这种方法很简单,不过有些不方便的地方,如果你的产品中需要连接不同的Proxy服务器,而他们的用户名密码是不一样的,那么这个方法就不适用了。
基于ThreadLocal的Authenticator
public class ThreadLocalProxyAuthenticator extends Authenticator{
private ThreadLocal<PasswordAuthentication> credentials = null;
private static class SingletonHolder {
private static final ThreadLocalProxyAuthenticator instance = new ThreadLocalProxyAuthenticator();
}
public static final ThreadLocalProxyAuthenticator getInstance() {
return SingletonHolder.instance;
}
public void setCredentials(String user, String password) {
credentials.set(new PasswordAuthentication(user, password.toCharArray()));
}
public static void clearCredentials() {
ThreadLocalProxyAuthenticator authenticator = ThreadLocalProxyAuthenticator.getInstance();
Authenticator.setDefault(authenticator);
authenticator.credentials.set(null);
}
public PasswordAuthentication getPasswordAuthentication() {
return credentials.get();
}
}
这个类意味着,授权信息只会保存到当前调用者的线程中,其他线程的调用者无法访问,在创建Socket的线程中设置密钥和清理密钥,就可以做到授权按照Socket连接进行隔离。Java TheadLocal相关知识本文不赘述。
按连接隔离的授权
class ProxyHttpClient extends CloseableHttpClient{
private CloseableHttpClient httpClient;
public ProxyHttpClient(CloseableHttpClient httpClient){
this.httpClient=httpClient;
}
protected CloseableHttpResponse doExecute(HttpHost target, HttpRequest request, HttpContext context) throws IOException, ClientProtocolException {
ProxyConfig proxyConfig = //这里获取当前连接的代理配置信息
boolean clearCredentials = false;
if (proxyConfig != null) {
if (context == null) {
context = HttpClientContext.create();
}
context.setAttribute(ProxyConfigKey, proxyConfig);
if (proxyConfig.getAuthentication() != null) {
ThreadLocalProxyAuthenticator.setCredentials(proxyConfig.getAuthentication());//设置授权信息
clearCredentials = true;
}
}
try {
return httpClient.execute(target, request, context);
} finally {
if (clearCredentials) {//清理授权信息
ThreadLocalProxyAuthenticator.clearCredentials();
}
}
}
}
另外,线程是可以复用的,因为每次调用完毕后,都清理了授权信息。
这里有个一POJO类ProxyConfig,保存的是socks代理的IP端口和用户密码信息。
public class ProxyConfig {
private Proxy proxy;
private PasswordAuthentication authentication;
}