write it like this:

Example: Lifting auth scope restriction for external authentication systems

Maven Wagon by default limits supplied credentials to the host:port combination scope, ignoring any other target servers. When the target server delegates authentication to an external system, you need to deliberately lift that scope limitation. Configure your server element to pass authentication to all target servers which challenge the client. +—+ settings servers server idmy-server/id configuration basicAuthScope hostANY/host portANY/port !— or even 443 to force the use of TLS — /basicAuthScope httpConfiguration all params property namehttp.protocol.cookie-policy/name valuestandard/value /property /params /all /httpConfiguration /configuration /server /servers /settings +—+

Ignoring Cookies

Like the example above, telling the HttpClient to ignore cookies for all methods of request is a simple matter of configuring the http.protocol.cookie-policy parameter (it uses a regular string value, so no special syntax is required):

   my-server     http.protocol.cookie-policy ignore        

The configuration above can be useful in cases where the repository is using cookies — like the session cookies that are often mistakenly turned on or left on in appservers — alongside HTTP redirection. In these cases, it becomes far more likely that the cookie issued by the appserver uses a Path that is inconsistent with the one used by the client to access the server. If you have this problem, and know that you don’t need to use this session cookie, you can ignore cookies from this server with the above configuration.

Support for General-Wagon Configuration Standards

It should be noted that configuration options previously available in the HttpClient-driven HTTP wagon are still supported in addition to this new, fine-grained approach. These include the configuration of HTTP headers and connection timeouts. Let’s examine each of these briefly:

HTTP Headers

In all HTTP Wagon implementations, you can add your own HTTP headers like this:

It’s important to understand that the above approach doesn’t allow you to turn off all of the default HTTP headers; nor does it allow you to specify headers on a per-method basis. However, this configuration remains available in both the lightweight and httpclient-based Wagon implementations.

Connection Timeouts

All wagon implementations that extend the AbstractWagon class, including those for SCP, HTTP, FTP, and more, allow the configuration of a connection timeout, to allow the user to tell Maven how long to wait before giving up on a connection that has not responded. This option is preserved in the HttpClient-based wagon, but this wagon also provides a fine-grained alternative configuration that can allow you to specify timeouts per-method for a given server. The old configuration option — which is still supported — looks like this:

. while the new configuration option looks more like this:

If all you need is a per-server timeout configuration, you still have the option to use the old parameter. If you need to separate timeout preferences according to HTTP method, you can use one more like that specified directly above.

Read time out

With Wagon 2.0 and Apache Maven 3.0.4, a default timeout of 30 minutes comes by default. If you want to change this value, you can add the following setup in your settings:

Resources

Источник

Apache HttpClient 4.5 Custom HTTP Headers Example

An HTTP message can contain a number of headers describing properties of the message such as content length, content type, authorization and so on. HttpClient provides methods to retrieve, add, remove and enumerate headers. In the following tutorial we’ll show how to add custom HTTP Headers to the HttpClient and Http request method.

Maven dependencies

We use maven to manage our dependencies and are using Apache HttpClient version 4.5. Add the following dependency to your project.

  4.0.0 com.memorynotfound.apache.httpclient custom-headers 1.0.0-SNAPSHOT https://memorynotfound.com httpclient - $   org.apache.httpcomponents httpclient 4.5.3     maven-compiler-plugin 3.5.1 1.8 1.8     

Custom HTTP Headers Example

The HttpClient allows us add, edit, remove or enumerate http headers. First we’ll look at setting default headers on the HttpClient . Next, we add custom HTTP request headers on the message.

package com.memorynotfound.httpclient; import org.apache.http.Header; import org.apache.http.HttpEntity; import org.apache.http.HttpHeaders; import org.apache.http.client.ClientProtocolException; import org.apache.http.client.ResponseHandler; import org.apache.http.client.methods.HttpUriRequest; import org.apache.http.client.methods.RequestBuilder; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClients; import org.apache.http.message.BasicHeader; import org.apache.http.util.EntityUtils; import java.io.IOException; import java.util.Arrays; import java.util.List; /** * This example demonstrates how to use custom http headers. */ public class HttpClientCustomHeadersExample < public static void main(String. args) throws IOException < // create custom http headers for httpclient ListdefaultHeaders = Arrays.asList( new BasicHeader("X-Default-Header", "default header httpclient")); // setting custom http headers on the httpclient CloseableHttpClient httpclient = HttpClients .custom() .setDefaultHeaders(defaultHeaders) .build(); try < // setting custom http headers on the http request HttpUriRequest request = RequestBuilder.get() .setUri("http://httpbin.org/headers") .setHeader(HttpHeaders.CONTENT_TYPE, "application/json") .setHeader(HttpHeaders.FROM, "https://memorynotfound.com") .setHeader("X-Custom-Header", "custom header http request") .build(); System.out.println("Executing request " + request.getRequestLine()); // Create a custom response handler ResponseHandlerresponseHandler = response -> < int status = response.getStatusLine().getStatusCode(); if (status >= 200 && status < 300) < HttpEntity entity = response.getEntity(); return entity != null ? EntityUtils.toString(entity) : null; >else < throw new ClientProtocolException("Unexpected response status: " + status); >>; String responseBody = httpclient.execute(request, responseHandler); System.out.println("----------------------------------------"); System.out.println(responseBody); > finally < httpclient.close(); >> >

Output

The previous application prints the following info to the console. As you can see, all the previous headers are added to the message.

Executing request GET http://httpbin.org/headers HTTP/1.1 ---------------------------------------- < "headers": < "Accept-Encoding": "gzip,deflate", "Connection": "close", "Content-Type": "application/json", "From": "https://memorynotfound.com", "Host": "httpbin.org", "User-Agent": "Apache-HttpClient/4.5.3 (Java/1.8.0_20)", "X-Custom-Header": "custom header http request", "X-Default-Header": "default http header httpclient" >>

References

Источник

Оцените статью