使用 java UrlConnection 对 ntlm(或 kerberos)进行身份验证
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/1168526/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
authenticate with ntlm (or kerberos) using java UrlConnection
提问by opensas
I need to consume a rest web service with java, passing the credentials of a domain user account.
我需要使用 java 来使用 rest web 服务,传递域用户帐户的凭据。
right now I'm doing it with classic asp
现在我正在使用经典的 asp
set xmlHttp = server.createObject( "msxml2.serverxmlhttp" )
xmlHttp.open method, url, false, domain & "\" & user, password
xmlHttp.send body
out = xmlHttp.responseText
set xmlHttp = nothing
and with asp.net
和 asp.net
HttpWebRequest request = (HttpWebRequest) WebRequest.Create( url );
request.Credentials = new NetworkCredential(user, password, domain);
request.Method = WebRequestMethods.Http.Get
HttpWebResponse response = (HttpWebResponse) request.GetResponse();
StreamReader outStream = new StreamReader( response.GetResponseStream(), Encoding.UTF8) ;
output = outStream.ReadToEnd();
how can I achieve this with java? Take into account that I'm not using the credentials of the currently logged user, I'm specifing the domain account (I have the password)
我怎样才能用java实现这个?考虑到我没有使用当前登录用户的凭据,我指定了域帐户(我有密码)
please tell me it's as easy as with classic asp and asp.net....
请告诉我这就像使用经典的 asp 和 asp.net 一样简单....
回答by Matt Solnit
According to this page, you canuse the built-in JRE classes, with the caveat that earlier versions of Java can only do this on a Windows machine.
根据此页面,您可以使用内置 JRE 类,但需要注意的是早期版本的 Java 只能在 Windows 机器上执行此操作。
However, if you are willing to live with a 3rd-party dependency, IMO Apache Commons HttpClient 3.xis the way to go. Hereis the documentation for using authentication, including NTLM. In general, HttpClient is a much more functional library.
但是,如果您愿意忍受第 3 方的依赖,那么 IMO Apache Commons HttpClient 3.x是您的最佳选择。 这是使用身份验证的文档,包括 NTLM。一般来说,HttpClient 是一个功能更多的库。
The latest version of HttpClient is 4.0, but apparently this version does not support NTLMthis version requires a tiny bit of extra work.
HttpClient 的最新版本是 4.0,但是 显然这个版本不支持NTLM这个版本需要一点点额外的工作。
Here is what I thinkthe code would look like, although I haven't tried it:
这是我认为代码的样子,虽然我还没有尝试过:
HttpClient httpClient = new HttpClient();
httpClient.getState().setCredentials(AuthScope.ANY, new NTCredentials(user, password, hostPortionOfURL, domain));
GetMethod request = new GetMethod(url);
BufferedReader reader = new InputStreamReader(request.getResponseBodyAsStream());
Good luck.
祝你好运。
回答by Tires
A compatible solution for java.net.URLStreamHandler and java.net.URL is com.intersult.net.http.NtlmHandler:
java.net.URLStreamHandler 和 java.net.URL 的兼容解决方案是 com.intersult.net.http.NtlmHandler:
NtlmHandler handler = new NtlmHandler();
handler.setUsername("domain\username");
handler.setPassword("password");
URL url = new URL(null, urlString, handler);
URLConnection connection = url.openConnection();
You also can use java.net.Proxy within url.openConnection(proxy).
您还可以在 url.openConnection(proxy) 中使用 java.net.Proxy。
Use Maven-Dependency:
使用 Maven 依赖:
<dependency>
<groupId>com.intersult</groupId>
<artifactId>http</artifactId>
<version>1.1</version>
</dependency>
回答by Pat Gonzalez
Take a look at the SpnegoHttpURLConnection class in the SPNEGO HTTP Servlet Filter project. This project has some examples as well.
查看 SPNEGO HTTP Servlet Filter 项目中的 SpnegoHttpURLConnection 类。这个项目也有一些例子。
This project has a client librarythat pretty much does what you are doing in your example.
这个项目有一个客户端库,它几乎可以完成您在示例中所做的工作。
Take a look this example from the javadoc...
从 javadoc 中查看此示例...
public static void main(final String[] args) throws Exception {
final String creds = "dfelix:myp@s5";
final String token = Base64.encode(creds.getBytes());
URL url = new URL("http://medusa:8080/index.jsp");
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestProperty(Constants.AUTHZ_HEADER
, Constants.BASIC_HEADER + " " + token);
conn.connect();
System.out.println("Response Code:" + conn.getResponseCode());
}
