堆棧內存溢出
  簡體   English   中英

您如何通過 apache 的 commons httpclient 使用 NTLM 身份驗證以編程方式對 Web 服務器進行身份驗證?

[英]How do you programatically authenticate to a web server using NTLM Authentication with apache's commons httpclient?

 原文  2008-10-13 21:50:02       java/ httpclient

問題描述

我正在使用此代碼,並獲得下面列出的堆棧跟蹤。 我只使用 https 和基本身份驗證,而不是 ntlm。

HttpClient client = null;
HttpMethod get = null;
try
{
  Protocol myhttps = new Protocol("https", ((ProtocolSocketFactory) new EasySSLProtocolSocketFactory()), 443);
  Protocol.registerProtocol("https", myhttps);
  client = new HttpClient();
  get = new GetMethod("https://tt.dummycorp.com/tmtrack/");
  Credentials creds = new NTCredentials("dummy", "dummy123", "host", "DUMMYDOMAIN");
  client.getState().setCredentials(AuthScope.ANY, creds);
  get.setDoAuthentication(true);
  int resultCode = client.executeMethod(get);
  System.out.println(get.getResponseBodyAsString());
}

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1591)
    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:975)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:123)
    at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
    at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:623)
    at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
    at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
    at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
    at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:828)
    at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2116)
    at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
    at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
    at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
    at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
    at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
    at com.dummycorp.teamtrack.TeamTrackHack.main(TeamTrackHack.java:38)
Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed
    at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:251)
    at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:234)
    at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:158)
    at sun.security.validator.Validator.validate(Validator.java:218)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
    at org.apache.commons.httpclient.contrib.ssl.EasyX509TrustManager.checkServerTrusted(EasyX509TrustManager.java:104)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:967)
    ... 17 more
Caused by: java.security.cert.CertPathValidatorException: signature check failed
    at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:139)
    at sun.security.provider.certpath.PKIXCertPathValidator.doValidate(PKIXCertPathValidator.java:316)
    at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:178)
    at java.security.cert.CertPathValidator.validate(CertPathValidator.java:250)
    at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:246)
    ... 24 more
Caused by: java.security.SignatureException: Signature does not match.
    at sun.security.x509.X509CertImpl.verify(X509CertImpl.java:446)
    at sun.security.provider.certpath.BasicChecker.verifySignature(BasicChecker.java:133)
    at sun.security.provider.certpath.BasicChecker.check(BasicChecker.java:112)
    at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:117)
    ... 28 more

2 個解決方案

解決方案1
 2 已采納  2008-12-03 11:00:11

HttpClient 不完全支持 NTLM。 請查看已知限制和問題 關於 NTLM 的 HttpClient 文檔有點混亂,但最重要的是它們不支持 NTLMv2,這使得它在這方面幾乎不可用。

NTLM 由標准的 java HttpURLConnection ( link ) 支持,但 HttpClient 比 jdk 的 HttpURLConnection 有一些優勢。

解決方案2
 0  2008-10-14 09:15:09

看看這里發布的實用程序。

它解決了不同的問題,即缺少證書,而您安裝的證書無效,但它關於已安裝證書的詳細輸出可能會有所幫助。

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 apache httpclient + ntlm身份驗證 如何使用apache httpclient和web身份驗證進行http發布? 如何使用 Spnego/Kerberos 和 Apache 的 HttpClient 進行身份驗證? Apache HttpClient 4.1.1 NTLM身份驗證不是SPNEGO Apache HttpClient-NTLM:500內部服務器錯誤 Apache HttpClient v5.0 未通過 Windows 上的 NTLM 進行身份驗證 如何使用apache httpClient設置基本身份驗證 使用 NTLM 身份驗證時,最新的 Apache HttpClient 4.1.1 出現 HTTP/1.1 407 錯誤 使用httpclient 4.2.1進行NTLM身份驗證 使用Apache Commons HttpClient上傳SmbFile
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM