Service

Service

关注
发信
如何在不使用播放器插件的情况下添加视频
接受字符串的扫描程序输入会跳过while循环内的所有其他输入。
在Hyperledger Fabric中添加新对等方时出错
mod_rewrite:带有两个 GET 变量的 URL 尾部斜杠
Android Studio编译错误并添加了资源
在jqGrid中编辑删除
为什么我的代码不能编译?请帮忙!
Nodemailer / Gmail - 什么是刷新令牌,如何获得一个?
Java 7中的菱形运算符(<>)有什么意义?
coldfusion网站服务问题
.NET Framework 3.5
AngularJS - 动态更改过滤器上的货币符号?
如何更改 jqGrid 单元格的颜色?
DataGrid:关于单元格验证错误,其他行单元格不可编辑/只读
Excel VBA:找到两个表的联合

在Apache HttpClient 4.3.6上禁用NTLM

扫码查看
本文介绍了在Apache HttpClient 4.3.6上禁用NTLM的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试将HttpClient创建为支持NTLM和Basic身份验证的服务。在我的情况下,NTLM将无法工作,因为HttpClient机器处于与服务不同的域下(感谢公司决定非常缓慢地迁移正在使用的域的名称......)。但是看起来HttpClient仍然会尝试使用它。

I am trying to make a HttpClient to a service that support NTLM and Basic auth. In my case NTLM will not work, because the machine HttpClient is on is under a different domain to the service (thanks a corporate decision to very slowly migrate the name of the domain being used...). However it seems HttpClient will still try to use it anyway.

CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(AuthScope.ANY,
    new UsernamePasswordCredentials(
            username,  password));

HttpClient client = HttpClientBuilder.create()
        .setDefaultCredentialsProvider(credentialsProvider).build();
HttpGet method = new HttpGet(uri);
HttpResponse response = client.execute(method);



我只是希望它发送HTTP 身份验证:基本... 标题。我已经在任何Java HTTP框架之外测试了这个(例如,使用带有手动创建的HTTP请求的原始ssl套接字),所以它似乎是一些Java / Apache HTTP问题,它试图做我没有要求的事情而且真的不喜欢我希望它甚至尝试做...

I just want it to send the HTTP Authentication: Basic ... header. I have tested this outside any Java HTTP frameworks (e.g. using a raw ssl socket with a manually created HTTP request), so it seems to be some Java/Apache HTTP issue with it trying to do things I did not ask for and really don't want it to even try to do...

推荐答案

这是因为表现良好的客户应该选择一种比本身不安全的BASIC auth更安全的方案。

That is because well behaved clients should choose a more secure scheme over an inherently insecure BASIC auth.

这是永久禁用NTLM(和其他非标准方案)的方式

This is how one can disable NTLM (and other non-standard schemes) permanently

Registry<AuthSchemeProvider> r = RegistryBuilder.<AuthSchemeProvider>create()
        .register(AuthSchemes.BASIC, new BasicSchemeFactory())
        .register(AuthSchemes.DIGEST, new DigestSchemeFactory())
        .build();
CloseableHttpClient client = HttpClients.custom()
        .setDefaultAuthSchemeRegistry(r)
        .build();

这是强制HttpClient基于每个请求强制选择基于NTLM的BASIC的方法

This is how one can force HttpClient to choose BASIC over NTLM on a per request basis

RequestConfig config = RequestConfig.custom()
        .setTargetPreferredAuthSchemes(Arrays.asList(AuthSchemes.BASIC, AuthSchemes.NTLM))
        .build();
HttpGet get = new HttpGet("/");
get.setConfig(config);

这篇关于在Apache HttpClient 4.3.6上禁用NTLM的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-24 15:34
查看更多
Powered by LMLPHP ©2025 Service 0.038094