授权失败TIdHTTP over HTTPS [英] Authorization failure TIdHTTP over HTTPS
本文介绍了授权失败TIdHTTP over HTTPS的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
因此,THTPPRIO似乎有点过分。
我正在尝试TIdHTTP,但我坚持认证;使用Delphi XE2更新4与Indy 10.5.8.0
这里是代码:
idHTTP1.Request.CustomHeaders.AddValue('SOAPAction','http://schemas.microsoft.com/exchange/services/2006/messages/ResolveNames);
IdHTTP1.Post('https://webmail.mailserver.nl/ews/exchange.asmx',TSRequest,TSResponse);
- TSRequest,TSResponse是UTF-8 TStringStreams,TSRequest包含
整个SOAP信封 - IdHTTP1.IOHandler设置为
TIdSSLIOHandlerSocketOpenSSL,根据这个建议
TIdSSLIOHandlerSocketOpenSSL.Intercept链接到一个TIdLogDebug,所以
,我可以调试发生了什么 - OpenSSL DLL存在于DLL搜索路径中
- EWS要NTLM验证; TIdNTLMAuthentication在uses子句中;我有
set idHTTP1.Request.BasicAuthentication = false,用户名和
密码填写 - IdHTTP1.OnSelectAuthorization事件确认NTLM auth
(参数AuthenticationClass = TIdSSPINTLMAuthentication,
AuthInfo TIdHeaderList包含协商,NTLM) - 没有代理。我通过 Fiddler 代理,看看什么是
,但这并没有什么不同。 li>
我还尝试设置用户/ PW运行时:
procedure TForm1.IdHTTP1Authorization(Sender:TObject; Authentication:TIdAuthentication; var Handled:Boolean);
begin
Authentication.Username:='bob@domain.nl';
Authentication.Password:='password';
处理:= true;
结束
发送HTTP(从TIdLogDebug.OnSend)开始于:
POST /ews/exchange.asmx HTTP / 1.1
内容类型:text / xml; charset = utf-8
内容长度:562
SOAPAction:http://schemas.microsoft.com/exchange/services/2006/messages/ResolveNames
主机:webmail.mailserver .nl
接受:text / html,* / *
接受编码:gzip,deflate,identity
用户代理:Mozilla / 3.0(兼容; Indy Library)
< soapenv:Envelope
收到的HTTP(来自TIdLogDebug.OnReceive)是
HTTP / 1.1 401未授权的
缓存控制:私人
服务器:Microsoft-IIS / 7.5
X-AspNet版本:2.0.50727
Set-Cookie:exchecookie = 0157734634ba4a0fa3a7d0d8efb602f2; expires =星期二,2013年11月12日13:38:56 GMT; path = /; HttpOnly
WWW验证:协商
WWW验证:NTLM
X-Powered By:ASP.NET
日期:2012年11月12日13:38:56 GMT
内容长度:0
TIdSSLIOHandlerSocketOpenSSL.OnStatusInfo事件日志
SSL状态:之前/连接初始化
SSL状态:之前/连接初始化
SSL状态:SSLv3写入客户端hello A
SSL状态:SSLv3读服务器hello A
SSL状态:SSLv3读服务器证书
SSL状态:SSLv3读服务器完成
SSL状态:SSLv3写客户端密钥交换A
SSL状态:SSLv3写更改密码规范A
SSL状态:SSLv3写入完成
SSL状态:SSLv3刷新数据
SSL状态:SSLv3读取完成A
SSL状态:SSL协商成功完成
SSL状态:SSL协商成功完成
密码:name = AES128-SHA ;描述= AES128-SHA SSLv3 Kx = RSA Au = RSA Enc = AES(128)Mac = SHA1
;位= 128; version = TLSv1 / SSLv3;
在输出HTTP中我想念的是像(例如由 SOAPUI ):
授权: NTLM TlRMTVNTUAABAAAANQIIIBQAFAAYAAAAEgASACAAAABWAE0ASgBBAE4AVABUADcANABUAEkATQBFAFQARQBMAEwAQgBWAA == [\r] [\\\
]
也许我没有指定用户名/密码在正确的地方?
