针对Exchange 2010 Web服务的NTLM身份验证 [英] NTLM authentication against Exchange 2010 Web Services
问题描述
Hello All
尝试使用针对Exchange 2010 Web服务的NTLM方案进行身份验证时遇到问题。但是相同的代码可以很好地对抗EWS 2007.
我尝试为EWS 2007和EWS 2010使用不同的库,但问题仍然存在。
b b b b b b b b b b b b b b b b b b b b b b b b b 11 [s] Oakland Software Java HTTP Client 2.6.1
11:23:53,171 INFO [HttpMethodDirector]使用NTLM进行身份验证失败< any realm> @ 172.16.15.145:443
11:23:53,250 INFO [HTTPSender]无法将viaPost发送到网址[https://172.16.15.145:443/ews/exchange.asmx]
org.apache.axis2.AxisFault:传输错误:401错误:未经授权
在org.apache.axis2.transport.http.HTTPSender.handleResponse(HTTPSender.java:298)
at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:192)
在org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:327)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:206)
在org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:396)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:374)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:211)
在org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
at com.microsoft.schemas.exchange.services._2006.messages.ExchangeWebServiceStub.FindFolder(ExchangeWebServiceStub.java:1060)
... ...
和调试日志碎片
11:23:50,562 DEBUG [DefaultHttpParams]设置参数http.connection.timeout = 30000
11:23:50,562 DEBUG [DefaultHttpParams]设置参数http.socket.timeout = 30000
11:23:50,562 DEBUG [DefaultHttpParams] ]设置参数http.socket.timeout = 30000
11:23:50,765 DEBUG [SOAPMessageFormatter] contentType来自OMOutputFormat = text / xml
11:23:50,765 DEBUG [ SOAPMessageFormatter] contentType returns = text / xml; charset = UTF-8
11:23:50,781 DEBUG [DefaultHttpParams]设置参数http.authentication.preemptive = false
11:23:50,781 DEBUG [DefaultHttpParams]设置参数http.auth.scheme-priority = [NTLM]
11:23:50,812 DEBUG [MultiThreadedHttpConnectionManager] HttpConnectionManager.getConnection: config = HostConfiguration [host = https://172.16.15.145],timeout = 0
11:23:50,812 DEBUG [MultiThreadedHttpConnectionManager]分配新连接,hostConfig = HostConfiguration [host = https://172.16 .15.145]
$
11:23:50,828 DEBUG [HttpConnection]打开与172.16.15.145:443的连接
11:23:52,546 DEBUG [InvokerRegistry]减少SocketClientInvoker [1257f0e, socket://172.16.21.106:3873]的计数,当前计数2
11:23:52,562 DEBUG [header]>> " POST /ews/exchange.asmx HTTP / 1.1 [\ r] [\ n]"
11:23:52,593 DEBUG [SOAPMessageFormatter] start getBytes()
11:23:52,593 DEBUG [SOAPMessageFormatter] isOptimized = false
11:23:52,593 DEBUG [SOAPMessageFormatter] isDoingSWA = false
11:23:52,609 DEBUG [StAXUtils] XMLStreamWriter是com.ctc.wstx.sw.SimpleNsStreamWriter
11:23:52,625 DEBUG [SOAPMessageFormatter] end getBytes ()$
11:23:52,625 DEBUG [header]>> "Content-Type:text / xml; charset = UTF-8 [\ r] [\ n]"
$
11:23:52,625 DEBUG [header]>> " SOAPAction:" http://schemas.microsoft.com/exchange/services/2006/messages/FindFolder" [\ r] [\ n]"
$
11:23: 52,625 DEBUG [header]>> "User-Agent:Axis2 [\ r] [\ n]"
