dov*_*mir 6 java authentication rest kerberos sharepoint-2010
我有一个linux\java6客户端,它将使用NTLM对sharepoint2010进行身份验证,然后使用Apache Commons发送HTTP REST Web服务HttpClient.
我可以使用NTLM执行此操作,但我想使用相同的REST API来访问使用kerberos身份验证的sharepoint 2010.
有关如何使用kerberos sharepoint通过HTTP进行身份验证和发送REST的任何示例?(最好使用HttpClient)
ps我没有访问sharepoint代码,但我确实可以访问sharepoint管理员配置.这大致是我使用NTLM进行身份验证的方式:
HttpClient httpClient = new HttpClient(new SimpleHttpConnectionManager(true));
AuthPolicy.registerAuthScheme(AuthPolicy.NTLM, JCIFS_NTLMScheme.class);
String localHostName = Inet4Address.getLocalHost().getHostName();
authscope = new AuthScope(uri.getHost(), AuthScope.ANY_PORT);
httpClient.getState().setCredentials(authscope,new NTCredentials(
getUsername(),getPassword(),localHostName,getDomain()));
// after the initial ntlm auth I can call my REST service with "httpClient.executeMethod"
int status = httpClient.executeMethod(new GetMethod(accessURI + "/sitecollection/info"));
请确认您的环境已正确设置 Kerberos,这可以通过运行 kinit 来实现。如果失败,您需要确保您的 krb5.ini (windows) 或 krb5.conf (linux) 设置为正确指向您的域控制器。
确认 Kerberos 正常运行后,您可以使用 HttpClient 中的示例代码,如下所示。
请注意,有许多问题可能导致 Kerberos 失败,例如时间同步、支持的加密类型、跨域林的信任关系,并且还值得确保您的客户端位于与服务器不同的盒子上。
以下是 HttpClient 下载中提供的示例代码,您需要确保您的 JAAS 配置和 krb5.conf 或 ini 正确!
public class ClientKerberosAuthentication {
public static void main(String[] args) throws Exception {
System.setProperty("java.security.auth.login.config", "login.conf");
System.setProperty("java.security.krb5.conf", "krb5.conf");
System.setProperty("sun.security.krb5.debug", "true");
System.setProperty("javax.security.auth.useSubjectCredsOnly","false");
DefaultHttpClient httpclient = new DefaultHttpClient();
try {
httpclient.getAuthSchemes().register(AuthPolicy.SPNEGO, new SPNegoSchemeFactory());
Credentials use_jaas_creds = new Credentials() {
public String getPassword() {
return null;
}
public Principal getUserPrincipal() {
return null;
}
};
httpclient.getCredentialsProvider().setCredentials(
new AuthScope(null, -1, null),
use_jaas_creds);
HttpUriRequest request = new HttpGet("http://kerberoshost/");
HttpResponse response = httpclient.execute(request);
HttpEntity entity = response.getEntity();
System.out.println("----------------------------------------");
System.out.println(response.getStatusLine());
System.out.println("----------------------------------------");
if (entity != null) {
System.out.println(EntityUtils.toString(entity));
}
System.out.println("----------------------------------------");
// This ensures the connection gets released back to the manager
EntityUtils.consume(entity);
} finally {
// When HttpClient instance is no longer needed,
// shut down the connection manager to ensure
// immediate deallocation of all system resources
httpclient.getConnectionManager().shutdown();
}
}
}
| 归档时间: |
|
| 查看次数: |
7789 次 |
| 最近记录: |