Initialization
Confirm Endpoint
When confirming the Endpoint configured when using SDK, you can read the part in API reference regarding API Service Domain Name, and understand Endpoint related concept. Baidu AI Cloud enables multi-region support currently, please see the description of Region Selection.
Access region | Corresponding Endpoint |
---|---|
Beijing | eip.bj.baidubce.com |
Guangzhou | eip.gz.baidubce.com |
Suzhou | eip.su.baidubce.com |
HongKong | eip.hkg.baidubce.com |
WuHan | eip.fwh.baidubce.com |
BaoDing | eip.bd.baidubce.com |
Get the Key
To use Baidu AI Cloud EIP, you need to have a valid AK (Access Key ID) and SK (Secret Access Key) for signature authentication. AK/SK is assigned by the system to users, both of which are strings, used to identify users, and perform signature authentication for accessing EIP. You can obtain and understand your AK/SK information through the following steps: Register Baidu AI Cloud Account Create AK/SK
Create EipClient/EipGroupClient/EipBpClient
EipClient is the client of Eip service, which provides a series of methods for the developer to interact with Eip service.
Create EipClient/EipGroupClient/EipBpClient with AK/SK
Access to Eip via AK/SK, and you can create a Client by reference to the following codes:
public class Sample {
public static void main(String[] args) {
String ACCESS_KEY_ID = <your-access-key-id>; // Users' Access Key ID
String SECRET_ACCESS_KEY = <your-secret-access-key>; // Users' Secret Access Key
// Initialize an EipClient
BceClientConfiguration config = new BceClientConfiguration();
config.setCredentials(new DefaultBceCredentials(ACCESS_KEY_ID, SECRET_ACCESS_KEY));
EipClient client = new EipClient(config);
// Initialize an EipGroupClient
BceClientConfiguration config = new BceClientConfiguration();
config.setCredentials(new DefaultBceCredentials(ACCESS_KEY_ID, SECRET_ACCESS_KEY));
EipGroupClient client = new EipGroupClient(config);
// Initialize an EipBpClient
BceClientConfiguration config = new BceClientConfiguration();
config.setCredentials(new DefaultBceCredentials(ACCESS_KEY_ID, SECRET_ACCESS_KEY));
EipBpClient client = new EipGroupClient(config);
}
}
In the codes above, ACCESS_KEY_ID
corresponds to "Access Key ID" in the console, SECRET_ACCESS_KEY
corresponds to "Access Key Secret" in the console, for the way of obtaining, please see "Operation Guideline Manage ACCESSKEY".
In the method above, the default domain name is used as Eip service address, and if you need to specify the domain name by yourself, you can specify it by introducing ENDPOINT parameter.
String ACCESS_KEY_ID = <your-access-key-id>; // Users' Access Key ID
String SECRET_ACCESS_KEY = <your-secret-access-key>; // Users' Secret Access Key
String ENDPOINT = <domain-name>; // You specify your own name
BceClientConfiguration config = new BceClientConfiguration();
config.setCredentials(new DefaultBceCredentials(ACCESS_KEY_ID,SECRET_ACCESS_KEY));
config.setEndpoint(ENDPOINT);
EipClient client = new EipClient(config);
EipGroupClient client = new EipGroupClient(config);
EipBpClient client = new EipBpClient(config);
Note: The
ENDPOINT
parameter can only be defined with the specified domain name of the areas included. If not specified, it defaults to the Beijing area (http://eip.bj.baidubce.com
).
Create EipClient/EipGroupClient/EipBpClient with STS
Apply for STS Token
EIP can implement temporary authorized access by a third party through the STS mechanism. STS (Security Token Service) is a temporary authorization service provided by Baidu AI Cloud. With STS, you can issue a third-party user with a custom time-based and privileged access credential. The third-party user can use the access credential to directly call API or SDK of Baidu AI Cloud to access its resources.
To access to EIP via STS, you need to apply for an authentication string via client of STS, for the application method, please see Introduction to Use of Baidu AI Cloud (STS).
Create EipClient with STS Token
After applying for STS, you can configure STStoken to EipClient, and you can create an EipClient by reference to the following codes:
public class StsExample {
private static final String STS_ENDPOINT = "http://sts.bj.baidubce.com";
private static final String ACCESS_KEY_ID = "your accesskey id";
private static final String SECRET_ACCESS_KEY = "your secret accesskey";
public static void main(String[] args) {
BceCredentials credentials = new DefaultBceCredentials(ACCESS_KEY_ID, SECRET_ACCESS_KEY);
StsClient client = new StsClient(
new BceClientConfiguration().withEndpoint(STS_ENDPOINT).withCredentials(credentials)
);
GetSessionTokenResponse response = client.getSessionToken(new GetSessionTokenRequest());
// or simply call:
// GetSessionTokenResponse response = client.getSessionToken();
// or you can specify limited permissions with ACL:
// GetSessionTokenResponse response = client.getSessionToken(new GetSessionTokenRequest().withAcl("blabla"));
// build DefaultBceSessionCredentials object from response:
BceCredentials eipStsCredentials = new DefaultBceSessionCredentials(
response.getAccessKeyId(),
response.getSecretAccessKey(),
response.getSessionToken());
System.out.println("==================================");
System.out.println("GetSessionToken result:");
System.out.println(" accessKeyId: " + response.getAccessKeyId());
System.out.println(" secretAccessKey: " + response.getSecretAccessKey());
System.out.println(" securityToken: " + response.getSessionToken());
System.out.println(" expiresAt: " + response.getExpiration().toString());
System.out.println("==================================");
// build eip client
BceClientConfiguration config = new BceClientConfiguration();
config.setCredentials(eipStsCredentials);
EipClient eipClient = new EipClient(config);
EipGroupClient client = new EipGroupClient(config);
EipBpClient client = new EipBpClient(config);
}
}
Note: When you configure client with STS currently, wherever the endpoint in the corresponding EIP service is, endpoint needs to be configured as
http://sts.bj.baidubce.com
.
