HttpUrlConnection没有';在Android上找不到NTLM挑战
我正在尝试使用HttpUrlConnection类将我的Android应用程序连接到IIS服务器 我的服务器需要对用户进行身份验证,因此它正在向客户端发送以下质询:HttpUrlConnection没有';在Android上找不到NTLM挑战,android,httpurlconnection,ntlm,android-authenticator,Android,Httpurlconnection,Ntlm,Android Authenticator,我正在尝试使用HttpUrlConnection类将我的Android应用程序连接到IIS服务器 我的服务器需要对用户进行身份验证,因此它正在向客户端发送以下质询: WWW-Authenticate: Negotiate WWW-Authenticate: NTLM 我的问题是HttpUrlConnection似乎无法解析它。因此getPasswordAuthentication()永远不会被调用,它返回一个IOException“找不到身份验证挑战” 这是我的密码: Authenticato
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
我的问题是HttpUrlConnection似乎无法解析它。因此getPasswordAuthentication()永远不会被调用,它返回一个IOException“找不到身份验证挑战”
这是我的密码:
Authenticator.setDefault(new Authenticator() {
@Override
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication("myUsername", "myPassword".toCharArray());
}
});
URL url = new URL(myUrl);
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("GET");
conn.setRequestProperty("Accept-Encoding", "gzip");
conn.setRequestProperty("Accept-Charset", "UTF-8");
conn.setRequestProperty("Accept", "*/*");
conn.setRequestProperty("Connection", "close");
conn.setDoOutput(true);
conn.setDoInput(true);
try
{
conn.connect();
status_code = conn.getResponseCode();
}catch (IOException e) {
...
}
我真的开始认为HttpUrlConnection不支持NTLM挑战。我看到一些库似乎可以完成这项工作,但我不想使用外部库
有人能确认在没有外部LIB的情况下是否可以让HttpUrlConnection处理NTLM质询吗?我只能通过设置下面的AuthScheme和库来使它与HttpClient一起工作:
然后在JCIFS引擎和工厂中实现。您可以在HttpUrlConnection与NTLM中找到示例,使用库只需进行一些小的调整,例如删除您不需要的smb java代码并修复检索响应代码。我们仍然可以使用HttpsURLConnection使其工作-定义身份验证程序并绕过证书验证(信任所有证书) 包com.infosec.utils
import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.Authenticator;
import java.net.CookieHandler;
import java.net.CookieManager;
import java.net.CookiePolicy;
import java.net.PasswordAuthentication;
import java.net.URL;
import java.net.URLConnection;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
public class SSLConnect {
public static void main(String[] args) throws Exception {
String urlString = System.getProperty("url", "https://yourURLgoesHere:8443/test?");
CookieHandler.setDefault(new CookieManager(null, CookiePolicy.ACCEPT_ALL));
Authenticator.setDefault(new MyAuthenticator("domainname\\yourname", "yourpassword"));
URL url = new URL(urlString);
URLConnection urlConnection = url.openConnection();
HttpsURLConnection httpsUrlConnection = (HttpsURLConnection) urlConnection;
SSLSocketFactory sslSocketFactory = createTrustAllSslSocketFactory();
httpsUrlConnection.setSSLSocketFactory(sslSocketFactory);
try (InputStream inputStream = httpsUrlConnection.getInputStream()) {
BufferedReader reader = new BufferedReader(new InputStreamReader(inputStream));
String line = null;
while ((line = reader.readLine()) != null) {
// if you want to print the content
System.out.println(line);
}
}
}
// Trust any Server that provides the SSL certificate by bypassing trust managers
private static SSLSocketFactory createTrustAllSslSocketFactory() throws Exception {
TrustManager[] byPassTrustManagers = new TrustManager[] { new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
public void checkClientTrusted(X509Certificate[] chain, String authType) {
}
public void checkServerTrusted(X509Certificate[] chain, String authType) {
}
} };
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, byPassTrustManagers, new SecureRandom());
return sslContext.getSocketFactory();
}
}
// Authenticator which intercepts and provide required credential
class MyAuthenticator extends Authenticator {
private String httpUsername;
private String httpPassword;
public MyAuthenticator(String httpUsername, String httpPassword) {
this.httpUsername = httpUsername;
this.httpPassword = httpPassword;
}
@Override
protected PasswordAuthentication getPasswordAuthentication() {
System.out.println("Scheme:" + getRequestingScheme());
return new PasswordAuthentication(httpUsername, httpPassword.toCharArray());
}
}
感谢是的,看起来用当前的HttpURLConnection类无法做到这一点。Regards@NLemay我有一个类似的情况,我现在必须重新考虑。一旦您成功地进行了身份验证,需要添加什么标头,或者需要做什么来“保持”整个会话的连接?我在这里写了一个详细的问题:@whyoz我刚才看了你的问题,但我没有使用你的库,所以我没有任何线索。但你试过eplozada的解决方案吗?HttpClient是一个广泛使用的库,您将从中获得更多帮助。但实际上我自己并没有尝试,我只是决定不支持Android上的NTLM。@NLemay是的,最终我可以进行身份验证并获得200状态,但我如何保持这种状态?我可以用eplozada的代码进行身份验证,但这并不能“永远”打开连接。关于这个问题有什么想法吗?在androidAn的httpsurlconnection中,有没有其他方法可以使用HttpURLConnection和jcifs对NTLM auth头进行身份验证。如果您找到任何解决方案,请联系我们
import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.Authenticator;
import java.net.CookieHandler;
import java.net.CookieManager;
import java.net.CookiePolicy;
import java.net.PasswordAuthentication;
import java.net.URL;
import java.net.URLConnection;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
public class SSLConnect {
public static void main(String[] args) throws Exception {
String urlString = System.getProperty("url", "https://yourURLgoesHere:8443/test?");
CookieHandler.setDefault(new CookieManager(null, CookiePolicy.ACCEPT_ALL));
Authenticator.setDefault(new MyAuthenticator("domainname\\yourname", "yourpassword"));
URL url = new URL(urlString);
URLConnection urlConnection = url.openConnection();
HttpsURLConnection httpsUrlConnection = (HttpsURLConnection) urlConnection;
SSLSocketFactory sslSocketFactory = createTrustAllSslSocketFactory();
httpsUrlConnection.setSSLSocketFactory(sslSocketFactory);
try (InputStream inputStream = httpsUrlConnection.getInputStream()) {
BufferedReader reader = new BufferedReader(new InputStreamReader(inputStream));
String line = null;
while ((line = reader.readLine()) != null) {
// if you want to print the content
System.out.println(line);
}
}
}
// Trust any Server that provides the SSL certificate by bypassing trust managers
private static SSLSocketFactory createTrustAllSslSocketFactory() throws Exception {
TrustManager[] byPassTrustManagers = new TrustManager[] { new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
public void checkClientTrusted(X509Certificate[] chain, String authType) {
}
public void checkServerTrusted(X509Certificate[] chain, String authType) {
}
} };
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, byPassTrustManagers, new SecureRandom());
return sslContext.getSocketFactory();
}
}
// Authenticator which intercepts and provide required credential
class MyAuthenticator extends Authenticator {
private String httpUsername;
private String httpPassword;
public MyAuthenticator(String httpUsername, String httpPassword) {
this.httpUsername = httpUsername;
this.httpPassword = httpPassword;
}
@Override
protected PasswordAuthentication getPasswordAuthentication() {
System.out.println("Scheme:" + getRequestingScheme());
return new PasswordAuthentication(httpUsername, httpPassword.toCharArray());
}
}