问题
I am trying to use a REST call to Sharepoint 2010 via HTTPClient 4.2.3 from a Liferay 6.1 portlet.
I have imported the cert into my local MAC's JVM cacerts and am trying to load the cacerts as the keystore.
My code is:
String opsCalendarURL1 = "https://hostname/sites/team-sites/operations/_vti_bin/owssvr.dll?";
String opsCalendarURL2 = "Cmd=Display&List={6E460908-D470-4F8A-AF76-CC279E25E0B1}&XMLDATA=TRUE";
String opsCalenderURLEncoded = opsCalendarURL1 + URLEncoder.encode( opsCalendarURL2 , "UTF8" );
System.out.println(opsCalenderURLEncoded);
DefaultHttpClient httpclient = new DefaultHttpClient();
try {
// SSL
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
FileInputStream instream = new FileInputStream(new File("/System/Library/Java/JavaVirtualMachines/1.6.0.jdk/Contents/Home/lib/security/cacerts"));
try {
trustStore.load(instream, "changeit".toCharArray());
} finally {
try { instream.close(); } catch (Exception ignore) {}
}
SSLSocketFactory socketFactory = new SSLSocketFactory(trustStore);
Scheme sch = new Scheme("https", 443, socketFactory);
httpclient.getConnectionManager().getSchemeRegistry().register(sch);
System.out.println("----------------------------------------");
HttpHost targetHost = new HttpHost("hostname", 443, "https");
httpclient.getCredentialsProvider().setCredentials(
AuthScope.ANY,
new NTCredentials("username", "password","machine","domain"));
HttpGet httpget = new HttpGet(opsCalenderURLEncoded);
System.out.println("executing request: " + httpget.getRequestLine());
System.out.println("to target: " + targetHost);
HttpResponse response2 = httpclient.execute(targetHost, httpget);
HttpEntity entity = response2.getEntity();
System.out.println("----------------------------------------");
System.out.println(response2.getStatusLine());
System.out.println(response2.getProtocolVersion());
if (entity != null) {
System.out.println("Response content length: " + entity.getContentLength());
}
EntityUtils.consume(entity);
} finally {
httpclient.getConnectionManager().shutdown();
}
The response I always get back is: HTTP/1.1 401 Unauthorized
I don't see an SSL handshake in the wire logs and get a 401 unauthorized response. I have tried various combinations of the sample codes with same results.
Note - that I've used FireFox and CURL to do the same thing I'm trying to do here programmatically, and it works fine. So the server appears to be set up correctly. The CURL verbose log show the SSL handshake happening first and the NTLM succeeds as the next step.
I can attach the wire logs if needed.
Thanks a lot for your time!
I appreciate any help and pointers.
回答1:
The issue seems to be with IIS 7.5 and HTTPClient using NTLM v2 and Windows 2008 R2.
I switched to Java HTTPURLConnection and it works pretty well.
Post with some detail on another issue with the same code here
来源:https://stackoverflow.com/questions/14884956/httpclient-4-2-3-using-both-ssl-encryption-and-ntlm-authentication-fails