使用当前用户的凭据进行javamail NTLM身份验证 [英] javamail NTLM authentication using credentials of current user
问题描述
如何在不指定用户名和密码的情况下,通过NTLM身份验证将JavaMail API用于Exchange服务器,而是自动使用当前登录用户的凭据? (单点登录")
How can I use the JavaMail API with NTLM authentication to an Exchange server without having to specify user name and password but instead automatically use the credentials of the currently logged-in user? ("single sign on")
我的目的是让我的客户端程序(在公司网络中的Windows计算机上运行)能够发送电子邮件,而不必指定凭据,也不必出于安全考虑而允许中继网络中的计算机. (最后,我想结合使用log4j的SmtpAppender和系统属性覆盖来执行此操作,但是我在下面创建了SSCCE来调试问题.)
My intention is to let my client program (which runs on Windows machines in my company's network) to be able to send email without having to specify credentials and without having to allow relay for computers in the network due to security concerns. (In the end I would like to do this with log4j's SmtpAppender in combination with system property overrides, but I creating the SSCCE below to debug the issue.)
如果我指定了用户名和与其对应的有效Windows密码,我就能成功地使用NTLM身份验证发送电子邮件:
I AM able to successfully use NTLM authentication to send email if I specify the user name and the valid Windows password corresponding to it:
import java.util.Properties;
import javax.mail.Message;
import javax.mail.MessagingException;
import javax.mail.PasswordAuthentication;
import javax.mail.Session;
import javax.mail.Transport;
import javax.mail.internet.InternetAddress;
import javax.mail.internet.MimeMessage;
public class MailTest {
public static void main(String[] args) {
String from = "myusername@mydomain.nl";
String to = "anotherusername@mydomain.nl";
Properties props = new Properties();
props.put("mail.smtp.auth", "true");
props.put("mail.smtp.starttls.enable", "true");
props.put("mail.smtp.host", "myserver.mydomain");
props.put("mail.debug", "true");
props.put("mail.smtp.auth.mechanisms", "NTLM");
props.put("mail.smtp.auth.ntlm.domain", "mydomain");
final String username = "myusername";
final String password = "mypassword";
Session session =
Session.getInstance(props, new javax.mail.Authenticator() {
@Override
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication(username, password);
}
});
try {
Message message = new MimeMessage(session);
message.setFrom(new InternetAddress(from));
message.setRecipients(Message.RecipientType.TO,
InternetAddress.parse(to));
message.setSubject("Testing!");
message.setText("Hello world!");
Transport.send(message);
System.out.println("Sent message successfully");
} catch (MessagingException e) {
throw new RuntimeException(e);
}
}
}
当我使用空白密码时,javax.mail.Authentication会失败 FailedException:535 5.7.3身份验证失败.
When I use a blank password this fails with javax.mail.Authentication FailedException: 535 5.7.3 Authentication unsuccessful.
当我替换代码以简单地创建会话时:
When I replace the code to create a Session with simply:
Session session = Session.getInstance(props);
然后抛出以下异常,我从调试输出中可以看到没有尝试连接到服务器:
then the following exception is thrown and I can see from the debug output that no attempt is made to connect to the server:
Exception in thread "main" java.lang.RuntimeException: javax.mail.Authentication
FailedException: failed to connect, no password specified?
at MailTest.main(MailTest.java:51)
Caused by: javax.mail.AuthenticationFailedException: failed to connect, no passw
ord specified?
at javax.mail.Service.connect(Service.java:329)
at javax.mail.Service.connect(Service.java:176)
at javax.mail.Service.connect(Service.java:125)
at javax.mail.Transport.send0(Transport.java:194)
at javax.mail.Transport.send(Transport.java:124)
推荐答案
我不确定如果没有用户名和密码,是否有任何方法可以做到这一点.可能您可以编写一些Windows特定的代码,这些代码可以从本地身份验证服务中检索用户名和密码,然后将其传递给JavaMail. JavaMail本身当然无法做到这一点.
I'm not sure there's any way to do this without having the username and password. Possibly you can write some Windows-specific code that can retrieve the username and password from the local authentication service and then pass that in to JavaMail. JavaMail itself certainly has no way to do this.
此外,您可能希望升级到JavaMail 1.5.2,尽管它不能帮助您解决此问题.
Also, you might want to upgrade to JavaMail 1.5.2, although it won't help you with this problem.
这篇关于使用当前用户的凭据进行javamail NTLM身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
