Service

Service

关注
发信
如何在Jenkins中将安全类型从SSL更改为TLS?
不支持菱形运算符
无法运行Windows服务
5 次方运算比 switch 语句执行得更快
PayPal手机支付前preSS结帐库示例应用程序给我的NoClassDefFoundError异常
事件处理程序为null
将自定义费用添加到经常性的 WooCommerce 订阅总额
使用 TLS 从 PHP 使用 Gmail 传出 SMTP
用于SQL Server的Microsoft OLE DB提供程序是否支持TLS 1.2
.NET Framework 4.6.1 Targeting Pack和.NET Framework 4.6.1 Runtime有什么区别?
尾随零的数量
跳过输入函数超时
$(document).click() 在 iPhone 上无法正常工作.查询
UICollectionView - 在设备旋转上调整单元格大小 - Swift
在jqgrid treegrid中,如何指定默认情况下我希望数据折叠(即使所有数据都已加载)

在Apache HttpClient 4.3.6上禁用NTLM

扫码查看
本文介绍了在Apache HttpClient 4.3.6上禁用NTLM的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试将HttpClient创建为支持NTLM和Basic身份验证的服务。在我的情况下,NTLM将无法工作,因为HttpClient机器处于与服务不同的域下(感谢公司决定非常缓慢地迁移正在使用的域的名称......)。但是看起来HttpClient仍然会尝试使用它。

I am trying to make a HttpClient to a service that support NTLM and Basic auth. In my case NTLM will not work, because the machine HttpClient is on is under a different domain to the service (thanks a corporate decision to very slowly migrate the name of the domain being used...). However it seems HttpClient will still try to use it anyway.

CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(AuthScope.ANY,
    new UsernamePasswordCredentials(
            username,  password));

HttpClient client = HttpClientBuilder.create()
        .setDefaultCredentialsProvider(credentialsProvider).build();
HttpGet method = new HttpGet(uri);
HttpResponse response = client.execute(method);



我只是希望它发送HTTP 身份验证:基本... 标题。我已经在任何Java HTTP框架之外测试了这个(例如,使用带有手动创建的HTTP请求的原始ssl套接字),所以它似乎是一些Java / Apache HTTP问题,它试图做我没有要求的事情而且真的不喜欢我希望它甚至尝试做...

I just want it to send the HTTP Authentication: Basic ... header. I have tested this outside any Java HTTP frameworks (e.g. using a raw ssl socket with a manually created HTTP request), so it seems to be some Java/Apache HTTP issue with it trying to do things I did not ask for and really don't want it to even try to do...

推荐答案

这是因为表现良好的客户应该选择一种比本身不安全的BASIC auth更安全的方案。

That is because well behaved clients should choose a more secure scheme over an inherently insecure BASIC auth.

这是永久禁用NTLM(和其他非标准方案)的方式

This is how one can disable NTLM (and other non-standard schemes) permanently

Registry<AuthSchemeProvider> r = RegistryBuilder.<AuthSchemeProvider>create()
        .register(AuthSchemes.BASIC, new BasicSchemeFactory())
        .register(AuthSchemes.DIGEST, new DigestSchemeFactory())
        .build();
CloseableHttpClient client = HttpClients.custom()
        .setDefaultAuthSchemeRegistry(r)
        .build();

这是强制HttpClient基于每个请求强制选择基于NTLM的BASIC的方法

This is how one can force HttpClient to choose BASIC over NTLM on a per request basis

RequestConfig config = RequestConfig.custom()
        .setTargetPreferredAuthSchemes(Arrays.asList(AuthSchemes.BASIC, AuthSchemes.NTLM))
        .build();
HttpGet get = new HttpGet("/");
get.setConfig(config);

这篇关于在Apache HttpClient 4.3.6上禁用NTLM的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-24 15:34
查看更多
Powered by LMLPHP ©2025 Service 0.031998