stackoom
  简体   繁体   中英

Apache cxf java client + ntlm authentication and multi user support

 原文  2014-04-16 03:26:23       apache/ authentication/ cxf/ ntlm

Question

I am using apache cxf java client to connect my WS. I am also using NTLM for authentication.

Now problem I am facing due to credential caching. First time i tried user which does not have privileges to access WS method. when I changed the user , it is still using same user to access WS method.

I am running in tomcat, so cannot kill my JVM .. tried all possible combination on httpClientPolicy.

Any help will be appreciated.

2 answers

solution1
 2  2014-06-13 13:28:29

This is NTLM specific problem. sun.net.www.protocol.https.HttpsURLConnectionImpl is getting serverAuthorization via java.net.Authenticator. requestPasswordAuthentication() java.net.Authenticator. requestPasswordAuthentication() . This authorization info is maintained in sun.net.www.protocol.http.AuthCacheValue.cache .

So if we override sun.net.www.protocol.http.AuthCacheValue means we can fix this issue.

AuthCacheValue.setAuthCache(new AuthCache()
{
  @Override
  public void remove(String arg0, AuthCacheValue arg1) { }

  @Override
  public void put(String arg0, AuthCacheValue arg1) { }

  @Override
  public AuthCacheValue get(String arg0, String arg1)
  {
    return null;
  }
});

Reference :

http://web.archiveorange.com/archive/v/ACbGtycfTs2dqbRNpy6d

http://tigrou.nl/2011/06/11/cached-credentials-in-http-basic-authentication/

solution2
 1  2014-06-23 13:56:37

I googled and tried a lot of solutions to this problem.. apparently the simplest code that worked is as below using the JCIFS library

    //Set the jcifs properties
    jcifs.Config.setProperty("jcifs.smb.client.domain", "domainname");
    jcifs.Config.setProperty("jcifs.netbios.wins", "xxx.xxx.xxx.xxx");
    jcifs.Config.setProperty("jcifs.smb.client.soTimeout", "300000"); // 5 minutes
    jcifs.Config.setProperty("jcifs.netbios.cachePolicy", "1200"); // 20 minutes
    jcifs.Config.setProperty("jcifs.smb.client.username", "username");
    jcifs.Config.setProperty("jcifs.smb.client.password", "password");

    //Register the jcifs URL handler to enable NTLM
    jcifs.Config.registerSmbURLHandler();

Apparently CXF 3.0 doesnt have a valid way of configuring the HTTP Client (4.3.x) with NTCredentials instance. Please refer to bug https://issues.apache.org/jira/browse/CXF-5671

By the way, if you have a simple message which needs to be transmitted, just use HTTP Client (I worked using 4.3.4.. not sure of the earlier versions) with NTCredentials Instance. That too did the magic for me.. The sample is as below:

    final NTCredentials ntCredentials = new NTCredentials("username", "Passworrd","destination", "domain");
    CredentialsProvider credsProvider = new BasicCredentialsProvider();

    credsProvider.setCredentials(AuthScope.ANY, ntCredentials);
    CloseableHttpClient httpclient = HttpClientBuilder.create()
                                        .setDefaultCredentialsProvider(credsProvider)
                                        .build();

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Apache HTTP Client 4.2.5 NTLM Integrated Authentication PHP Apache NTLM Authentication Alternate Client resource post fails for NTLM authentication. Works for Basic Authentication in apache Apache CXF Client Memory Apache CXF client unmarshal response Apache CXF Client proxy settings Slow initialization of apache cxf client Apache CXF Soap Client in Wildlfy apache plugin for NTLM for Getting log in user name Cannot create a secure XMLInputFactory when calling Apache CXF Client from Plain Java
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM