java - 您如何使用带有 apache commons httpclient 的 NTLM 身份验证以编程方式对 Web 服务器进行身份验证?

标签 java httpclient

我正在使用这段代码,我得到了下面列出的堆栈跟踪。 我只使用 https 和基本身份验证就可以使用它,但不能使用 ntlm。

HttpClient client = null;
HttpMethod get = null;
try
{
  Protocol myhttps = new Protocol("https", ((ProtocolSocketFactory) new EasySSLProtocolSocketFactory()), 443);
  Protocol.registerProtocol("https", myhttps);
  client = new HttpClient();
  get = new GetMethod("https://tt.dummycorp.com/tmtrack/");
  Credentials creds = new NTCredentials("dummy", "dummy123", "host", "DUMMYDOMAIN");
  client.getState().setCredentials(AuthScope.ANY, creds);
  get.setDoAuthentication(true);
  int resultCode = client.executeMethod(get);
  System.out.println(get.getResponseBodyAsString());
}

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1591)
    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:975)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:123)
    at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
    at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:623)
    at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
    at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
    at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
    at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:828)
    at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2116)
    at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
    at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
    at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
    at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
    at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
    at com.dummycorp.teamtrack.TeamTrackHack.main(TeamTrackHack.java:38)
Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed
    at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:251)
    at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:234)
    at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:158)
    at sun.security.validator.Validator.validate(Validator.java:218)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
    at org.apache.commons.httpclient.contrib.ssl.EasyX509TrustManager.checkServerTrusted(EasyX509TrustManager.java:104)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:967)
    ... 17 more
Caused by: java.security.cert.CertPathValidatorException: signature check failed
    at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:139)
    at sun.security.provider.certpath.PKIXCertPathValidator.doValidate(PKIXCertPathValidator.java:316)
    at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:178)
    at java.security.cert.CertPathValidator.validate(CertPathValidator.java:250)
    at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:246)
    ... 24 more
Caused by: java.security.SignatureException: Signature does not match.
    at sun.security.x509.X509CertImpl.verify(X509CertImpl.java:446)
    at sun.security.provider.certpath.BasicChecker.verifySignature(BasicChecker.java:133)
    at sun.security.provider.certpath.BasicChecker.check(BasicChecker.java:112)
    at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:117)
    ... 28 more

最佳答案

HttpClient 不完全支持 NTLM。请看Known limitations and problems .有关 NTLM 的 HttpClient 文档有点令人困惑,但最重要的是它们不支持 NTLMv2,这使得它在这方面几乎不可用。

标准 java HttpURLConnection ( link ) 支持 NTLM,但是 HttpClient 比 jdk 的 HttpURLConnection 有一些优势。

关于java - 您如何使用带有 apache commons httpclient 的 NTLM 身份验证以编程方式对 Web 服务器进行身份验证?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/199145/

上一篇:java - 您能否在不同的 OSGi 包中包含 JSF 自定义组件?

下一篇:java - 如何在 Java 中解析 "Event XML"?

相关文章:

java - 序列化对象并将其作为字符串存储在 cookie 中

java - 来自单独类的 JTextField

java - 链表的线性搜索

java - 内存不足错误 : unable to create new native thread using ExecutorService

php - Android JSON HttpClient 使用 HttpResponse 将数据发送到 PHP 服务器

c# - HttpClient.PostAsync 以退出代码 0 终止程序

java - 一次合并排序 3 个子数组

java - 如何从服务器端 Controller 返回或调用签名的小程序的方法?

java - 方法的状态码

java - 使用 Yahoo Finance API 检索股票行情

©2024 IT工具网  联系我们