我正在尝试使用Apache/Jakarta HttpClient 4.1.1使用给定的凭据连接到任意网页.为了测试这一点,我在运行的dev机器上安装了最少的IIS 7.5,其中一次只有一种身份验证模式处于活动状态.基本身份验证工作正常,但每当我尝试登录时,Digest和NTLM都会返回401错误消息.这是我的代码:
DefaultHttpClient httpclient = new DefaultHttpClient();
HttpContext localContext = new BasicHttpContext();
HttpGet httpget = new HttpGet("http://localhost/");
CredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(AuthScope.ANY,
new NTCredentials("user", "password", "", "localhost"));
if (!new File(System.getenv("windir") + "\\krb5.ini").exists()) {
List<String> authtypes = new ArrayList<String>();
authtypes.add(AuthPolicy.NTLM);
authtypes.add(AuthPolicy.DIGEST);
authtypes.add(AuthPolicy.BASIC);
httpclient.getParams().setParameter(AuthPNames.PROXY_AUTH_PREF,
authtypes);
httpclient.getParams().setParameter(AuthPNames.TARGET_AUTH_PREF,
authtypes);
}
localContext.setAttribute(ClientContext.CREDS_PROVIDER, credsProvider);
HttpResponse response = httpclient.execute(httpget, localContext);
System.out.println("Response code: " + response.getStatusLine());
我在Fiddler中注意到的一件事是Firefox和HttpClient发送的哈希值不同,这让我觉得IIS 7.5可能比HttpClient提供更强的哈希值?有任何想法吗?如果我能够验证这适用于NTLM,那就太棒了.摘要也会很好,但如果有必要,我可以不用它.