0

一段时间以来,我一直在尝试为 jython 找到一种使用 NTLM 访问站点的方法。我只有 python 的基本知识,在 java 中几乎没有,所以我可以使用一些帮助(或示例)如何在我找到的这个脚本部分中使请求使用 NTLM。我将它与开源应用程序磨床一起使用。

首先,我从在脚本中导入 jcifs 以及磨床使用的其他文件开始:

from net.grinder.script import Test
from net.grinder.script.Grinder import grinder
from net.grinder.plugin.http import HTTPPluginControl, HTTPRequest
from HTTPClient import NVPair

from jcifs.ntlmssp import Type1Message
from jcifs.ntlmssp import Type2Message, Type3Message
from jcifs.util import Base64

此代码部分在我找到的示例中提供。这是我能找到的最适合我的需求,因为我只需要得到对请求的完整响应。

def NTLMAuthentication1(url, request, info, NTLMfield):
    token_type1 = info.token_type1()

    params = (NVPair("Authorization", "NTLM "+token_type1), )
    result = request.GET(url, None, params)
    NTLMfield = result.getHeader("WWW-Authenticate")
    return NTLMAuthentication2(url, request, info, NTLMfield)

def NTLMAuthentication2(url, request, info, NTLMfield):
    if NTLMfield.startswith("Negotiate"):
        token_type2 = NTLMfield[len("Negotiate "):]
    else:
        token_type2 = NTLMfield[5:]

    token_type3 = info.token_type3(token_type2)
    params = (NVPair("Cookie", "WSS_KeepSessionAuthenticated=80"),
              NVPair("Authorization", "NTLM " + token_type3), )
    result = request.GET(url, None, params)
    return result

# this function validate request and its result to see if the NTLM authentication is required
def NTLMAuthentication(lastResult, request, info):
    # get last http request's url
    url = lastResult.getEffectiveURI().toString()[len(request.getUrl()):]

    # The result is ask for authentication
    if lastResult.statusCode != 401 and lastResult.statusCode != 407:
        return lastResult

    NTLMfield = lastResult.getHeader("WWW-Authenticate")
    if NTLMfield == None:
        return lastResult

    # check it is the first shakehands
    if NTLMfield == "Negotiate, NTLM" or NTLMfield == "NTLM":
        return NTLMAuthentication1(url, request, info, NTLMfield)

    # check it is the second shakehands
    elif len(NTLMfield) > 4 and NTLMfield[:4] == "NTLM":
        return NTLMAuthentication2(url, request, info, NTLMfield)

    else:
        return lastResult

class NTLMAuthenticationInfo:
    def __init__(self, domain, host, user, passwd):
        self.domain = 'domain'
        self.host = 'host'
        self.user = 'user'
        self.passwd = 'password' 

    def token_type1(self):
        msg = Type1Message(Type1Message.getDefaultFlags(), self.domain, self.host)
        return Base64.encode(msg.toByteArray())

    def token_type3(self, token_type2):
        msg2 = Type2Message(Base64.decode(token_type2))

#if jcifs 1.3.7 using msg3 = Type3Message(msg2, self.passwd, self.domain, self.user, self.host)
        msg3 = Type3Message(msg2, self.passwd, self.domain, self.user, self.host)
        return Base64.encode(msg3.toByteArray())

在主要部分,请求看起来像这样:

result = request101.GET('/')

其中 request101 已使用 URL 和标头预定义。所以,基本上,我不知道如何实现

我试过这个

result = request101.GET('/')
print str(NTLMAuthentication(result, request101, NTLMAuthenticationInfo))

以及这个

 NTLMAuthentication(request101.GET('/'), request101, NTLMAuthenticationInfo)

但这些都不起作用。关于如何运行它的任何提示?

4

1 回答 1

1

试试这个

ai = NTLMAuthenticationInfo("domain", "your host", "user", "password")
result = request101.GET('/')
result = NTLMAuthentication(result, request101, ai)
于 2012-06-09T00:56:54.267 回答