在Remy的初始答案之后添加了11月13日:
为了比较,我从SOAPUI调用webservice,这显示了 6个数据包,在此行上有两次响应UnAuthorized。
>> POST /ews/exchange.asmx HTTP / 1.1 [\r] [\\\
]
>> Accept-Encoding:gzip,deflate [\r] [\\\
]
>> SOAPAction:http://schemas.microsoft.com/exchange/services/2006/messages/ResolveNames\"[\r][\\\
]
>> Content-Type:text / xml; charset = utf-8 [\r] [\\\
]
>> Content-Length:548 [\r] [\\\
]
>> host:webmail.timetellbv.nl [\r] [\\\
]
>> 连接:Keep-Alive [\r] [\\\
]
>> User-Agent:Apache-HttpClient / 4.1.1(java 1.5)[\r] [\\\
]
>> [\r] [\\\
]
>> < soapenv:Envelope [\\\
]
[snip]
>> < / soapenv:Envelope> [\\\
]
>> [\\\
]
< HTTP / 1.1 401未授权[\r] [\\\
]
< Cache-Control:private [\r] [\\\
]
< 服务器:Microsoft-IIS / 7.5 [\r] [\\\
]
<< X-AspNet-Version:2.0.50727 [\r] [\\\
]
<< Set-Cookie:exchecookie = a29f10ca2a6d484ea276737e87d8e733; expires = Wed,13-Nov-2013 10:47:33 GMT; path = /; HttpOnly [\r] [\\\
]
< WWW-Authenticate:Negotiate [\r] [\\\
]
<< WWW-Authenticate:NTLM [\r] [\\\
]
< X-Powered By:ASP.NET [\r] [\\\
]
<< 日期:星期二,2012年11月13日10:47:33 GMT [\r] [\\\
]
<< Content-Length:0 [\r] [\\\
]
< [\r] [\\\
]
>> POST / news/exchange.asmx HTTP / 1.1 [\r] [\\\
]
>> Accept-Encoding:gzip,deflate [\r] [\\\
]
>> SOAPAction:http://schemas.microsoft.com/exchange/services/2006/messages/ResolveNames\"[\r][\\\
]
>> Content-Type:text / xml; charset = utf-8 [\r] [\\\
]
>> Content-Length:548 [\r] [\\\
]
>> host:webmail.timetellbv.nl [\r] [\\\
]
>> 连接:Keep-Alive [\r] [\\\
]
>> User-Agent:Apache-HttpClient / 4.1.1(java 1.5)[\r] [\\\
]
>> Cookie:exchecookie = a29f10ca2a6d484ea276737e87d8e733 [\r] [\\\
]
>> Cookie2:$ Version = 1 [\r] [\\\
]
>> 授权:NTLM TlRMTVNTUAABAAAANQIIIBQAFAAyAAAAEgASACAAAABWAE0ASgBBAE4AVABUADcANABUAEkATQBFAFQARQBMAEwAQgBWAA == [\r] [\\\
]
>> [\r] [\\\
]
>> < soapenv:Envelope [\\\
]
[snip]
>> < / soapenv:Envelope> [\\\
]
>> [\\\
]
< HTTP / 1.1 401未授权[\r] [\\\
]
< 服务器:Microsoft-IIS / 7.5 [\r] [\\\
]
<< WWW身份验证:NTLM TlRMTVNTUAACAAAAFAAUADgAAAA1AokilFuJDu09j + sAAAAAAAAAAMAAwABMAAAABgGxHQAAAA9UAEkATQBFAFQARQBMAEwAQgBWAAIAFABUAEkATQBFAFQARQBMAEwAQgBWAAEAHABUAFQARQBYAEMASABBAE4ARwBFADIAMAAxADAABAAaAHQAaQBtAGUAdABlAGwAbABiAHYALgBuAGwAAwA4AFQAVABFAFgAQwBIAEEATgBHAEUAMgAwADEAMAAuAHQAaQBtAGUAdABlAGwAbABiAHYALgBuAGwABQAaAHQAaQBtAGUAdABlAGwAbABiAHYALgBuAGwABwAIADs8RkmMwc0BAAAAAA == [\r] [\\\
]
将< WWW-Authenticate:Negotiate [\r] [\\\
]
<< X-Powered By:ASP.NET [\r] [\\\
