stackoom
  简体   繁体   中英

Apache CXF 3.1.6 webservice client - NTLM Authentication

 原文  2016-07-01 11:56:39       java/ web-services/ cxf/ ntlm/ cxf-client

Question

I am trying to connect to service authenticated with NTLM. I have client generated with maven cxf plugin wsdl2java. I got an exception: org.apache.cxf.ws.policy.PolicyException: None of the policy alternatives can be satisfied. Maybe there is another way to do this authentication. 

public class UFENTLM1Test {

public static void main(String[] args) throws NoSuchFieldException, IllegalAccessException, ClassNotFoundException, InstantiationException {
    System.out.println("UFE SERVICE TEST (NTLM No1 WRAPPER)");
    System.out.println("PARAMS: " + args[1] + " " + args[2] + " ");
    System.out.println("START");

    Authenticator.setDefault(new Authenticator() {
        @Override
        protected PasswordAuthentication getPasswordAuthentication() {
            return (new PasswordAuthentication(args[1], args[2].toCharArray()));
        }
    });
    //LAMAccountAPI service = new LAMAccountAPI();

    URL url = LAMAccountAPI.class.getClassLoader().getResource("wsdl/ufe/ufe_account.wsdl");

    // TO AVOID SEIStub cannot be cast to ClientProxy
    LAMAccountAPI service = new LAMAccountAPI(url, LAMAccountAPI.SERVICE);
    Field delegateField = Service.class.getDeclaredField("delegate");
    delegateField.setAccessible(true);
    ServiceDelegate previousDelegate = (ServiceDelegate) delegateField.get(service);
    if (!previousDelegate.getClass().getName().contains("cxf")) {
        ServiceDelegate serviceDelegate = ((Provider) Class.forName("org.apache.cxf.jaxws.spi.ProviderImpl").newInstance())
                .createServiceDelegate(url, LAMAccountAPI.SERVICE, service.getClass());
        delegateField.set(service, serviceDelegate);
    }

    ILAMZarzadzanieKontem port = service.getBasicHttpBindingILAMZarzadzanieKontem();

    // Many various tryings
    Client client = ClientProxy.getClient(port);
    HTTPConduit http = (HTTPConduit) client.getConduit();
    http.getAuthorization().setUserName(args[1]);
    http.getAuthorization().setPassword(args[2]);
    AuthorizationPolicy policy = new AuthorizationPolicy();
    policy.setUserName(args[1]);
    policy.setPassword(args[2]);
    http.setAuthorization(policy);
    HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
    httpClientPolicy.setConnectionTimeout(36000);
    httpClientPolicy.setAllowChunking(false);
    http.setClient(httpClientPolicy);

    List<Konto> accounts = null;
    try {
        accounts = port.pobierzKonta().getKonto();
    } catch (ILAMZarzadzanieKontemPobierzKontaSOAPExceptionFaultMessage | ILAMZarzadzanieKontemPobierzKontaDataConversionExceptionFaultMessage ilamZarzadzanieKontemPobierzKontaSOAPExceptionFaultMessage) {
        ilamZarzadzanieKontemPobierzKontaSOAPExceptionFaultMessage.printStackTrace();
    }
}

And policy definition from WSDL: 

<wsp:Policy wsu:Id="BasicHttpBinding_ILAMZarzadzanieKontem_policy">
        <wsp:ExactlyOne>
            <wsp:All>
                <http:NtlmAuthentication xmlns:http="http://schemas.microsoft.com/ws/06/2004/policy/http"/>
            </wsp:All>
        </wsp:ExactlyOne>
    </wsp:Policy>

Finally, full stacktrace: 

