1. 首頁
  2. 問答
  3. HttpClient 4.3.6返回「WARNING:NEGOTIATE身份驗證錯誤」

HttpClient 4.3.6返回「WARNING:NEGOTIATE身份驗證錯誤」

2014-12-03 72 views
3

我正在Java 6中運行HttpClient 4.3.6。當我運行以下代碼時,身份驗證似乎成功。返回的狀態碼是200.但是,我在控制檯中收到以下錯誤消息:HttpClient 4.3.6返回「WARNING:NEGOTIATE身份驗證錯誤」

警告:NEGOTIATE身份驗證錯誤:提供的名稱無效(機制級別:無法裝入配置文件C:\ Windows \ krb5。 ini(系統找不到指定的文件))

如何消除此警告?

CloseableHttpClient httpclient = HttpClients.createDefault(); 
HttpContext localContext = new BasicHttpContext(); 
HttpGet method = new HttpGet(url); 
CredentialsProvider credsProvider = new BasicCredentialsProvider(); 
credsProvider.setCredentials(
    new AuthScope(host, 80), 
    new NTCredentials(userid, password, host, login_domain)); 

localContext.setAttribute(HttpClientContext.CREDS_PROVIDER, credsProvider); 

String filePath = null; 

// Execute the method. 
CloseableHttpResponse clientResponse = httpclient.execute(method, localContext); 

HttpEntity entity = clientResponse.getEntity(); 

int statusCode = clientResponse.getStatusLine().getStatusCode(); 

if (statusCode != HttpStatus.SC_OK) { 
    System.err.println("Method failed: " + method.getRequestLine()); 
}

來源

2014-12-03 Michael Sobczak

回答

0

確定認證成功發生,如果網站設置爲協商(嘗試Kerbero,然後故障轉移到NTLM)基本身份驗證可能不會成功。

來源

2014-12-04 17:37:14 Avi

+0

我相信如此。代碼運行時,我可以從IIS服務器獲取Crystal Report。當身份驗證失敗時,我根本沒有收到Crystal Report。 – 2014-12-04 21:24:05

1

是的我認爲,事實上,您的身份驗證是成功的,可能只是從Kerberos回落到NTLM。我的代碼看起來和你的類似,在我的應用程序中,我使用Java 7中的HttpClient 4.3.5連接到SharePoint。當SharePoint配置爲「協商」(嘗試Kerberos,然後故障轉移到NTLM)時,我會看到類似的錯誤你在HttpClient的報道產生的日誌記錄,具體做法是:

Selected authentication options: [NEGOTIATE, NTLM] Executing request GET /my/personal/user2/_api/web?$select=ServerRelativeUrl HTTP/1.1 Target auth state: CHALLENGED Generating response to an authentication challenge using Negotiate scheme init XXX.XXX.XXX.XXX:80 NEGOTIATE authentication error: org.ietf.jgss.GSSException, major code: 11, minor code: 0 major string: General failure, unspecified at GSSAPI level minor string: Desired initLifetime zero or less Generating response to an authentication challenge using ntlm scheme

在此之後,它將成功通過NTLM身份驗證。所以,我讀到這樣的錯誤信息:「Kerberos不起作用,現在我們將使用NTLM」。只要你得到200的迴應,你應該很好走。

來源

2015-01-16 20:14:02

6

你需要在一組目標首選身份驗證方案的經過:

這樣創建的HttpClient:

PoolingHttpClientConnectionManager connPool = new PoolingHttpClientConnectionManager(); 

connPool.setMaxTotal(200); 
connPool.setDefaultMaxPerRoute(200); 

// Authentication 
CredentialsProvider credsProvider = new BasicCredentialsProvider(); 
credsProvider.setCredentials(AuthScope.ANY, new NTCredentials(username, password, workstation, domain)); 


RequestConfig config = RequestConfig.custom().setTargetPreferredAuthSchemes(Arrays.asList(AuthSchemes.NTLM)).build(); 

CloseableHttpClient httpClient = HttpClients.custom().setConnectionManager(connPool).setDefaultRequestConfig(config).build(); 

HttpClientContext context = HttpClientContext.create(); 
context.setCredentialsProvider(credsProvider);

來源

2015-02-23 18:32:30

+0

感謝您的解決方案。在哪裏/如何設置AuthScope和NTCredentials? – 2015-02-26 13:46:57

+0

@MichaelSobczak我剛剛注意到我的回答不正確,所以我編輯了這個答案。您不想刪除提供程序,而是將TargetPeferredAuthSchems設置爲NTLM。 – 2015-05-12 14:19:46

相關問題

 相關問題