]
<< 日期:星期二,2012年11月13日10:47:33 GMT [\r] [\\\
]
<< Content-Length:0 [\r] [\\\
]
< [\r] [\\\
]
>> POST /ews/exchange.asmx HTTP / 1.1 [\r] [\\\
]
>> Accept-Encoding:gzip,deflate [\r] [\\\
]
>> SOAPAction:http://schemas.microsoft.com/exchange/services/2006/messages/ResolveNames\"[\r][\\\
]
>> Content-Type:text / xml; charset = utf-8 [\r] [\\\
]
>> Content-Length:548 [\r] [\\\
]
>> host:webmail.timetellbv.nl [\r] [\\\
]
>> 连接:Keep-Alive [\r] [\\\
]
>> User-Agent:Apache-HttpClient / 4.1.1(java 1.5)[\r] [\\\
]
>> Cookie:exchecookie = a29f10ca2a6d484ea276737e87d8e733 [\r] [\\\
]
>> Cookie2:$ Version = 1 [\r] [\\\
]
>> 授权:NTLM TlRMTVNTUAADAAAAGAAYAEAAAADsAOwAWAAAABQAFABEAQAAEgASAFgBAAASABIAagEAAAAAAAB8AQAANQIIIFEqBrpeBXvnS3dcDcbKGMQS3VgaBa9Bi9YvouCOFFWFjH84AhcR7fgBAQAAAAAAAECzkUmMwc0BEt1YGgWvQYsAAAAAAgAUAFQASQBNAEUAVABFAEwATABCAFYAAQAcAFQAVABFAFgAQwBIAEEATgBHAEUAMgAwADEAMAAEABoAdABpAG0AZQB0AGUAbABsAGIAdgAuAG4AbAADADgAVABUAEUAWABDAEgAQQBOAEcARQAyADAAMQAwAC4AdABpAG0AZQB0AGUAbABsAGIAdgAuAG4AbAAFABoAdABpAG0AZQB0AGUAbABsAGIAdgAuAG4AbAAHAAgAOzxGSYzBzQEAAAAAVABJAE0ARQBUAEUATABMAEIAVgBkAGUAdgBlAGwAbwBwAGUAcgBWAE0ASgBBAE4AVABUADcANAA = [\r] [\\\
]
个;> [\r] [\\\
]
>> < soapenv:Envelope [\\\
]
[snip]
>> < / soapenv:Envelope> [\\\
]
>> [\\\
]
< HTTP / 1.1 200 OK [\r] [\\\
]
< Cache-Control:private [\r] [\\\
]
< Transfer-Encoding:chunked [\r] [\\\
]
<< Content-Type:text / xml; charset = utf-8 [\r] [\\\
]
< 服务器:Microsoft-IIS / 7.5 [\r] [\\\
]
<< X-EwsPerformanceData:RpcC = 2; RpcL = 0; LdapC = 1; LdapL = 0; [\r] [\\\
]
< X-AspNet-Version:2.0.50727 [\r] [\\\
]
<< Persistent-Auth:true [\r] [\\\
]
<< X-Powered By:ASP.NET [\r] [\\\
]
<< 日期:星期二,2012年11月13日10:47:33 GMT [\r] [\\\
]
< [\r] [\\\
]
<< 877 [\r] [\\\
]
<< <?xml version =1.0encoding =utf-8?>< s:Envelope xmlns:s =http://schemas.xmlsoap.org/soap/envelope/>
[snip]
<< / s:Envelope>
<[\r] [\\\
]
<< 0 [\r] [\\\
]
<[\r] [\\\
]
所以从Delphi我只看到前2个数据包的交换奇怪的是,如果我再次点击我的'测试'按钮再次交换似乎继续? ?:
请求:
POST /ews/exchange.asmx HTTP / 1.1
内容类型:text / xml; charset = utf-8
内容长度:562
SOAPAction:http://schemas.microsoft.com/exchange/services/ 2006 / messages / ResolveNames
主机:webmail.timetellbv.nl
接受:text / html,* / *
接受编码:gzip,deflate,identity
用户代理:Mozilla / 3.0(兼容; Indy Library)
授权:NTLM TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAGAbEdAAAADw ==
< soapenv:E nvelope
