Login on website with java

2019-01-23 09:48发布

问题:

I would like to login to a website with java. I use the org.apache.http and I already written

HttpClient client = new DefaultHttpClient();
HttpPost post = new HttpPost("https://accounts.google.com/ServiceLogin?      service=mail&passive=true&rm=false&continue=https%3A%2F%2Fmail.google.com%2Fmail%2F%3Fhl%3Dsl%26tab%3Dwm%26ui%3Dhtml%26zy%3Dl&bsv=llya694le36z&scc=1&ltmpl=default&");
try {
List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>(1);
nameValuePairs.add(new BasicNameValuePair("vb_login_username",
                    "XXX"));
nameValuePairs.add(new BasicNameValuePair("vb_login_password",
                    "XXX"));
post.setEntity(new UrlEncodedFormEntity(nameValuePairs));
HttpResponse response = client.execute(post);
BufferedReader rd = new BufferedReader(new InputStreamReader(response.getEntity().getContent()));
String line = "";
while ((line = rd.readLine()) != null) {
System.out.println(line);
            }
} catch (IOException e) {
e.printStackTrace();
        }

It sends the post form correctly i have tested, though i still cant login. The website I want to login is http://www.xtratime.org/forum/ Any ideas for this or is there a different way?

回答1:

<form action="login.php?do=login" method="post" 
    onsubmit="md5hash(vb_login_password, vb_login_md5password, 
        vb_login_md5password_utf, 0)">
  • Before submit the page encode the password (onsubmit). You should do the same in the code.

  • The value of the action attribute does not match with your code (https://accounts.google.com...). You should send the post request to the login.php?do=login.

And there are a lot of hidden fields:

<input type="hidden" name="s" 
    value="b804473163cb55dce0d43f9f7c41197a" />

<input type="hidden" name="securitytoken" 
    value="0dcd78b4c1a376232b62126e7ad568e0d1213f95" />

<input type="hidden" name="do" value="login" />     

<input type="hidden" name="vb_login_md5password" />

<input type="hidden" name="vb_login_md5password_utf" />

You should send these parameters too.

Usually it's easier to install an HttpFox Firefox Add-on an inspect the request for the post parameters than decoding the javascript.

My browser sends these post parameters (captured with HttpFox, the password is pass1):

vb_login_username: user1
vb_login_password:
s: 5d8bd41a83318e683de9c55a38534407
securitytoken: 0dcd78b4c1a376232b62126e7ad568e0d1213f95
do: login
vb_login_md5password: a722c63db8ec8625af6cf71cb8c2d939
vb_login_md5password_utf: a722c63db8ec8625af6cf71cb8c2d939

Edit:

The following works for me, I can get the "Thank you for logging in" message in the printed html code:

final HttpClient client = new DefaultHttpClient();
final HttpPost post = new HttpPost(
        "http://www.xtratime.org/forum/login.php?do=login");
try {
    final List<NameValuePair> nameValuePairs = 
        new ArrayList<NameValuePair>(1);
    nameValuePairs.add(new BasicNameValuePair("vb_login_username",
            "my user"));
    nameValuePairs.add(new BasicNameValuePair("vb_login_password", ""));
    nameValuePairs.add(new BasicNameValuePair("s", ""));
    nameValuePairs.add(new BasicNameValuePair("securitytoken",
            "inspected with httpfox, like f48d01..."));
    nameValuePairs.add(new BasicNameValuePair("do", "login"));
    nameValuePairs.add(new BasicNameValuePair("vb_login_md5password",
            "inspected with httpfox, like 8e6ae1..."));
    nameValuePairs.add(new BasicNameValuePair(
            "vb_login_md5password_utf",
            "inspected with httpfox, like 8e6ae1..."));

    post.setEntity(new UrlEncodedFormEntity(nameValuePairs));
    final HttpResponse response = client.execute(post);
    final BufferedReader rd = new BufferedReader(new InputStreamReader(
            response.getEntity().getContent()));
    String line = "";
    while ((line = rd.readLine()) != null) {
        System.out.println(line);
    }
} catch (final IOException e) {
    e.printStackTrace();
}


回答2:

I suggest you to use htmlunit:

HtmlUnit is a "GUI-Less browser for Java programs". It models HTML documents and provides an API that allows you to invoke pages, fill out forms, click links, etc... just like you do in your "normal" browser.

It has fairly good JavaScript support (which is constantly improving) and is able to work even with quite complex AJAX libraries, simulating either Firefox or Internet Explorer depending on the configuration you want to use.

It is typically used for testing purposes or to retrieve information from web sites.