Configure HTTPS Protocol to Access to Eip/EipGroup/EipBp
EIP supports HTTPS transmission protocol, and you can access to EIP service with HTTPS in EIP Java SDK in the following 2 ways.
- Indicate https in endpoint
String endpoint = "https://eip.bj.baidubce.com";
String ak = "ak";
String sk = "sk";
BceClientConfiguration config = new BceClientConfiguration();
config.setCredentials(new DefaultBceCredentials(ak, sk));
EipClient client = new EipClient(config);
EipGroupClient client = new EipGroupClient(config);
EipBpClient client = new EipBpClient(config);
- Set the https protocol by calling the setProtocol method
String endpoint = "eip.bj.baidubce.com"; // endpoint does not contain protocol
String ak = "ak";
String sk = "sk";
BceClientConfiguration config = new BceClientConfiguration();
config.setCredentials(new DefaultBceCredentials(ak, sk));
config.setEndpoint(ENDPOINT);
config.setProtocol(Protocol.HTTPS); // if it is not specified, use http
EipClient client = new EipClient(config);
EipGroupClient client = new EipGroupClient(config);
EipBpClient client = new EipBpClient(config);
Note: If protocol is indicated in endpoint, the entry in endpoint takes effect, and a separate call to setProtocol () does not work.
String endpoint = "http://eip.bj.baidubce.com";
String ak = "ak";
String sk = "sk";
BceClientConfiguration config = new BceClientConfiguration();
config.setCredentials(new DefaultBceCredentials(ak, sk));
config.setEndpoint(ENDPOINT);
config.setProtocol(Protocol.HTTPS); // it has been indicated in endpoint that this is an invalid operation, which also applies to http.
EipClient client = new EipClient(config);
EipGroupClient client = new EipGroupClient(config);
EipBpClient client = new EipBpClient(config);
Configure EipClient/EipGroupClient/EipBpClient
If you need to configure some detailed parameters of EipClient, you can introduce BceClientConfiguration parameter when constructing EipClient, and you can configure agent, maximum connections and other parameters for the client.
Use Agent
The following codes enable the client to access to EIP service with agent.
String ACCESS_KEY_ID = <your-access-key-id>; // Users' Access Key ID
String SECRET_ACCESS_KEY = <your-secret-access-key>; // Users' Secret Access Key
String ENDPOINT = <domain-name>; // You specify your own name
// Create BceClientConfiguration instance
BceClientConfiguration config = new BceClientConfiguration();
// Configure the agent as local 8080 port
config.setProxyHost("127.0.0.1");
config.setProxyPort(8080);
// Create EIP client
config.setCredentials(new DefaultBceCredentials(ACCESS_KEY_ID,SECRET_ACCESS_KEY));
config.setEndpoint(ENDPOINT);
EipClient client = new EipClient(config);
EipGroupClient client = new EipGroupClient(config);
EipBpClient client = new EipBpClient(config);
Using the code segment above, all operations of client are executed as an agent via the 8080 port of 127.0.0.1 address.
For the agent with user authentication, the following code segment can be used to configure username and password:
// Create BceClientConfiguration instance
BceClientConfiguration config = new BceClientConfiguration();
// Configure the agent as local 8080 port
config.setProxyHost("127.0.0.1");
config.setProxyPort(8080);
// Set username and password
config.setProxyUsername(<username>); //Username
config.setProxyPassword(<password>); // Password
Set Network Parameters
You can set the basic network parameters with BceClientConfiguration.
BceClientConfiguration config = new BceClientConfiguration();
// Set maximum connections of HTTP as 10.
config.setMaxConnections(10);
// Set TCP connection timeout as 5,000ms.
config.setConnectionTimeout(5000);
// Set the time of Socket transmission data timeout as 2,000ms.
config.setSocketTimeout(2000);
Parameter description All parameters that can be specified via BceClientConfiguration are listed as follows:
Parameter | Description |
---|---|
UserAgent | User agent, referring to the HTTP User-Agent header |
Protocol | Connection protocol type |
ProxyDomain | Windows domain name for access to NTLM verified proxy server |
ProxyHost | Proxy server host address |
ProxyPort | Proxy server port |
ProxyUsername | User name for proxy server authentication |
ProxyPassword | Password for proxy server authentication |
ProxyPreemptiveAuthenticationEnabled | Whether to set up user agent authentication |
ProxyWorkstation | Windows workstation name of the NTLM proxy server |
LocalAddress | Local address |
ConnectionTimeoutInMillis | Timeout for establishing a connection (unit: millisecond) |
SocketTimeoutInMillis | Timeout for transmitting data over open connections (unit: millisecond) |
MaxConnections | Maximum number of HTTP connections allowed to open |
RetryPolicy | Connection retry policy |
SocketBufferSizeInBytes | Socket buffer size |