UFE SERVICE TEST (NTLM No1 WRAPPER)
START
lip 01, 2016 2:38:20 PM [com.sun.xml.internal.ws.policy.EffectiveAlternativeSelector]  selectAlternatives
WARNING: WSP0075: Policy assertion "{http://schemas.microsoft.com/ws/06/2004/policy/http}NtlmAuthentication" was evaluated as "UNKNOWN".
lip 01, 2016 2:38:20 PM [com.sun.xml.internal.ws.policy.EffectiveAlternativeSelector]  selectAlternatives
WARNING: WSP0019: Suboptimal policy alternative selected on the client side with fitness "UNKNOWN".
lip 01, 2016 2:38:21 PM org.apache.cxf.wsdl.service.factory.ReflectionServiceFactoryBean buildServiceFromWSDL
INFO: Creating Service {http://tempuri.org/}LAMAccountAPI from WSDL: file:/C:/dev/work/compfort/warta/3639/iiq-connector/target/classes/wsdl/ufe/ufe_account.wsdl
lip 01, 2016 2:38:22 PM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://schemas.microsoft.com/ws/06/2004/policy/http}NtlmAuthentication registered.
Exception in thread "main" org.apache.cxf.ws.policy.PolicyException: None of the policy alternatives can be satisfied.
    at org.apache.cxf.ws.policy.EndpointPolicyImpl.chooseAlternative(EndpointPolicyImpl.java:172)
    at org.apache.cxf.ws.policy.EndpointPolicyImpl.finalizeConfig(EndpointPolicyImpl.java:146)
    at org.apache.cxf.ws.policy.EndpointPolicyImpl.initialize(EndpointPolicyImpl.java:142)
    at org.apache.cxf.ws.policy.PolicyEngineImpl.createEndpointPolicyInfo(PolicyEngineImpl.java:604)
    at org.apache.cxf.ws.policy.PolicyEngineImpl.getEndpointPolicy(PolicyEngineImpl.java:316)
    at org.apache.cxf.ws.policy.PolicyEngineImpl.getClientEndpointPolicy(PolicyEngineImpl.java:303)
    at org.apache.cxf.ws.policy.PolicyDataEngineImpl.getClientEndpointPolicy(PolicyDataEngineImpl.java:61)
    at org.apache.cxf.transport.http.HTTPConduit.updateClientPolicy(HTTPConduit.java:318)
    at org.apache.cxf.transport.http.HTTPConduit.updateClientPolicy(HTTPConduit.java:338)
    at org.apache.cxf.transport.http.HTTPConduit.getClient(HTTPConduit.java:873)
    at org.apache.cxf.transport.http.HTTPConduit.configureConduitFromEndpointInfo(HTTPConduit.java:360)
    at org.apache.cxf.transport.http.HTTPConduit.finalizeConfig(HTTPConduit.java:440)
    at org.apache.cxf.transport.http.HTTPTransportFactory.getConduit(HTTPTransportFactory.java:242)
    at org.apache.cxf.binding.soap.SoapTransportFactory.getConduit(SoapTransportFactory.java:226)
    at org.apache.cxf.binding.soap.SoapTransportFactory.getConduit(SoapTransportFactory.java:233)
    at org.apache.cxf.endpoint.AbstractConduitSelector.createConduit(AbstractConduitSelector.java:145)
    at org.apache.cxf.endpoint.AbstractConduitSelector.getSelectedConduit(AbstractConduitSelector.java:107)
    at org.apache.cxf.endpoint.UpfrontConduitSelector.selectConduit(UpfrontConduitSelector.java:77)
    at org.apache.cxf.endpoint.ClientImpl.getConduit(ClientImpl.java:845)
    at pl.warta.connector.ufe.test.UFENTLM1Test.main(UFENTLM1Test.java:56)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at com.intellij.rt.execution.application.AppMain.main(AppMain.java:144)

1 answers

solution1
 2 ACCPTED  2016-07-01 12:56:57

It is a problem with the proprietary ws-policy tag http:NtlmAuthentication . The problem is that cxf tries to automatically fulfill ws-policy requirements out of the box. Since this tag is proprietary and non-standard it fails, hence the exception.

Remove this (whole) policy from your wsdl and generate the client once more without this policy. After that the ntlm authentication should work.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question soap webservice client using apache cxf, for ntlm authentication CXF client NTLM authentication on weblogic 401: Unauthorized Exception occurred with an apache axis client(java) to invoke a webservice(.net) with an NTLM Authentication Technique Quarkus Webservice with Apache CXF and Basic Authentication Apache HTTP Client 4.2.5 NTLM Integrated Authentication CXF Client in Spring with Basic / NTLM Authentication sent on every request How to use NTLM authentication with Apache Wink client Webservice Client behind proxy and service needs NTLM authentication How to invoke the .Net Based webservice from a java client with NTLM authentication CXF SOAP Client with NTLM to SharePoint
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM