[英]java - HttpClient doesn't authenticate with NTLM
Trying to connect to a resource which is protected with NTLM authentication. 尝试连接到受NTLM身份验证保护的资源。 When making a request I get a response 401 unauthenticated, but httpclient doesn't perform NTLM authentication after that.
发出请求时,我得到未经身份验证的响应401,但此后httpclient不会执行NTLM身份验证。
Added Interceptor to see the communication and it doesn't even attempt to authenticate: 添加了Interceptor来查看通信,它甚至不尝试进行身份验证:
Request:
POST/NAV/xxxxxxxxx
Content-type: text/xml; charset=utf-8
SOAPAction:
Content-Length: 359
Host: xxx.local:7051
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.5.4 (Java/1.8.0_181)
Accept-Encoding: gzip,deflate
Response:
Unauthorized
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
WWW-Authenticate: Negotiate
Date: Wed, 26 Sep 2018 10:37:56 GMT
No requests made after that. 此后没有任何请求。
Any suggestions what can be wrong here? 有什么建议在这里有什么问题吗?
Here is my code: 这是我的代码:
NTCredentials credentials = new NTCredentials("testuser", "pass1", null, "stt.local");
CredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(AuthScope.ANY, credentials);
ArrayList<String> authPrefs = new ArrayList<String>();
authPrefs.add(AuthSchemes.NTLM);
RequestConfig requestConfig = RequestConfig.custom()
.setSocketTimeout(30000)
.setConnectTimeout(30000)
.setTargetPreferredAuthSchemes(Arrays.asList(AuthSchemes.NTLM))
.setProxyPreferredAuthSchemes(Arrays.asList(AuthSchemes.BASIC))
.build();
HttpClient client = HttpClientBuilder.
create().
setDefaultCredentialsProvider(credsProvider).
setDefaultRequestConfig(requestConfig).
addInterceptorLast(new LoggingRequestInterceptor()).
addInterceptorLast(new LoggingResponseInterceptor()).
build();
HttpPost post = new HttpPost(endpoint); //Provide Request URL
try {
StringEntity input = new StringEntity(bodyAsString);
input.setContentType("text/xml; charset=utf-8");
post.setEntity(input);
post.setHeader("Content-type", "text/xml; charset=utf-8");
post.setHeader("SOAPAction", ""); //Provide Soap action
org.apache.http.HttpResponse response = client.execute(post);
}
The parameters to that NTCredentials
constructor should have separate username and domain name. 该
NTCredentials
构造函数的参数应具有单独的用户名和域名。
Parameters:
参数:
userName - The user name.userName-用户名。 This should not include the domain to authenticate with.
这不应包括要进行身份验证的域。 For example: "user" is correct whereas "DOMAIN\\user\u0026quot; is not.
例如:“用户”是正确的,而“域\\用户”是不正确的。
password - The password.密码-密码。
workstation - The workstation the authentication request is originating from.工作站-身份验证请求所源自的工作站。 Essentially, the computer name for this machine.
本质上,这台机器的计算机名称。
domain - The domain to authenticate within.域-要在其中进行身份验证的域。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.