我目前正在使用Java创建一个桌面应用的认证服务器,并已经成功实现了客户端和服务器之间类似于聊天服务器/客户端的通信。
我知道我只完成了一小部分工作,还有很多事情要学习,但现在我想知道如何进行身份验证。
例如,这是服务器端的代码:
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.IOException;
import java.io.PrintWriter;
import java.net.ServerSocket;
import java.net.Socket;
public class LoginServer
{
public static void main(String[] args) throws Exception {
int port = 7000;
int id = 1;
ServerSocket loginserver = null;
try
{
loginserver = new ServerSocket(port);
System.out.println("LoginServer started...");
}
catch (IOException e) {
System.out.println("Could not listen on port: " + port);
System.exit(-1);
}
while (true)
{
Socket clientSocket = loginserver.accept();
ClientServiceThread cliThread = new ClientServiceThread(clientSocket, id++);
cliThread.start();
}
}
}
class ClientServiceThread extends Thread
{
Socket clientSocket;
int clientID = -1;
boolean running = true;
ClientServiceThread(Socket s, int i)
{
clientSocket = s;
clientID = i;
}
public void run()
{
System.out.println("Accepted Client : ID - " + clientID + " : Address - " + clientSocket.getInetAddress().getHostName());
try
{
BufferedReader in = new BufferedReader(new InputStreamReader(clientSocket.getInputStream()));
PrintWriter out = new PrintWriter(new OutputStreamWriter(clientSocket.getOutputStream()));
while (running)
{
String clientCommand = in.readLine();
System.out.println("Client Says :" + clientCommand);
if (clientCommand.equalsIgnoreCase("quit"))
{
running = false;
System.out.print("Stopping client thread for client : " + clientID);
}
else
{
out.println(clientCommand);
out.flush();
}
}
}
catch (Exception e)
{
e.printStackTrace();
}
}
}
如您所见,我读取客户端发送的内容并将其输出到控制台,同时检查客户端是否发送了退出命令。
我想知道如何做到只有在用户和密码被发送后,客户端才能连接到它?
或者,我应该始终接收初始连接,并从那里接收验证信息,如果客户端在3秒内没有发送,则断开连接?
接收新连接并对用户进行身份验证的正确方法是什么?