如何对Java中的Exchange Web服务连接使用LDAP身份验证? [英] How to use LDAP authentication for the Exchange Web Services connection in Java?

问题描述

我试图编写一个Java应用程序来访问Exchange Web服务，以便阅读电子邮件.因此，我使用Microsoft提供的Exchange Web Services(EWS)Java API.

I try to write a Java application that access an Exchange Web Services in order to read emails. Thus, I use the Exchange Web Services (EWS) Java API provided by Microsoft.

我已经遇到了几个问题，最后我发现应该使用LDAP进行身份验证.不幸的是，我不确定该怎么做. EWS API是否允许配置要在连接到Exchange服务器时使用的身份验证方案?如果是，该如何配置?

I already had several issues with it, and I finally found that the authentication should be done using LDAP. Unfortunately, I'm not sure how to do such a thing. Does the EWS API allows to configure the authentication scheme to be used when connecting to the Exchange server ? If yes, how to configure that?

这是我用于连接的代码，但它使用默认的身份验证方案，即NTLM:

This is the code I use for connection, but it uses the default authentication scheme, i.e. NTLM:

String url = "https//my-server/EWS/exchange.asmx";
ExchangeService service = new ExchangeService(ExchangeVersion.Exchange2007_SP1);
service.setTraceEnabled(true);
service.setCredentials(new WebCredentials("user", "password"));
service.setUrl(url.toURI());

Mailbox mailbox = new Mailbox("foo@bar.com");
FolderId folder = new FolderId(WellKnownFolderName.Inbox, mailbox);
ItemView view = new ItemView(10);
view.getOrderBy().add(ItemSchema.DateTimeReceived, SortDirection.Descending);
FindItemsResults<Item> items = service.findItems(folder, view);

推荐答案

我们解决了此问题.实际上，我们有2种解决方案:

We resolved this issue. In fact, we had 2 solutions for that:

在Microsft EWS API中，类NTLM是错误的.因此，我们使用该类的以下代码重新构建了JAR:

In the Microsft EWS API, the class NTLM was wrong. So we re-built the JAR with the following code for the class:

private class NTLM {
    /** Character encoding */
    public static final String DEFAULT_CHARSET = "ASCII";

    /**
    * The character was used by 3.x's NTLM to encode the username and
    * password. Apparently, this is not needed in when passing username,
    * password from NTCredentials to the JCIFS library
    */
    private String credentialCharset = DEFAULT_CHARSET;

    void setCredentialCharset(String credentialCharset) {
           this.credentialCharset = credentialCharset;
    }

    private static final int TYPE_1_FLAGS = NtlmFlags.NTLMSSP_NEGOTIATE_NTLM
                 | NtlmFlags.NTLMSSP_NEGOTIATE_UNICODE
                 | NtlmFlags.NTLMSSP_NEGOTIATE_NTLM2;

    private String generateType1Msg(String host, String domain) {
           jcifs.ntlmssp.Type1Message t1m = new jcifs.ntlmssp.Type1Message(
                        TYPE_1_FLAGS, domain, host);
           return jcifs.util.Base64.encode(t1m.toByteArray());
    }

    private String generateType3Msg(String username, String password,
                 String host, String domain, String challenge) {
           jcifs.ntlmssp.Type2Message t2m;
           try {
                 t2m = new jcifs.ntlmssp.Type2Message(
                               jcifs.util.Base64.decode(challenge));
           } catch (IOException e) {
                 throw new RuntimeException("Invalid Type2 message", e);
           }

           final int type2Flags = t2m.getFlags();
           final int type3Flags = type2Flags
                        & (0xffffffff ^ (NtlmFlags.NTLMSSP_TARGET_TYPE_DOMAIN | NtlmFlags.NTLMSSP_TARGET_TYPE_SERVER));

           jcifs.ntlmssp.Type3Message t3m = new jcifs.ntlmssp.Type3Message(
                        t2m, password, domain, username, host, type3Flags);
           return jcifs.util.Base64.encode(t3m.toByteArray());
    }
}

另一种解决方案是使用 JWebServices 库(商业).

Another solution is to use the JWebServices library (commercial).

这篇关于如何对Java中的Exchange Web服务连接使用LDAP身份验证?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！