10

这里的问题是在客户端使用 Apache HttpClient 时消耗具有 NTLM 身份验证的 Web 资源。我遇到的问题是强制客户端使用 NTLM 身份验证。这是一个代码示例。

DefaultHttpClient httpclient = new DefaultHttpClient();
httpclient.getAuthSchemes().register("ntlm",new NTLMSchemeFactory());
NTCredentials creds = new NTCredentials("_myUSer_","_myPass_","_myWorkstation_","_myDomain_");
httpclient.getCredentialsProvider().setCredentials( new AuthScope("serverName",80), creds);
List<String> authpref = new ArrayList<String>();
authpref.add(AuthPolicy.NTLM);
httpclient.getParams().setParameter(AuthPNames.PROXY_AUTH_PREF, authpref);
HttpHost target = new HttpHost("serverName", 80, "http");
HttpGet httpget = new HttpGet("webResource");
HttpContext localContext = new BasicHttpContext();
HttpResponse response = httpclient.execute(target, httpget, localContext);

这是来自Java的错误:

org.apache.http.client.protocol.RequestTargetAuthentication process
SEVERE: Authentication error: Invalid name provided (Mechanism level: Could not load configuration file C:\WINDOWS\krb5.ini (The system cannot find the file specified))

Web 服务器响应是一个401.

关于为什么没有正确设置身份验证策略的任何想法?我在代码中遗漏了什么吗?

4

4 回答 4

5

我有类似的情况,我怀疑您设置了错误的参数:AuthPNames.PROXY_AUTH_PREF。我使用 AuthPNames.TARGET_AUTH_PREF,一切似乎都正常。

于 2011-09-22T12:22:02.993 回答
2

这是我对这个问题的解决方案:“evandongen”是正确的。

请注意 URIBuilder 的使用。

String username = "uid";
String pwd = "pwd";
String servername = "www.someserver.com";
String workstation = "myworkstation";
String domain = "somedomain";
String relativeurl = "/util/myservice.asmx";

String oldimagePath = "\\mypath\\image.jpg";

DefaultHttpClient httpclient = new DefaultHttpClient();

try {
    httpclient.getAuthSchemes().register("ntlm",new NTLMSchemeFactory());
    NTCredentials creds = new NTCredentials(username,pwd,workstation,domain);

        httpclient.getCredentialsProvider().setCredentials(new AuthScope(servername,80), creds);

        List authpref = new ArrayList();

        authpref.add(AuthPolicy.NTLM);

        URIBuilder builder = new URIBuilder();
        builder.setScheme("http")
            .setHost(servername)
            .setPath(relativeurl + "/DeleteImage")
            .setParameter("imagePath", oldimagePath);
        URI uri = builder.build();

        httpclient.getParams().setParameter(AuthPNames.TARGET_AUTH_PREF, authpref);
        HttpHost target = new HttpHost(servicename, 80, "http");
        HttpGet httpget = new HttpGet(uri);

        HttpContext localContext = new BasicHttpContext();

        HttpResponse response1 = httpclient.execute(target, httpget, localContext);

        BufferedReader reader = new BufferedReader(new InputStreamReader(response1.getEntity().getContent())); 

        String line = reader.readLine(); 
        while (line != null) 
        { 
            System.out.println(line);
            line = reader.readLine(); 
        } 

} catch (Exception e) {
    System.out.println("Exception:"+e.toString());
} finally {
    // End
}
于 2013-03-04T10:10:56.087 回答
0

我认为这是由于缺陷,请参见此处

于 2011-07-15T13:52:38.877 回答
0

HttpClient 对我不起作用,但下面的代码片段可以。参考 - http://docs.oracle.com/javase/7/docs/technotes/guides/net/http-auth.html

    public static String getResponse(String url, String userName, String password) throws IOException {
    Authenticator.setDefault(new Authenticator() {
      @Override
      public PasswordAuthentication getPasswordAuthentication() {
        System.out.println(getRequestingScheme() + " authentication");
        return new PasswordAuthentication(userName, password.toCharArray());
      }
    });

    URL urlRequest = new URL(url);
    HttpURLConnection conn = (HttpURLConnection) urlRequest.openConnection();
    conn.setDoOutput(true);
    conn.setDoInput(true);
    conn.setRequestMethod("GET");

    StringBuilder response = new StringBuilder();
    InputStream stream = conn.getInputStream();
    BufferedReader in = new BufferedReader(new InputStreamReader(stream));
    String str = "";
    while ((str = in.readLine()) != null) {
      response.append(str);
    }
    in.close();

    return response.toString();
  }
于 2017-03-25T21:14:41.363 回答