对于具有NTLM身份验证的http请求，使用Apache HttpComponents [英] Using Apache HttpComponents for http requests with NTLM authentication

问题描述

快速背景。

CFHTTP不支持Windows NTLM /验证身份验证，仅支持基本身份验证。我需要做出http请求，必须对NTLM进行身份验证，所以我最终滚动了我自己的版本的CFHTTP。

CFHTTP doesn't support Windows NTLM/Authenticate authentication, only basic authentication. I need to make http requests that will have to authenticate against NTLM, so I've ended up rolling my own version of CFHTTP.

我发现 Terry Ryan的文章，它使用apache httpclient版本3.1来执行摘要身份验证，并已构建使用版本4.1.2，而包括NTLM功能。

I found Terry Ryan's article that uses the apache httpclient version 3.1 to perform digest authentication and have built upon that using version 4.1.2 instead which includes NTLM functionality.

我有一个函数将执行一个get请求，然后其他函数处理返回一个结构，看起来像cfhttp结果集。我所做的更改是基于身份验证教程示例< a>。

I have a function that will perform a get request and then other functions to handle returning a structure that looks like the cfhttp result set. The changes I made are based on the authentication tutorial example.

public any function httpRequest(url,username,password,domain) {
    var httpClient = createObject("java","org.apache.http.impl.client.DefaultHttpClient");
    var authScope = createObject("java","org.apache.http.auth.AuthScope");
    var httpCredentials = createObject("java","org.apache.http.auth.NTCredentials");
    var httpGet = createObject("java","org.apache.http.client.methods.HttpGet");
    var jURL = createObject("java", "java.net.URL").init(arguments.url);
    var host = jURL.getHost();
    var path = jURL.getPath();
    var httpHostTarget = createObject("java","org.apache.http.HttpHost").init(host,80,"http");
    var localContext = createObject("java","org.apache.http.protocol.BasicHttpContext");
    var httpContent = {};
    var response = '';

    if (len(arguments.username) and len(arguments.password) gt 0){
        httpCredentials.init(arguments.Username, arguments.password, cgi.remote_host,arguments.domain);
        httpClient.getCredentialsProvider().setCredentials(authScope.ANY, httpCredentials);
    }

    if (!Len(path)) path = "/";
    httpGet.init(path);

    response = httpClient.execute(httpHostTarget, httpget, localContext);

    httpContent = convertHttpClientResponseToCFHTTPFormat(response);

    httpClient.getConnectionManager().shutdown();

    return httpContent;
}

这样工作正常，直到我改变了函数执行身份验证。

This was working fine until I altered the function to perform the authentication.

不幸的是我现在得到了：

Unfortunately I'm now getting :

The execute method was not found.

没有指定方法名称和参数类型的方法，或者execute方法重载了ColdFusion无法可靠解码的参数类型。 ColdFusion发现2个匹配提供的参数的方法。如果这是一个Java对象，并且您验证该方法存在，请使用javacast函数来减少歧义。

Either there are no methods with the specified method name and argument types or the execute method is overloaded with argument types that ColdFusion cannot decipher reliably. ColdFusion found 2 methods that match the provided arguments. If this is a Java object and you verified that the method exists, use the javacast function to reduce ambiguity.

告诉HttpClient中只有一个匹配的execute（）函数用于传递给它的对象类，所以我有点困惑。 JavaCast不允许你转换为复杂的对象或超类型，所以没有工作。

As far as I can tell there is only one matching execute() function in HttpClient for the object classes passed to it, so I'm a little confused. JavaCast doesn't allow you to cast to complex objects or super types, so that didn't work.

任何人都可以建议我如何让这个工作？如何减少歧义？

Can anyone suggest how I can get this to work? How can I reduce the ambiguity?

推荐答案

看看错误，它在两个执行方法之间有困惑，参数。虽然我不知道为什么是...

Looking at the error, it's getting confused between two execute methods that have the same number of parameters. Although I don't know why it is...

无论如何，我发现了一个绕过错误的方法。它涉及将你之后的方法拉出类并直接调用它。如果ColdFusion对转换Java对象更满意，生活可能更容易。

Anyway, I found a way around the error. It involves pulling the method you're after out of the class and invoking it directly. If ColdFusion was happier with casting Java objects life might be easier.

//response = httpClient.execute(httpHostTarget, httpget, localContext);

classes = [httpHostTarget.getClass(), CreateObject('java', 'org.apache.http.HttpRequest').getClass(), CreateObject('java', 'org.apache.http.protocol.HttpContext').getClass()];
method = httpClient.getClass().getMethod('execute', classes);
params = [httpHostTarget, httpget, localContext];
response = method.invoke(httpClient, params);

还有另外一种方式

这篇关于对于具有NTLM身份验证的http请求，使用Apache HttpComponents的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！