11:23:52,625 DEBUG [header]>> "主持人:172.16.15.145 [\ r] [\ n]"
11:23:52,625 DEBUG [header]>> "Content-Length:804 [\ r] [\ n]"
11:23:52,625 DEBUG [header]>> "[\ r] [\ n]"
11:23:52,625 DEBUG [content]>> "<?xml version ='1.0'coding ='UTF-8'?>< soapenv:Envelope xmlns:soapenv =" http://schemas.xmlsoap.org/soap/envelope/"> < soapenv:Header>< RequestServerVersion xmlns =" http://schemas.microsoft.com/exchange/services/2006/types"
soapenv:mustUnderstand =" 0"版本= QUOT; Exchange2010" />< / soapenv:标题>< soapenv:正文>< FindFolder xmlns =" http://schemas.microsoft.com/exchange/services/2006/messages" Traversal =" Shallow">< FolderShape>< BaseShape
xmlns =" http://schemas.microsoft.com/exchange/services/2006/types"> IdOnly< / BaseShape>< / FolderShape>< ParentFolderIds>< DistinguishedFolderId xmlns =" http://schemas.microsoft.com/exchange/services/2006/types" ID = QUOT;收件箱"><邮箱和GT;< EmailAddress的> ex2k10user1@dev.test.local< / EmailAddress的>< /邮箱和GT;< / DistinguishedFolderId>< / ParentFolderIds>< / FindFolder>< / soapenv:Body>< / soapenv:Envelope>"
$
11:23:52,718 DEBUG [EasyX509TrustManager]服务器证书链:
11:23:52,734 DEBUG [EasyX509TrustManager ] X509Certificate [0] = [
[
...
]
11:23:52,843 DEBUG [EntityEnclosingMethod]发送请求主体
11:23:52,921 DEBUG [header]<< " HTTP / 1.1 401 Unauthorized [\ r] [\ n]"
11:23:52,921 DEBUG [header]<< " HTTP / 1.1 401 Unauthorized [\ r] [\ n]"
11:23:52,921 DEBUG [header]<< "Cache-Control:private [\ r] [\ n]"
11:23:52,921 DEBUG [header]<< "服务器:Microsoft-IIS / 7.5 [\ r] [\ n]"
11:23:52,921 DEBUG [header]<< "X-AspNet-Version:2.0.50727 [\ r] [\ n]"
11:23:52,921 DEBUG [header]<< "Set-Cookie:exchangecookie = a341859073674927920e466154005b4c; expires = Fri,29-Apr-2011 08:22:25 GMT;路径= /; HttpOnly [\ r] [\ n]"
$
11:23:52,921 DEBUG [header]<< "WWW-Authenticate:Negotiate [\ r] [\ n]"
11:23:52,921 DEBUG [header]<< "WWW-Authenticate:NTLM [\ r] [\ n]"
11:23:52,921 DEBUG [header]<< "WWW-Authenticate:Basic realm =" 172.16.15.145"[\ r] [\ n]"
$
11:23:52,937 DEBUG [header]<< "X-Powered-By:ASP.NET [\ r] [\ n]"
11:23:52,937 DEBUG [header]<< "日期:星期四,2010年4月29日08:22:25 GMT [\ r] [\ n]"
$
11:23:52,937 DEBUG [header]<< "Content-Length:0 [\ r] [\ n]"
11:23:52,937 DEBUG [header]<< " [\ r] [\ n]"
$
11:23:52,937 DEBUG [CookieSpec]无法识别的Cookie属性:name = HttpOnly,value = null
11:23:52,937 DEBUG [HttpMethodDirector]需要授权
...
$
设置认证参数我使用以下代码片段:
HttpTransportProperties.Authenticator auth = new HttpTransportProperties.Authenticator();
auth.setUsername(userName);
auth.setPassword(密码);
auth.setDomain(domain);
auth.setHost(server);
auth.setAuthSchemes(Arrays.asList(new String [] {" NTLM"}));
$
; com.oaklandsw.http.HttpURLConnection.setMultiCredentialsPerAddress(true);
$
选项opt = ews._getServiceClient()。getOptions();
opt.setProperty(HTTPConstants.CHUNKED,false);
opt.setProperty(HTTPConstants.AUTHENTICATE,auth);
ews._getServiceClient()。setOptions(opt);
... ...
$
任何帮助都将受到赞赏。
您好,
您是否找到了解决问题的方案?
我遇到同样的问题,使用Exchange Server 2007我的应用程序有效,但不使用Exchange 2010!
对于我正在使用Axis 1.5的web服务。
如果你能,我会很高兴的帮助我。
Bernd
&NBSP;
Hello All
I have an issue while trying to authenticate using NTLM scheme against Exchange 2010 Web-Services. But same code works fine against EWS 2007.
I was try to use different libraries for EWS 2007 and EWS 2010, but the problem remains.
Here's exception
11:23:48,250 INFO [s] Oakland Software Java HTTP Client 2.6.1
11:23:53,171 INFO [HttpMethodDirector] Failure authenticating with NTLM <any realm>@172.16.15.145:443
11:23:53,250 INFO [HTTPSender] Unable to sendViaPost to url[https://172.16.15.145:443/ews/exchange.asmx]
org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized
at org.apache.axis2.transport.http.HTTPSender.handleResponse(HTTPSender.java:298)
at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:192)
at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:327)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:206)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:396)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:374)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:211)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
at com.microsoft.schemas.exchange.services._2006.messages.ExchangeWebServiceStub.FindFolder(ExchangeWebServiceStub.java:1060)
...
and fragmet of debug log
11:23:50,562 DEBUG [DefaultHttpParams] Set parameter http.connection.timeout = 30000
11:23:50,562 DEBUG [DefaultHttpParams] Set parameter http.socket.timeout = 30000
11:23:50,562 DEBUG [DefaultHttpParams] Set parameter http.socket.timeout = 30000
11:23:50,765 DEBUG [SOAPMessageFormatter] contentType from the OMOutputFormat =text/xml
11:23:50,765 DEBUG [SOAPMessageFormatter] contentType returned =text/xml; charset=UTF-8
11:23:50,781 DEBUG [DefaultHttpParams] Set parameter http.authentication.preemptive = false
11:23:50,781 DEBUG [DefaultHttpParams] Set parameter http.auth.scheme-priority = [NTLM]
11:23:50,812 DEBUG [MultiThreadedHttpConnectionManager] HttpConnectionManager.getConnection: config = HostConfiguration[host=https://172.16.15.145], timeout = 0
11:23:50,812 DEBUG [MultiThreadedHttpConnectionManager] Allocating new connection, hostConfig=HostConfiguration[host=https://172.16.15.145]
11:23:50,828 DEBUG [HttpConnection] Open connection to 172.16.15.145:443
11:23:52,546 DEBUG [InvokerRegistry] decremented SocketClientInvoker[1257f0e, socket://172.16.21.106:3873]'s count, current count 2
11:23:52,562 DEBUG [header] >> "POST /ews/exchange.asmx HTTP/1.1[\r][\n]"
11:23:52,593 DEBUG [SOAPMessageFormatter] start getBytes()
11:23:52,593 DEBUG [SOAPMessageFormatter] isOptimized=false
11:23:52,593 DEBUG [SOAPMessageFormatter] isDoingSWA=false
11:23:52,609 DEBUG [StAXUtils] XMLStreamWriter is com.ctc.wstx.sw.SimpleNsStreamWriter
11:23:52,625 DEBUG [SOAPMessageFormatter] end getBytes()
11:23:52,625 DEBUG [header] >> "Content-Type: text/xml; charset=UTF-8[\r][\n]"
11:23:52,625 DEBUG [header] >> "SOAPAction: "http://schemas.microsoft.com/exchange/services/2006/messages/FindFolder"[\r][\n]"
11:23:52,625 DEBUG [header] >> "User-Agent: Axis2[\r][\n]"
11:23:52,625 DEBUG [header] >> "Host: 172.16.15.145[\r][\n]"
11:23:52,625 DEBUG [header] >> "Content-Length: 804[\r][\n]"
11:23:52,625 DEBUG [header] >> "[\r][\n]"
11:23:52,625 DEBUG [content] >> "<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Header><RequestServerVersion xmlns="http://schemas.microsoft.com/exchange/services/2006/types"
soapenv:mustUnderstand="0" Version="Exchange2010" /></soapenv:Header><soapenv:Body><FindFolder xmlns="http://schemas.microsoft.com/exchange/services/2006/messages" Traversal="Shallow"><FolderShape><BaseShape
xmlns="http://schemas.microsoft.com/exchange/services/2006/types">IdOnly</BaseShape></FolderShape><ParentFolderIds><DistinguishedFolderId xmlns="http://schemas.microsoft.com/exchange/services/2006/types" Id="inbox"><Mailbox><EmailAddress>ex2k10user1@dev.test.local</EmailAddress></Mailbox></DistinguishedFolderId></ParentFolderIds></FindFolder></soapenv:Body></soapenv:Envelope>"
11:23:52,718 DEBUG [EasyX509TrustManager] Server certificate chain:
11:23:52,734 DEBUG [EasyX509TrustManager] X509Certificate[0]=[
[
...
