我正在编写一个 DLL,该 DLL 具有在不使用用户密码的情况下仅使用用户主体名称 (UPN) 获取 Alfresco 登录票的功能。我正在调用 alfresco REST API 服务/wcservice。我在露天使用 NTLM。
我正在使用WindowsIdentity
构造函数来模拟用户,如此处所述http://msdn.microsoft.com/en-us/library/ms998351.aspx#paght000023_impersonatingbyusingwindowsidentity。我检查并正确模拟了用户(我检查了WindowsIdentity.GetCurrent().Name
属性)。
模拟用户后,我尝试HttpWebRequest
使用CredentialsCache.DefaultNetworkCredentials
. 我得到错误:
The remote server returned an error: (401) Unauthorized.
at System.Net.HttpWebRequest.GetResponse()
当我new NetworkCredential("username", "P@ssw0rd")
用来设置请求凭据时,我得到了 Alfresco 登录票 ( HttpStatusCode.OK
, 200)。
有没有什么方法可以在没有用户密码的情况下获得 Alfresco 登录票?
这是我正在使用的代码:
private string GetTicket(string UPN) {
WindowsIdentity identity = new WindowsIdentity(UPN);
WindowsImpersonationContext context = null;
try {
context = identity.Impersonate();
MakeWebRequest();
}
catch (Exception e) {
return e.Message + Environment.NewLine + e.StackTrace;
}
finally {
if (context != null) {
context.Undo();
}
}
}
private string MakeWebRequest() {
string URI = "http://alfrescoserver/alfresco/wcservice/mg/util/login";
HttpWebRequest request = WebRequest.Create(URI) as HttpWebRequest;
request.CookieContainer = new CookieContainer(1);
//request.Credentials = new NetworkCredential("username", "p@ssw0rd"); // It works with this
request.Credentials = CredentialCache.DefaultNetworkCredentials; // It doesn’t work with this
//request.Credentials = CredentialCache.DefaultCredentials; // It doesn’t work with this either
try {
using (HttpWebResponse response = request.GetResponse() as HttpWebResponse) {
StreamReader sr = new StreamReader(response.GetResponseStream());
return sr.ReadToEnd();
}
}
catch (Exception e) {
return (e.Message + Environment.NewLine + e.StackTrace);
}
}
以下是来自 Alfresco stdout.log 的记录(如果有任何帮助):
17:18:04,550 DEBUG [app.servlet.NTLMAuthenticationFilter] Processing request: /alfresco/wcservice/mg/util/login SID:7453F7BD4FD2E6A61AD40A31A37733A5
17:18:04,550 DEBUG [web.scripts.DeclarativeRegistry] Web Script index lookup for uri /mg/util/login took 0.526239ms
17:18:04,550 DEBUG [app.servlet.NTLMAuthenticationFilter] New NTLM auth request from 10.**.**.** (10.**.**.**:1229)
17:18:04,566 DEBUG [app.servlet.NTLMAuthenticationFilter] Processing request: /alfresco/wcservice/mg/util/login SID:7453F7BD4FD2E6A61AD40A31A37733A5
17:18:04,566 DEBUG [web.scripts.DeclarativeRegistry] Web Script index lookup for uri /mg/util/login took 0.400909ms
17:18:04,566 DEBUG [app.servlet.NTLMAuthenticationFilter] Received type1 [Type1:0xe20882b7,Domain:<NotSet>,Wks:<NotSet>]
17:18:04,566 DEBUG [app.servlet.NTLMAuthenticationFilter] Client domain null
17:18:04,675 DEBUG [app.servlet.NTLMAuthenticationFilter] Sending NTLM type2 to client - [Type2:0x80000283,Target:AlfrescoServerA,Ch:197e2631cc3f9e0a]