1. 首页
  2. 问答
  3. HttpClient 4.3.6返回“WARNING:NEGOTIATE身份验证错误”

HttpClient 4.3.6返回“WARNING:NEGOTIATE身份验证错误”

2014-12-03 70 views
3

我正在Java 6中运行HttpClient 4.3.6。当我运行以下代码时,身份验证似乎成功。返回的状态码是200.但是,我在控制台中收到以下错误消息:HttpClient 4.3.6返回“WARNING:NEGOTIATE身份验证错误”

警告:NEGOTIATE身份验证错误:提供的名称无效(机制级别:无法装入配置文件C:\ Windows \ krb5。 ini(系统找不到指定的文件))

如何消除此警告?

CloseableHttpClient httpclient = HttpClients.createDefault(); 
HttpContext localContext = new BasicHttpContext(); 
HttpGet method = new HttpGet(url); 
CredentialsProvider credsProvider = new BasicCredentialsProvider(); 
credsProvider.setCredentials(
    new AuthScope(host, 80), 
    new NTCredentials(userid, password, host, login_domain)); 

localContext.setAttribute(HttpClientContext.CREDS_PROVIDER, credsProvider); 

String filePath = null; 

// Execute the method. 
CloseableHttpResponse clientResponse = httpclient.execute(method, localContext); 

HttpEntity entity = clientResponse.getEntity(); 

int statusCode = clientResponse.getStatusLine().getStatusCode(); 

if (statusCode != HttpStatus.SC_OK) { 
    System.err.println("Method failed: " + method.getRequestLine()); 
}

来源

2014-12-03 Michael Sobczak

回答

0

确定认证成功发生,如果网站设置为协商(尝试Kerbero,然后故障转移到NTLM)基本身份验证可能不会成功。

来源

2014-12-04 17:37:14 Avi

+0

我相信如此。代码运行时,我可以从IIS服务器获取Crystal Report。当身份验证失败时,我根本没有收到Crystal Report。 – 2014-12-04 21:24:05

1

是的我认为,事实上,您的身份验证是成功的,可能只是从Kerberos回落到NTLM。我的代码看起来和你的类似,在我的应用程序中,我使用Java 7中的HttpClient 4.3.5连接到SharePoint。当SharePoint配置为“协商”(尝试Kerberos,然后故障转移到NTLM)时,我会看到类似的错误你在HttpClient的报道产生的日志记录,具体做法是:

Selected authentication options: [NEGOTIATE, NTLM] Executing request GET /my/personal/user2/_api/web?$select=ServerRelativeUrl HTTP/1.1 Target auth state: CHALLENGED Generating response to an authentication challenge using Negotiate scheme init XXX.XXX.XXX.XXX:80 NEGOTIATE authentication error: org.ietf.jgss.GSSException, major code: 11, minor code: 0 major string: General failure, unspecified at GSSAPI level minor string: Desired initLifetime zero or less Generating response to an authentication challenge using ntlm scheme

在此之后,它将成功通过NTLM身份验证。所以,我读到这样的错误信息:“Kerberos不起作用,现在我们将使用NTLM”。只要你得到200的回应,你应该很好走。

来源

2015-01-16 20:14:02

6

你需要在一组目标首选身份验证方案的经过:

这样创建的HttpClient:

PoolingHttpClientConnectionManager connPool = new PoolingHttpClientConnectionManager(); 

connPool.setMaxTotal(200); 
connPool.setDefaultMaxPerRoute(200); 

// Authentication 
CredentialsProvider credsProvider = new BasicCredentialsProvider(); 
credsProvider.setCredentials(AuthScope.ANY, new NTCredentials(username, password, workstation, domain)); 


RequestConfig config = RequestConfig.custom().setTargetPreferredAuthSchemes(Arrays.asList(AuthSchemes.NTLM)).build(); 

CloseableHttpClient httpClient = HttpClients.custom().setConnectionManager(connPool).setDefaultRequestConfig(config).build(); 

HttpClientContext context = HttpClientContext.create(); 
context.setCredentialsProvider(credsProvider);

来源

2015-02-23 18:32:30

+0

感谢您的解决方案。在哪里/如何设置AuthScope和NTCredentials? – 2015-02-26 13:46:57

+0

@MichaelSobczak我刚刚注意到我的回答不正确,所以我编辑了这个答案。您不想删除提供程序,而是将TargetPeferredAuthSchems设置为NTLM。 – 2015-05-12 14:19:46

相关问题

 相关问题