[英]HTTP 403 Forbidden coming when using HttpClient authentication mechanism for Sharepoint using NTLM
HTTP / 1.1 403 FORBIDDEN响应内容长度:729结果:soap:抛出了类型为“Microsoft.SharePoint.SoapServer.SoapServerException”的ServerException。此页面的安全验证无效。 在Web浏览器中单击“返回”,刷新页面,然后再次尝试操作.x8102006d
我关心的是如何通过代理进行身份验证,同时在同一会话中对NTLM配置的sharepoint进行身份验证? 请帮我。
提前致谢。
AuthCache authCache = new BasicAuthCache();
HttpHost targetHost = new HttpHost(<sharepointserverhostname>);
NTLMSchemeFactory f = new NTLMSchemeFactory();
HttpContext ctx = new BasicHttpContext();
AuthScheme ns = f.create(ctx);
authCache.put(targetHost, ns);
HttpClientContext localContext = HttpClientContext.create();
localContext.setAuthCache(authCache);
CredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(
new AuthScope(<proxyserverip>, 8080), new UsernamePasswordCredentials ("testdomain\phanigandeed", "Jul@2014"));
credsProvider.setCredentials(
AuthScope.ANY, new NTCredentials("phanigandeed", "Jul@2014", "", "testdomain"));
CloseableHttpClient httpclient = HttpClients.custom().setDefaultCredentialsProvider(credsProvider).build();
String listName = "PhaniList";
String description = "TestDescription";
String templateID = "101";
// for safety reasons, I had to remove the actual server details.
String endpointURL = <serviceurl>;
String result = "Failed";
String username = "phanigandeed";
String psWord = "Jul@2014";
String domainName = "vsnl";
String XML_DATA = new String("<?xml version=\"1.0\" encoding=\"utf-8\"?><soap:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\"><soap:Body><AddList xmlns=\"http://schemas.microsoft.com/sharepoint/soap/\"><listName>"
+ listName
+ "</listName><description>"
+ description
+ "</description><templateID>"
+ templateID
+ "</templateID></AddList></soap:Body></soap:Envelope>");
HttpPost httpPost = new HttpPost(endpointURL);
httpPost.setHeader(new BasicHeader("Content-Type",
"text/xml;charset=UTF-8"));
try {
StringEntity s = new StringEntity(XML_DATA, "UTF-8");
httpPost.setEntity(s);
System.out.println("executing request" + httpPost.getRequestLine());
HttpResponse response = httpclient.execute(httpPost, localContext);
HttpEntity entity = response.getEntity();
System.out.println("----------------------------------------");
System.out.println(response.getStatusLine());
if (entity != null) {
System.out.println("Response content length: "
+ entity.getContentLength());
result = EntityUtils.toString(entity);
System.out.println("Result: " + result);
entity.consumeContent();
}
System.out.println("result: " + result);
return;
} catch (Exception e) {
e.printStackTrace();
System.out.println("Sharepoint Create Library failed :"
+ e.getMessage());
return;
}
您需要连接到SharePoint并检索摘要以验证任何进一步的请求,这就是为什么它会导致您的安全验证无效的例外。
String digest;
try
{
string url = "https://Your.SharePoint.Site";
HttpClient client = new HttpClient(new HttpClientHandler() { UseDefaultCredentials = true });
client.BaseAddress = new System.Uri(url);
string cmd = "_api/contextinfo";
client.DefaultRequestHeaders.Add("Accept", "application/json;odata=verbose");
client.DefaultRequestHeaders.Add("ContentType", "application/json");
client.DefaultRequestHeaders.Add("ContentLength", "0");
StringContent httpContent = new StringContent("");
var response = client.PostAsync(cmd, httpContent).Result;
if (response.IsSuccessStatusCode)
{
string content = response.Content.ReadAsStringAsync().Result;
JsonObject val = JsonValue.Parse(content).GetObject();
JsonObject d = val.GetNamedObject("d");
JsonObject wi = d.GetNamedObject("GetContextWebInformation");
digest = wi.GetNamedString("FormDigestValue");
}
}
catch
{
MessageDialog dialog = new MessageDialog("Authentication to server failed. Please try again.");
dialog.ShowAsync();
}
稍后您需要将摘要添加到下一个请求的标头中,以传递身份验证,如下所示。 这是C#,抱歉我不知道Java特定的语法,但您需要摘要在所有平台上使用Web服务:
client.DefaultRequestHeaders.Add("X-RequestDigest", digest);
我遇到了使用Sharepoint / IIS和NTLM身份验证的HTTPClient问题。 当我切换到Java HTTPURLConnection时,我能够解决这些问题。 请参阅以下帖子以供参考
希望这对你有所帮助。
使用 NTLM 身份验证时,最新的 Apache HttpClient 4.1.1 出现 HTTP/1.1 407 错误
[英]HTTP/1.1 407 error with latest Apache HttpClient 4.1.1 when using NTLM authentication
WWW-Authentication / NTLM使用具有当前用户凭据的HttpClient进行协商
[英]WWW-Authentication / NTLM Negotiate using HttpClient with current user credentials
使用Keycloak和Spring引导时如何自定义401 Unauthorized和403 Forbidden HTTP响应?
[英]How to customize 401 Unauthorized and 403 Forbidden HTTP responses when using Keycloak and Spring boot?
您如何通过 apache 的 commons httpclient 使用 NTLM 身份验证以编程方式对 Web 服务器进行身份验证?
[英]How do you programatically authenticate to a web server using NTLM Authentication with apache's commons httpclient?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.