[snip]
< / soapenv:Envelope>
回应:
code> HTTP / 1.1 401未授权
服务器:IIS / 7.5
WWW验证:NTLM TlRMTVNTUAACAAAAFAAUADgAAAAFgomiqrTrZnWjEdQAAAAAAAAAAMAAwABMAAAABgGxHQAAAA9UAEkATQBFAFQARQBMAEwAQgBWAAIAFABUAEkATQBFAFQARQBMAEwAQgBWAAEAHABUAFQARQBYAEMASABBAE4ARwBFADIAMAAxADAABAAaAHQAaQBtAGUAdABlAGwAbABiAHYALgBuAGwAAwA4AFQAVABFAFgAQwBIAEEATgBHAEUAMgAwADEAMAAuAHQAaQBtAGUAdABlAGwAbABiAHYALgBuAGwABQAaAHQAaQBtAGUAdABlAGwAbABiAHYALgBuAGwABwAIAOZ26g + Owc0BAAAAAA ==
的Set-Cookie:exchangecookie = 0c8362d303d742c6aae98bd1df574a4d; expires = Wed,13-Nov-2013 11:00:16 GMT; path = /; HttpOnly
WWW验证:协商
X-Powered By:ASP.NET
日期:星期二,2012年11月13日11:00:15 GMT
内容长度:0
如果我点击我的测试按钮第三次,我得到一个实际的EIdHTTPProtocolException并且此数据交换:
请求:
POST / ews / exchange.asmx HTTP / 1.1
内容类型:text / xml; charset = utf-8
内容长度:562
SOAPAction:http://schemas.microsoft.com/exchange/services/2006/messages/ResolveNames
主机:webmail.timetellbv .nl
接受:text / html,* / *
Accept-Encoding:gzip,deflate,identity
用户代理:Mozilla / 3.0(兼容; Indy库)
授权:NTLM TlRMTVNTUAADAAAAGAAYAJ4AAABIAUgBtgAAABIAEgBYAAAAIgAiAGoAAAASABIAjAAAAAAAAAD + AQAABYKIogYBsR0AAAAPOcYXUTHWwFnGL17GZCkaYFYATQBKAEEATgBUAFQANwA0AGIAbwBiAEAAdABpAG0AZQB0AGUAbABsAGIAdgAuAG4AbABWAE0ASgBBAE4AVABUADcANAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEi / nFDXHEgQ6OUgBv7Zw0AQEAAAAAAACsq9CKkcHNAbBRNkiUgQdnAAAAAAIAFABUAEkATQBFAFQARQBMAEwAQgBWAAEAHABUAFQARQBYAEMASABBAE4ARwBFADIAMAAxADAABAAaAHQAaQBtAGUAdABlAGwAbABiAHYALgBuAGwAAwA4AFQAVABFAFgAQwBIAEEATgBHAEUAMgAwADEAMAAuAHQAaQBtAGUAdABlAGwAbABiAHYALgBuAGwABQAaAHQAaQBtAGUAdABlAGwAbABiAHYALgBuAGwABwAIAKyr0IqRwc0BBgAEAAIAAAAIADAAMAAAAAAAAAAAAAAAADAAALSZIBVpzBPWjPvSVUels19vMlDT5yE5Q8qQ4mwV87EeCgAQAAAAAAAAAAAAAAAAAAAAAAAJAAAAAAAAAAAAAAAAAAAA
< soapenv:Envelope
[snip]
< / soapenv:Envelope>
回应:
code> HTTP / 1.1 401未授权的
服务器:Microsoft-IIS / 7.5
Set-Cookie:exchecookie = 2a4876f8adeb425384fb370cafa61ee6; expires = Wed,13-Nov-2013 11:25:11 GMT; path = /; HttpOnly
WWW验证:协商
WWW验证:NTLM
X-Powered by:ASP.NET
日期:星期二,2012年11月13日11:25:11 GMT
内容长度:0
感谢
Jan
解决方案
通常,一个授权头不会发送,直到服务器通过401回复。您不会在初始请求中看到它,但 TIdHTTP 应该在处理之后发送带有授权头的新请求401回复。在任何情况下,您应该使用 TIdHTTP.Request.Username 和 TIdHTTP.Request.Password 属性来设置初始凭据,然后使用 OnAuthorization 事件根据需要提供新的凭据。
I want to approach the Exchange webservice and handle XML SOAP composition (request) and parsing (response) myself. Therefore, THTPPRIO seems a bit overkill.
