NTLM身份验证的客户端资源发布失败。 适用于Apache中的基本身份验证
[英]Client resource post fails for NTLM authentication. Works for Basic Authentication in apache
问题描述
I have the following code to make a POST request to the server. 
我有以下代码向服务器发出POST请求。 However, the web server can be either Apache or IIS. 但是,Web服务器可以是Apache或IIS。
Client client = new Client(new Context(), Protocol.HTTP);
ClientResource resource = new ClientResource(url);
resource.setRetryOnError(false);
resource.setNext(client);
resource.setChallengeResponse(ChallengeScheme.HTTP_BASIC,userName,pwd);
response = resource.post(representation);
The following code works for apache but fails for IIS with the following error: 以下代码适用于apache,但不适用于IIS,并显示以下错误:
WARNING: Couldn't find any helper support the HTTP_NTLM challenge scheme.
WARNING: Couldn't find any helper support the HTTP_Negotiate challenge scheme.
Exception in thread "main" Unauthorized (401) - The request requires user authentication
Probably the reason is that apache uses basic authentication and IIS uses NTML. 原因可能是apache使用基本身份验证,而IIS使用NTML。 The first try was obviously to change the challenge scheme in case of IIS to NTLM as shown below but got the same error (also I have already added the net extension for restlet jar). 显然,第一个尝试是在将IIS更改为NTLM的情况下将质询方案更改为如下所示,但出现了相同的错误(另外,我已经为restlet jar添加了网络扩展名)。
resource.setChallengeResponse(ChallengeScheme.HTTP_NTLM, userName, pwd);
Also, I think there is a way using the Apache http client (NTCredentials) class but I would still like to use the restlet jars to avoid making lots of changes to existing code. 另外,我认为有一种使用Apache http客户端(NTCredentials)类的方法,但我仍想使用restlet jar来避免对现有代码进行大量更改。
Any suggestions ? 有什么建议么 ? Any help would be appreciated. 任何帮助,将不胜感激。 Thanks in advance. 提前致谢。
1 个解决方案
解决方案1
1 2015-10-07 11:23:56
There is no built-in support for NTLM in Restlet. Restlet中没有对NTLM的内置支持。 An issue in the Restlet Github repository tackles such aspect: https://github.com/restlet/restlet-framework-java/issues/467 . Restlet Github存储库中的一个问题解决了以下方面: https : //github.com/restlet/restlet-framework-java/issues/467 。
I also saw a page in the Restlet documentation regarding NTLM: http://restlet.com/technical-resources/restlet-framework/guide/2.3/core/security/ntml-authentication . 我还在Restlet文档中看到有关NTLM的页面: http : //restlet.com/technical-resources/restlet-framework/guide/2.3/core/security/ntml-authentication 。 But it seems to be a bit outdated especially for the HTTPClient section. 但这似乎有些过时,尤其是对于HTTPClient部分。 Moreover the HTTP client extension is deprecated and will be removed in version 3. The Jetty extension should be used instead. 此外,不建议使用HTTP客户端扩展,并将在版本3中将其删除。应该使用Jetty扩展。
That said, you could make a try using the support of NTLM available in Java itself. 也就是说,您可以尝试使用Java本身提供的NTLM支持。 For this, you need to use the default HTTP client of Restlet, the one used when no client connector is provided in the classpath. 为此,您需要使用Restlet的默认HTTP客户端,即在类路径中未提供任何客户端连接器时使用的默认HTTP客户端。 Here is a sample of use: 这是一个使用示例:
final String username = "username";
final String password = "password";
// Create your own authenticator
Authenticator a = new Authenticator() {
public PasswordAuthentication getPasswordAuthentication() {
return (new PasswordAuthentication(
username, password.toCharArray()));
}
};
// Sets the default Authenticator
Authenticator.setDefault(a);
ClientResource cr = new ClientResource("http://...");
cr.post(...);
This link could help you to do that: http://examples.javacodegeeks.com/core-java/net/authenticator/access-password-protected-url-with-authenticator/ . 该链接可以帮助您做到这一点: http : //examples.javacodegeeks.com/core-java/net/authenticator/access-password-protected-url-with-authenticator/ 。
Hope it helps you, Thierry 希望对您有帮助,蒂埃里
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.