authenticate with ntlm (or kerberos) using java Ur

2020-07-11 06:15发布

问题:

I need to consume a rest web service with java, passing the credentials of a domain user account.

right now I'm doing it with classic asp


set xmlHttp = server.createObject( "msxml2.serverxmlhttp" )
xmlHttp.open method, url, false, domain & "\" & user, password
xmlHttp.send body
out = xmlHttp.responseText
set xmlHttp = nothing

and with asp.net



HttpWebRequest request = (HttpWebRequest) WebRequest.Create( url );

request.Credentials = new NetworkCredential(user, password, domain);

request.Method = WebRequestMethods.Http.Get

HttpWebResponse response = (HttpWebResponse) request.GetResponse();

StreamReader outStream = new StreamReader( response.GetResponseStream(), Encoding.UTF8) ;

output = outStream.ReadToEnd();

how can I achieve this with java? Take into account that I'm not using the credentials of the currently logged user, I'm specifing the domain account (I have the password)

please tell me it's as easy as with classic asp and asp.net....

回答1:

According to this page, you can use the built-in JRE classes, with the caveat that earlier versions of Java can only do this on a Windows machine.

However, if you are willing to live with a 3rd-party dependency, IMO Apache Commons HttpClient 3.x is the way to go. Here is the documentation for using authentication, including NTLM. In general, HttpClient is a much more functional library.

The latest version of HttpClient is 4.0, but apparently this version does not support NTLM this version requires a tiny bit of extra work.

Here is what I think the code would look like, although I haven't tried it:

HttpClient httpClient = new HttpClient();
httpClient.getState().setCredentials(AuthScope.ANY, new NTCredentials(user, password, hostPortionOfURL, domain));
GetMethod request = new GetMethod(url);
BufferedReader reader = new InputStreamReader(request.getResponseBodyAsStream());

Good luck.



回答2:

A compatible solution for java.net.URLStreamHandler and java.net.URL is com.intersult.net.http.NtlmHandler:

NtlmHandler handler = new NtlmHandler();
handler.setUsername("domain\\username");
handler.setPassword("password");
URL url = new URL(null, urlString, handler);
URLConnection connection = url.openConnection();

You also can use java.net.Proxy within url.openConnection(proxy).

Use Maven-Dependency:

    <dependency>
        <groupId>com.intersult</groupId>
        <artifactId>http</artifactId>
        <version>1.1</version>
    </dependency>


回答3:

Take a look at the SpnegoHttpURLConnection class in the SPNEGO HTTP Servlet Filter project. This project has some examples as well.

This project has a client library that pretty much does what you are doing in your example.

Take a look this example from the javadoc...

 public static void main(final String[] args) throws Exception {
     final String creds = "dfelix:myp@s5";

     final String token = Base64.encode(creds.getBytes());

     URL url = new URL("http://medusa:8080/index.jsp");

     HttpURLConnection conn = (HttpURLConnection) url.openConnection();

     conn.setRequestProperty(Constants.AUTHZ_HEADER
             , Constants.BASIC_HEADER + " " + token);

     conn.connect();

     System.out.println("Response Code:" + conn.getResponseCode());
 }