3

I am using eclipse to develop 2 parts of an application.

The web part provides REST services and requests to the services are filtered using waffle.servlet.NegotiateSecurityFilter which extracts the Windows login information to identify the user.

The client part uses HttpURLConnection to send requests to the web part. As I understand it, the Ntlm information is automatically packed into the request.

While I was testing this in eclipse, it worked fine. When I deployed the client JAR it did not work. I get a 401 Not Authenticated.

After a bit of investigation I found that I can reproduce this in eclipe by setting the execution environment to a JRE instead of the default which is a JDK.

I have JRE "1.8.0_201" and JDK "1.8.0_161" installed.

So, simply by changing the execution environment from JRE to JDK I can get the connection to authenticate.

What does the JDK do differently and what can I do to get the client to work with a JRE?

4

2 回答 2

3

我认为如何在调用任何 url 时提供 ntlm 身份验证的第一个答案?可以回答这个问题。在 Java 8u201 中,有一个新的 JRE 选项jdk.http.ntlm.transparentAuth,默认设置为禁用

于 2019-03-07T12:58:54.933 回答
2

我没有找到 JRE 和 JDK 之间的区别。相反,我发现了这个解决方法。

<!-- https://mvnrepository.com/artifact/org.apache.httpcomponents/httpclient -->
<dependency>
    <groupId>org.apache.httpcomponents</groupId>
    <artifactId>httpclient</artifactId>
    <version>4.5.7</version>
</dependency>

<!-- https://mvnrepository.com/artifact/org.apache.httpcomponents/httpclient-win -->
<dependency>
    <groupId>org.apache.httpcomponents</groupId>
    <artifactId>httpclient-win</artifactId>
    <version>4.5.7</version>
</dependency>

示例代码

        if (!WinHttpClients.isWinAuthAvailable()) {
            log.warn("Integrated Win auth is not supported!!!");
        }

        // There is no need to provide user credentials
        // HttpClient will attempt to access current user security context through
        // Windows platform specific methods via JNI.
        try (CloseableHttpClient httpclient = WinHttpClients.createDefault()) {
            HttpGet httpget = new HttpGet(getRestUrl().toURI());

            log.debug("Executing request " + httpget.getRequestLine());

            try (CloseableHttpResponse response = httpclient.execute(httpget)) {
                int status = response   .getStatusLine()
                                        .getStatusCode();
                if (status != 200) {
                    log.error("HTTP error " + status);
                    throw new RuntimeException("Failed : HTTP error code : " + status);
                }

                Type listType = new TypeToken<HashMap<String, App>>() {
                }.getType();
                return new Gson().fromJson(new InputStreamReader(response   .getEntity()
                                                                            .getContent(),
                        "UTF-8"), listType);
            }
        }
于 2019-02-07T11:07:23.297 回答