]
11:23:52,843 DEBUG [EntityEnclosingMethod] Request body sent
11:23:52,921 DEBUG [header] << "HTTP/1.1 401 Unauthorized[\r][\n]"
11:23:52,921 DEBUG [header] << "HTTP/1.1 401 Unauthorized[\r][\n]"
11:23:52,921 DEBUG [header] << "Cache-Control: private[\r][\n]"
11:23:52,921 DEBUG [header] << "Server: Microsoft-IIS/7.5[\r][\n]"
11:23:52,921 DEBUG [header] << "X-AspNet-Version: 2.0.50727[\r][\n]"
11:23:52,921 DEBUG [header] << "Set-Cookie: exchangecookie=a341859073674927920e466154005b4c; expires=Fri, 29-Apr-2011 08:22:25 GMT; path=/; HttpOnly[\r][\n]"
11:23:52,921 DEBUG [header] << "WWW-Authenticate: Negotiate[\r][\n]"
11:23:52,921 DEBUG [header] << "WWW-Authenticate: NTLM[\r][\n]"
11:23:52,921 DEBUG [header] << "WWW-Authenticate: Basic realm="172.16.15.145"[\r][\n]"
11:23:52,937 DEBUG [header] << "X-Powered-By: ASP.NET[\r][\n]"
11:23:52,937 DEBUG [header] << "Date: Thu, 29 Apr 2010 08:22:25 GMT[\r][\n]"
11:23:52,937 DEBUG [header] << "Content-Length: 0[\r][\n]"
11:23:52,937 DEBUG [header] << "[\r][\n]"
11:23:52,937 DEBUG [CookieSpec] Unrecognized cookie attribute: name=HttpOnly, value=null
11:23:52,937 DEBUG [HttpMethodDirector] Authorization required
...
To setup authentication parameters I use following fragment of code:
HttpTransportProperties.Authenticator auth = new HttpTransportProperties.Authenticator();
auth.setUsername(userName);
auth.setPassword(password);
auth.setDomain(domain);
auth.setHost(server);
auth.setAuthSchemes(Arrays.asList(new String[] {"NTLM"}));
com.oaklandsw.http.HttpURLConnection.setMultiCredentialsPerAddress(true);
Options opt = ews._getServiceClient().getOptions();
opt.setProperty(HTTPConstants.CHUNKED, false);
opt.setProperty(HTTPConstants.AUTHENTICATE, auth);
ews._getServiceClient().setOptions(opt);
...
Any help will be appreciated.
Hi,
have you found a solution for your problem?
I have the same issue, with Exchange Server 2007 my app works, but with Exchange 2010 not!
For the webservice I'm using Axis 1.5.
I will be pretty happy if you can help me.
Bernd
这篇关于针对Exchange 2010 Web服务的NTLM身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