I'm trying TIdHTTP but I'm stuck on the authentication; using Delphi XE2 update 4 with Indy 10.5.8.0
Here's the code:
idHTTP1.Request.CustomHeaders.AddValue('SOAPAction','"http://schemas.microsoft.com/exchange/services/2006/messages/ResolveNames"');
IdHTTP1.Post('https://webmail.mailserver.nl/ews/exchange.asmx',TSRequest,TSResponse);
- TSRequest,TSResponse are UTF-8 TStringStreams, TSRequest contains the entire SOAP envelope
- IdHTTP1.IOHandler is set to a TIdSSLIOHandlerSocketOpenSSL, per this advice TIdSSLIOHandlerSocketOpenSSL.Intercept is linked to a TIdLogDebug so that I can debug what's going on
- OpenSSL DLLs are present in the DLL search path
- EWS wants NTLM validation; TIdNTLMAuthentication is in the uses clause; I have set idHTTP1.Request.BasicAuthentication=false, Username and Password filled in
- The IdHTTP1.OnSelectAuthorization event confirms the NTLM auth (parameters AuthenticationClass = TIdSSPINTLMAuthentication, and the AuthInfo TIdHeaderList contains'Negotiate', 'NTLM')
- There is no proxy. I proxied through Fiddler to see what's going on, but that makes no difference.
I also tried setting user/PW run-time:
procedure TForm1.IdHTTP1Authorization(Sender: TObject; Authentication: TIdAuthentication; var Handled: Boolean);
begin
Authentication.Username := 'bob@domain.nl';
Authentication.Password := 'password';
Handled := true;
end;
Sent HTTP (from TIdLogDebug.OnSend) starts with:
POST /ews/exchange.asmx HTTP/1.1
Content-Type: text/xml; charset=utf-8
Content-Length: 562
SOAPAction: "http://schemas.microsoft.com/exchange/services/2006/messages/ResolveNames"
Host: webmail.mailserver.nl
Accept: text/html, */*
Accept-Encoding: gzip,deflate, identity
User-Agent: Mozilla/3.0 (compatible; Indy Library)
<soapenv:Envelope
Received HTTP (from TIdLogDebug.OnReceive) is
HTTP/1.1 401 Unauthorized
Cache-Control: private
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
Set-Cookie: exchangecookie=0157734634ba4a0fa3a7d0d8efb602f2; expires=Tue, 12-Nov-2013 13:38:56 GMT; path=/; HttpOnly
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
Date: Mon, 12 Nov 2012 13:38:56 GMT
Content-Length: 0
The TIdSSLIOHandlerSocketOpenSSL.OnStatusInfo event logs
SSL status: "before/connect initialization"
SSL status: "before/connect initialization"
SSL status: "SSLv3 write client hello A"
SSL status: "SSLv3 read server hello A"
SSL status: "SSLv3 read server certificate A"
SSL status: "SSLv3 read server done A"
SSL status: "SSLv3 write client key exchange A"
SSL status: "SSLv3 write change cipher spec A"
SSL status: "SSLv3 write finished A"
SSL status: "SSLv3 flush data"
SSL status: "SSLv3 read finished A"
SSL status: "SSL negotiation finished successfully"
SSL status: "SSL negotiation finished successfully"
Cipher: name = AES128-SHA; description = AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1
; bits = 128; version = TLSv1/SSLv3;
What I miss in the outgoing HTTP is a line like (as e.g. generated by SOAPUI):
"Authorization: NTLM TlRMTVNTUAABAAAANQIIIBQAFAAyAAAAEgASACAAAABWAE0ASgBBAE4AVABUADcANABUAEkATQBFAFQARQBMAEwAQgBWAA==[\r][\n]"
Maybe I don't specify username/PW in the correct place?
