HttpClient

HttpClient是封裝Http Request行為的Library。我用這個Library已經很久了，網路上可以找到不少教學；因此這裡我只記載一些我自己嘗試的東西。

最近在評估某個功能剛好談到SSL，也講到hostname的驗證，所以好奇試驗一下HttpClient是否有做hostname驗證。我拿臉書URL做測試:

	public static void main(String[] args) throws ClientProtocolException,
			IOException {
		HttpClient httpclient = null;
		try {
			httpclient = new DefaultHttpClient();
 
			HttpGet get = new HttpGet("https://31.13.95.36/");
 
			HttpResponse response = httpclient.execute(get);
			System.out.println(response.getStatusLine().getStatusCode());
		} finally {
			HttpClientUtil.shutdownHttpClient(httpclient);
		}
	}

如果是直接用它的domain name會正常；用ip則會出現以下例外，也證明它是有做hostname的驗證的。

Exception in thread "main" javax.net.ssl.SSLException: hostname in certificate didn't match: <31.13.95.36> != <*.facebook.com>
	at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:228)
	at org.apache.http.conn.ssl.BrowserCompatHostnameVerifier.verify(BrowserCompatHostnameVerifier.java:54)
	at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:149)
	at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:130)
	at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:397)
	at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148)
	at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:150)
	at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)
	at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:575)
	at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:425)
	at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
	at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754)
	at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:732)
	at org.tonylin.stock.dao.DatabaseStockDaoTest.main(DatabaseStockDaoTest.java:56)