我想验证/验证该type3message服务器Apache httpd已从客户端浏览器接收并传递给Apache Tomcat. 我只是不知道该怎么做。
如here所述,我有以下机制。C是客户。S1是Apache httpd服务器,S2是Apache Tomcat服务器。
1. C -> S1 GET ...
2. S1 -> C 401 Unauthorized
WWW-Authenticate: NTLM
3. C -> S1 GET ... (type 1 message)
Authorization: NTLM TlRMTVNTUAABAAAAA7IAAAoACgApAAAACQAJACAAAABMSUdIVENJVFlVUlNBLU1JTk9S
4. S1 -> C 401 Unauthorized (type 2 message)
WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAAAAACgAAAABggAAU3J2Tm9uY2UAAAAAAAAAAA==
5. C -> S1 GET ... (type 3 message)
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAHIAAAAYABgAigAAABQAFABAAAAADAAMAFQAAAASABIAYAAAAAAAAACiAAAAAYIAAFUAUgBTAEEALQBNAEkATgBPAFIAWgBhAHAAaABvAGQATABJAEcASABUAEMASQBUAFkArYfKbe/jRoW5xDxHeoxC1gBmfWiS5+iX4OAN4xBKG/IFPwfH3agtPEia6YnhsADT
6. S1 -> S2 Challenge - TlRMTVNTUAACAAAAAAAAACgAAAABggAAU3J2Tm9uY2UAAAAAAAAAAA==
Token - TlRMTVNTUAADAAAAGAAYAHIAAAAYABgAigAAABQAFABAAAAADAAMAFQAAAASABIAYAAAAAAAAACiAAAAAYIAAFUAUgBTAEEALQBNAEkATgBPAFIAWgBhAHAAaABvAGQATABJAEcASABUAEMASQBUAFkArYfKbe/jRoW5xDxHeoxC1gBmfWiS5+iX4OAN4xBKG/IFPwfH3agtPEia6YnhsADT
7. S2 -> S1 Authenticated or Not Authenticated
8. S1 -> C 200 Ok or 401 Unauhorized
在Apache Tomcat服务器中,我想对用户进行身份验证。我在步骤 4challenge/type2message中将Apache httpd服务器发送到客户端,type3message客户端在步骤 5 中响应。
我正在执行以下操作,但是,我得到了一个例外。我错过了一些基本的东西,比如设置配置和/或环境,但由于某种原因,我的大脑拒绝工作。
NtlmPasswordAuthentication np = new NtlmPasswordAuthentication(t3m.getDomain(), t3m.getUser(), serverChallenge, t3m.getLMResponse(), t3m.getNTResponse());
InetAddress ia = InetAddress.getByName("domain");
UniAddress ua = new UniAddress(ia);
SmbSession.logon(ua, np); // exception is here
我做对了吗?我想对用户进行身份验证。