Added 13 Nov after Remy's initial answer:
For comparison, I called the webservice from SOAPUI and this shows 6 packets going over the line, with twice a response UnAuthorized.
>> "POST /ews/exchange.asmx HTTP/1.1[\r][\n]"
>> "Accept-Encoding: gzip,deflate[\r][\n]"
>> "SOAPAction: "http://schemas.microsoft.com/exchange/services/2006/messages/ResolveNames"[\r][\n]"
>> "Content-Type: text/xml; charset=utf-8[\r][\n]"
>> "Content-Length: 548[\r][\n]"
>> "Host: webmail.timetellbv.nl[\r][\n]"
>> "Connection: Keep-Alive[\r][\n]"
>> "User-Agent: Apache-HttpClient/4.1.1 (java 1.5)[\r][\n]"
>> "[\r][\n]"
>> "<soapenv:Envelope [\n]"
[snip]
>> "</soapenv:Envelope>[\n]"
>> "[\n]"
<< "HTTP/1.1 401 Unauthorized[\r][\n]"
<< "Cache-Control: private[\r][\n]"
<< "Server: Microsoft-IIS/7.5[\r][\n]"
<< "X-AspNet-Version: 2.0.50727[\r][\n]"
<< "Set-Cookie: exchangecookie=a29f10ca2a6d484ea276737e87d8e733; expires=Wed, 13-Nov-2013 10:47:33 GMT; path=/; HttpOnly[\r][\n]"
<< "WWW-Authenticate: Negotiate[\r][\n]"
<< "WWW-Authenticate: NTLM[\r][\n]"
<< "X-Powered-By: ASP.NET[\r][\n]"
<< "Date: Tue, 13 Nov 2012 10:47:33 GMT[\r][\n]"
<< "Content-Length: 0[\r][\n]"
<< "[\r][\n]"
>> "POST /ews/exchange.asmx HTTP/1.1[\r][\n]"
>> "Accept-Encoding: gzip,deflate[\r][\n]"
>> "SOAPAction: "http://schemas.microsoft.com/exchange/services/2006/messages/ResolveNames"[\r][\n]"
>> "Content-Type: text/xml; charset=utf-8[\r][\n]"
>> "Content-Length: 548[\r][\n]"
>> "Host: webmail.timetellbv.nl[\r][\n]"
>> "Connection: Keep-Alive[\r][\n]"
>> "User-Agent: Apache-HttpClient/4.1.1 (java 1.5)[\r][\n]"
>> "Cookie: exchangecookie=a29f10ca2a6d484ea276737e87d8e733[\r][\n]"
>> "Cookie2: $Version=1[\r][\n]"
>> "Authorization: NTLM TlRMTVNTUAABAAAANQIIIBQAFAAyAAAAEgASACAAAABWAE0ASgBBAE4AVABUADcANABUAEkATQBFAFQARQBMAEwAQgBWAA==[\r][\n]"
>> "[\r][\n]"
>> "<soapenv:Envelope [\n]"
[snip]
>> "</soapenv:Envelope>[\n]"
>> "[\n]"
<< "HTTP/1.1 401 Unauthorized[\r][\n]"
<< "Server: Microsoft-IIS/7.5[\r][\n]"
<< "WWW-Authenticate: NTLM TlRMTVNTUAACAAAAFAAUADgAAAA1AokilFuJDu09j+sAAAAAAAAAAMAAwABMAAAABgGxHQAAAA9UAEkATQBFAFQARQBMAEwAQgBWAAIAFABUAEkATQBFAFQARQBMAEwAQgBWAAEAHABUAFQARQBYAEMASABBAE4ARwBFADIAMAAxADAABAAaAHQAaQBtAGUAdABlAGwAbABiAHYALgBuAGwAAwA4AFQAVABFAFgAQwBIAEEATgBHAEUAMgAwADEAMAAuAHQAaQBtAGUAdABlAGwAbABiAHYALgBuAGwABQAaAHQAaQBtAGUAdABlAGwAbABiAHYALgBuAGwABwAIADs8RkmMwc0BAAAAAA==[\r][\n]"
<< "WWW-Authenticate: Negotiate[\r][\n]"
<< "X-Powered-By: ASP.NET[\r][\n]"
<< "Date: Tue, 13 Nov 2012 10:47:33 GMT[\r][\n]"
<< "Content-Length: 0[\r][\n]"
<< "[\r][\n]"
