我正在尝试从 Java 应用程序访问SharePoint网站。SharePoint 服务器首选 Kerberos 身份验证。您能否提供一个仅实现 Kerberos 身份验证的示例?
Sridevi
问问题
10767 次
3 回答
7
So just to help you broaden your search for answers a bit, there's nothing SharePoint-specific about the Kerberos authentication used here. In fact SharePoint doesn't really have it's own authentication mechanisms (at least assuming we're talking about WSS 3/MOSS here). It just relies on the underlying ASP.NET/IIS authentication capabilities.
Sooo, if you're running your Java ausing a modern JDK, you'll probably have an easy time. See the docs on HTTP authentication mechanisms. There's some nice code snippets in there. One of which I'll reproduce for reference here. Really though, check out the link.
import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.Authenticator;
import java.net.PasswordAuthentication;
import java.net.URL;
public class RunHttpSpnego {
static final String kuser = "username"; // your account name
static final String kpass = "password"; // your password for the account
static class MyAuthenticator extends Authenticator {
public PasswordAuthentication getPasswordAuthentication() {
// I haven't checked getRequestingScheme() here, since for NTLM
// and Negotiate, the usrname and password are all the same.
System.err.println("Feeding username and password for " + getRequestingScheme());
return (new PasswordAuthentication(kuser, kpass.toCharArray()));
}
}
public static void main(String[] args) throws Exception {
Authenticator.setDefault(new MyAuthenticator());
URL url = new URL(args[0]);
InputStream ins = url.openConnection().getInputStream();
BufferedReader reader = new BufferedReader(new InputStreamReader(ins));
String str;
while((str = reader.readLine()) != null)
System.out.println(str);
}
}
于 2009-02-27T03:22:27.360 回答
5
这是开源SPNEGO HTTP Servlet 过滤器库的 Java 文档中的一个示例。
该库有一个客户端,可以连接到启用了集成 Windows 身份验证的 Web 服务器。
该项目还包含有关如何为 Kerberos/SPNEGO 身份验证设置环境的示例。
public static void main(final String[] args) throws Exception {
System.setProperty("java.security.krb5.conf", "krb5.conf");
System.setProperty("sun.security.krb5.debug", "true");
System.setProperty("java.security.auth.login.config", "login.conf");
SpnegoHttpURLConnection spnego = null;
try {
spnego = new SpnegoHttpURLConnection("spnego-client", "dfelix", "myp@s5");
spnego.connect(new URL("http://medusa:8080/index.jsp"));
System.out.println(spnego.getResponseCode());
} finally {
if (null != spnego) {
spnego.disconnect();
}
}
}
于 2009-11-16T18:38:07.267 回答
0
对于 Kerberos 设置,我认识 3 个人,他们之间了解有关 Kerb 的所有信息:Spence Harbar、Bob Fox 和 Tom Wisnowski。
Spence 还在酝酿使用 Kerberos 向导来设置 Curb 和导出设置脚本。
在这里查看他的博客: http ://www.harbar.net/
Tom Wiznowski 已经发出了一份白皮书。 http://my/sites/tomwis/Shared%20Documents/Configuring%20Kerberos%20for%20SharePoint.docx
乔尔奥尔森在这里得到了一篇好文章: http ://www.sharepointjoel.com/Lists/Posts/Post.aspx?ID=2
但是当上面说的时候,SharePoint 只在公司已经使用它的时候推荐 Curb。您不应仅仅因为 SharePoint 而在公司网络上安装 Kerberos。Kerberos 的设置很复杂,尽管它通常被认为比 NTLM 更快,但只有当您的站点上的同时用户数达到一定限制时才会如此。对于低流量站点,Kerberos 通过网络发送的大量令牌实际上使其比 NTLM 慢。
当然有些功能只能与 Kerberos 一起使用(rss 提要、excel 服务中的多维数据集、由于双跳而在自定义代码中对 Web 服务调用的身份验证)但是当我说 NTLM 会很好地运行你的苔藓也。
说到上面的内容,您能否指定您尝试从您的 Java 应用程序中实现什么样的集成?
您只是想调用 SharePoint 的 Web 服务层吗?
安德斯拉斯克
于 2009-02-26T21:59:27.807 回答