>> "POST /ews/exchange.asmx HTTP/1.1[\r][\n]"
>> "Accept-Encoding: gzip,deflate[\r][\n]"
>> "SOAPAction: "http://schemas.microsoft.com/exchange/services/2006/messages/ResolveNames"[\r][\n]"
>> "Content-Type: text/xml; charset=utf-8[\r][\n]"
>> "Content-Length: 548[\r][\n]"
>> "Host: webmail.timetellbv.nl[\r][\n]"
>> "Connection: Keep-Alive[\r][\n]"
>> "User-Agent: Apache-HttpClient/4.1.1 (java 1.5)[\r][\n]"
>> "Cookie: exchangecookie=a29f10ca2a6d484ea276737e87d8e733[\r][\n]"
>> "Cookie2: $Version=1[\r][\n]"
>> "Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAADsAOwAWAAAABQAFABEAQAAEgASAFgBAAASABIAagEAAAAAAAB8AQAANQIIIFEqBrpeBXvnS3dcDcbKGMQS3VgaBa9Bi9YvouCOFFWFjH84AhcR7fgBAQAAAAAAAECzkUmMwc0BEt1YGgWvQYsAAAAAAgAUAFQASQBNAEUAVABFAEwATABCAFYAAQAcAFQAVABFAFgAQwBIAEEATgBHAEUAMgAwADEAMAAEABoAdABpAG0AZQB0AGUAbABsAGIAdgAuAG4AbAADADgAVABUAEUAWABDAEgAQQBOAEcARQAyADAAMQAwAC4AdABpAG0AZQB0AGUAbABsAGIAdgAuAG4AbAAFABoAdABpAG0AZQB0AGUAbABsAGIAdgAuAG4AbAAHAAgAOzxGSYzBzQEAAAAAVABJAE0ARQBUAEUATABMAEIAVgBkAGUAdgBlAGwAbwBwAGUAcgBWAE0ASgBBAE4AVABUADcANAA=[\r][\n]"
>> "[\r][\n]"
>> "<soapenv:Envelope [\n]"
[snip]
>> "</soapenv:Envelope>[\n]"
>> "[\n]"
<< "HTTP/1.1 200 OK[\r][\n]"
<< "Cache-Control: private[\r][\n]"
<< "Transfer-Encoding: chunked[\r][\n]"
<< "Content-Type: text/xml; charset=utf-8[\r][\n]"
<< "Server: Microsoft-IIS/7.5[\r][\n]"
<< "X-EwsPerformanceData: RpcC=2;RpcL=0;LdapC=1;LdapL=0;[\r][\n]"
<< "X-AspNet-Version: 2.0.50727[\r][\n]"
<< "Persistent-Auth: true[\r][\n]"
<< "X-Powered-By: ASP.NET[\r][\n]"
<< "Date: Tue, 13 Nov 2012 10:47:33 GMT[\r][\n]"
<< "[\r][\n]"
<< "877[\r][\n]"
<< "<?xml version="1.0" encoding="utf-8"?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
[snip]
<< "</s:Envelope>"
<< "[\r][\n]"
<< "0[\r][\n]"
<< "[\r][\n]"
So from Delphi I only see the first 2 packets exchanging. Strange thing is, if I click my 'Test' button again the exchange seems to continue???:
Request:
POST /ews/exchange.asmx HTTP/1.1
Content-Type: text/xml; charset=utf-8
Content-Length: 562
SOAPAction: "http://schemas.microsoft.com/exchange/services/2006/messages/ResolveNames"
Host: webmail.timetellbv.nl
Accept: text/html, */*
Accept-Encoding: gzip,deflate, identity
User-Agent: Mozilla/3.0 (compatible; Indy Library)
Authorization: NTLM TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAGAbEdAAAADw==
<soapenv:Envelope
[snip]
</soapenv:Envelope>
Response:
HTTP/1.1 401 Unauthorized
Server: Microsoft-IIS/7.5
WWW-Authenticate: NTLM TlRMTVNTUAACAAAAFAAUADgAAAAFgomiqrTrZnWjEdQAAAAAAAAAAMAAwABMAAAABgGxHQAAAA9UAEkATQBFAFQARQBMAEwAQgBWAAIAFABUAEkATQBFAFQARQBMAEwAQgBWAAEAHABUAFQARQBYAEMASABBAE4ARwBFADIAMAAxADAABAAaAHQAaQBtAGUAdABlAGwAbABiAHYALgBuAGwAAwA4AFQAVABFAFgAQwBIAEEATgBHAEUAMgAwADEAMAAuAHQAaQBtAGUAdABlAGwAbABiAHYALgBuAGwABQAaAHQAaQBtAGUAdABlAGwAbABiAHYALgBuAGwABwAIAOZ26g+Owc0BAAAAAA==
Set-Cookie: exchangecookie=0c8362d303d742c6aae98bd1df574a4d; expires=Wed, 13-Nov-2013 11:00:16 GMT; path=/; HttpOnly
WWW-Authenticate: Negotiate
X-Powered-By: ASP.NET
Date: Tue, 13 Nov 2012 11:00:15 GMT
Content-Length: 0
And if I click my Test button a third time I get an actual EIdHTTPProtocolException and this data exchange:
Request:
POST /ews/exchange.asmx HTTP/1.1
Content-Type: text/xml; charset=utf-8
Content-Length: 562
SOAPAction: "http://schemas.microsoft.com/exchange/services/2006/messages/ResolveNames"
Host: webmail.timetellbv.nl
Accept: text/html, */*
Accept-Encoding: gzip,deflate, identity
User-Agent: Mozilla/3.0 (compatible; Indy Library)
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAJ4AAABIAUgBtgAAABIAEgBYAAAAIgAiAGoAAAASABIAjAAAAAAAAAD+AQAABYKIogYBsR0AAAAPOcYXUTHWwFnGL17GZCkaYFYATQBKAEEATgBUAFQANwA0AGIAbwBiAEAAdABpAG0AZQB0AGUAbABsAGIAdgAuAG4AbABWAE0ASgBBAE4AVABUADcANAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEi/nFDXHEgQ6OUgBv7Zw0AQEAAAAAAACsq9CKkcHNAbBRNkiUgQdnAAAAAAIAFABUAEkATQBFAFQARQBMAEwAQgBWAAEAHABUAFQARQBYAEMASABBAE4ARwBFADIAMAAxADAABAAaAHQAaQBtAGUAdABlAGwAbABiAHYALgBuAGwAAwA4AFQAVABFAFgAQwBIAEEATgBHAEUAMgAwADEAMAAuAHQAaQBtAGUAdABlAGwAbABiAHYALgBuAGwABQAaAHQAaQBtAGUAdABlAGwAbABiAHYALgBuAGwABwAIAKyr0IqRwc0BBgAEAAIAAAAIADAAMAAAAAAAAAAAAAAAADAAALSZIBVpzBPWjPvSVUels19vMlDT5yE5Q8qQ4mwV87EeCgAQAAAAAAAAAAAAAAAAAAAAAAAJAAAAAAAAAAAAAAAAAAAA
<soapenv:Envelope
[snip]
</soapenv:Envelope>
Response:
HTTP/1.1 401 Unauthorized
Server: Microsoft-IIS/7.5
Set-Cookie: exchangecookie=2a4876f8adeb425384fb370cafa61ee6; expires=Wed, 13-Nov-2013 11:25:11 GMT; path=/; HttpOnly
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
Date: Tue, 13 Nov 2012 11:25:11 GMT
Content-Length: 0
Thanks
Jan
解决方案
Typically an Authorization header is not sent until the server asks for it via a 401 reply. You won't see it on the initial request, but TIdHTTP should be sending new requests with an Authorization header after processing the 401 reply. In any case, you should be using the TIdHTTP.Request.Username and TIdHTTP.Request.Password properties to set the initial credentials, then use the OnAuthorization event to provide new credentials as needed.
这篇关于授权失败TIdHTTP over HTTPS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
