Apache HttpClient v5.0 не аутентифицируется с NTLM на Windows - PullRequest
1 голос
/ 05 апреля 2020

Я пытаюсь сделать запрос через NTLM-прокси, как это:

try (CloseableHttpClient httpClient = WinHttpClients.createDefault()) {
    HttpHost target = HttpHost.create("http://example.com");
    HttpHost proxy = new HttpHost("http", "localhost", 80);
    RequestConfig config = RequestConfig.custom().setProxy(proxy).build();
    HttpGet request = new HttpGet("/");
    request.setConfig(config);
    try (CloseableHttpResponse response = httpClient.execute(target, request)) {
        StatusLine statusLine = new StatusLine(response);
        if (statusLine.getStatusCode() == HttpStatus.SC_OK) {
            System.out.println("Test OK");
        } else if (statusLine.getStatusCode() == HttpStatus.SC_PROXY_AUTHENTICATION_REQUIRED) {
            throw new CredentialException(statusLine.getReasonPhrase());
        }
    }
} catch (Exception e) {
    e.printStackTrace();
}

, но это не удается, вот журнал:

[main] DEBUG org.apache.hc.client5.http.impl.classic.InternalHttpClient - ex-00000001: preparing request execution
[main] DEBUG org.apache.hc.client5.http.protocol.RequestAddCookies - Cookie spec selected: strict
[main] DEBUG org.apache.hc.client5.http.protocol.RequestAuthCache - Auth cache not set in the context
[main] DEBUG org.apache.hc.client5.http.impl.classic.ProtocolExec - ex-00000001: target auth state: UNCHALLENGED
[main] DEBUG org.apache.hc.client5.http.impl.classic.ProtocolExec - ex-00000001: proxy auth state: UNCHALLENGED
[main] DEBUG org.apache.hc.client5.http.impl.classic.ConnectExec - ex-00000001: acquiring connection with route {}->http://localhost:80->http://example.com:80
[main] DEBUG org.apache.hc.client5.http.impl.classic.InternalHttpClient - ex-00000001: acquiring endpoint (3 MINUTES)
[main] DEBUG org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager - ex-00000001: endpoint lease request (3 MINUTES) [route: {}->http://localhost:80->http://example.com:80][total available: 0; route allocated: 0 of 5; total allocated: 0 of 25]
[main] DEBUG org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager - ex-00000001: endpoint leased [route: {}->http://localhost:80->http://example.com:80][total available: 0; route allocated: 1 of 5; total allocated: 1 of 25]
[main] DEBUG org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager - ex-00000001: acquired ep-00000000
[main] DEBUG org.apache.hc.client5.http.impl.classic.InternalHttpClient - ex-00000001: acquired endpoint ep-00000000
[main] DEBUG org.apache.hc.client5.http.impl.classic.ConnectExec - ex-00000001: opening connection {}->http://localhost:80->http://example.com:80
[main] DEBUG org.apache.hc.client5.http.impl.classic.InternalHttpClient - ep-00000000: connecting endpoint (3 MINUTES)
[main] DEBUG org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager - ep-00000000: connecting endpoint to http://localhost:80 (3 MINUTES)
[main] DEBUG org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator - http-outgoing-0: connecting to localhost/127.0.0.1:80
[main] DEBUG org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator - http-outgoing-0: connection established 127.0.0.1:57194<->127.0.0.1:80
[main] DEBUG org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager - ep-00000000: connected http-outgoing-0
[main] DEBUG org.apache.hc.client5.http.impl.classic.InternalHttpClient - ep-00000000: endpoint connected
[main] DEBUG org.apache.hc.client5.http.impl.classic.MainClientExec - ex-00000001: executing GET http://example.com/ HTTP/1.1
[main] DEBUG org.apache.hc.client5.http.impl.classic.InternalHttpClient - ep-00000000: start execution ex-00000001
[main] DEBUG org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager - ep-00000000: executing exchange ex-00000001 over http-outgoing-0
[main] DEBUG org.apache.hc.client5.http.headers - http-outgoing-0 >> GET http://example.com/ HTTP/1.1
[main] DEBUG org.apache.hc.client5.http.headers - http-outgoing-0 >> Accept-Encoding: gzip, x-gzip, deflate
[main] DEBUG org.apache.hc.client5.http.headers - http-outgoing-0 >> Host: example.com
[main] DEBUG org.apache.hc.client5.http.headers - http-outgoing-0 >> User-Agent: Apache-HttpClient/5.0 (Java/1.8.0_222)
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 >> "GET http://example.com/ HTTP/1.1[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 >> "Accept-Encoding: gzip, x-gzip, deflate[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 >> "Host: example.com[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 >> "User-Agent: Apache-HttpClient/5.0 (Java/1.8.0_222)[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 >> "[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "HTTP/1.1 407 Proxy authorization required[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "Proxy-Authenticate: NTLM[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "Proxy-Authenticate: Basic realm="/", charset="UTF-8"[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "Proxy-Support: session-based-authentication[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "Cache-control: no-store, no-cache[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "Content-Type: text/html; charset=utf-8[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "Content-Length: 855[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "Date: Sun, 05 Apr 2020 06:15:20 GMT[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "Server: WinGate Engine[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "Connection: Keep-Alive[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><title>Proxy authorization required</title>[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "<style>[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "body { font-family:helvetica; font-size:11pt; color:#0071BB; margin:30px; padding:0px; }[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "h1 { color:#005395; margin:0px 0px 0px 0px; }[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "h2 { color:#005395; }[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "p { margin:6px 0px 6px 0px;}[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "p.footer { font-size:8pt; margin:3px 0px 0px 0px;}[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "b { font-weight:550; color:#7F7F7F; }[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "</style>[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "</head>[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "<body><h1>Proxy authorization required</h1>[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "<div style="margin:12px 0px 12px 0px; padding:12px 0px 12px 0px; min-height:300px; border-top:1px solid #0071BB; border-bottom:1px solid #0071BB;">You must authenticate to gain access to this resource</div>[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "<p class="footer"><a href="http://www.wingate.com">WinGate</a>&trade; &copy; Qbik New Zealand Limited 1995-2020[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.wire - http-outgoing-0 << "</p></body></html>[\r][\n]"
[main] DEBUG org.apache.hc.client5.http.headers - http-outgoing-0 << HTTP/1.1 407 Proxy authorization required
[main] DEBUG org.apache.hc.client5.http.headers - http-outgoing-0 << Proxy-Authenticate: NTLM
[main] DEBUG org.apache.hc.client5.http.headers - http-outgoing-0 << Proxy-Authenticate: Basic realm="/", charset="UTF-8"
[main] DEBUG org.apache.hc.client5.http.headers - http-outgoing-0 << Proxy-Support: session-based-authentication
[main] DEBUG org.apache.hc.client5.http.headers - http-outgoing-0 << Cache-control: no-store, no-cache
[main] DEBUG org.apache.hc.client5.http.headers - http-outgoing-0 << Content-Type: text/html; charset=utf-8
[main] DEBUG org.apache.hc.client5.http.headers - http-outgoing-0 << Content-Length: 855
[main] DEBUG org.apache.hc.client5.http.headers - http-outgoing-0 << Date: Sun, 05 Apr 2020 06:15:20 GMT
[main] DEBUG org.apache.hc.client5.http.headers - http-outgoing-0 << Server: WinGate Engine
[main] DEBUG org.apache.hc.client5.http.headers - http-outgoing-0 << Connection: Keep-Alive
[main] DEBUG org.apache.hc.client5.http.impl.classic.MainClientExec - ex-00000001: connection can be kept alive for 3 MINUTES
[main] DEBUG org.apache.hc.client5.http.impl.classic.ProtocolExec - Authentication required
[main] DEBUG org.apache.hc.client5.http.impl.classic.ProtocolExec - localhost:80 requested authentication
[main] DEBUG org.apache.hc.client5.http.impl.DefaultAuthenticationStrategy - Authentication schemes in the order of preference: [Negotiate, Kerberos, NTLM, Digest, Basic]
[main] DEBUG org.apache.hc.client5.http.impl.DefaultAuthenticationStrategy - Challenge for Negotiate authentication scheme not available
[main] DEBUG org.apache.hc.client5.http.impl.DefaultAuthenticationStrategy - Challenge for Kerberos authentication scheme not available
[main] DEBUG org.apache.hc.client5.http.impl.win.WindowsNegotiateScheme - Created WindowsNegotiateScheme using NTLM
[main] DEBUG org.apache.hc.client5.http.impl.DefaultAuthenticationStrategy - Challenge for Digest authentication scheme not available
[main] WARN org.apache.hc.client5.http.impl.classic.ProtocolExec - Missing auth challenge
[main] DEBUG org.apache.hc.client5.http.impl.io.DefaultManagedHttpClientConnection - http-outgoing-0: close connection GRACEFUL
[main] DEBUG org.apache.hc.client5.http.impl.classic.InternalHttpClient - ep-00000000: endpoint closed
[main] DEBUG org.apache.hc.client5.http.impl.classic.InternalHttpClient - ep-00000000: endpoint closed
[main] DEBUG org.apache.hc.client5.http.impl.classic.InternalHttpClient - ep-00000000: discarding endpoint
[main] DEBUG org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager - ep-00000000: releasing endpoint
[main] DEBUG org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager - ep-00000000: connection released [route: {}->http://localhost:80->http://example.com:80][total available: 0; route allocated: 0 of 5; total allocated: 0 of 25]
[main] DEBUG org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager - Shutdown connection pool GRACEFUL
[main] DEBUG org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager - Connection pool shut down
javax.security.auth.login.CredentialException: Proxy authorization required
    at org.kpax.http_client_5_testing.App.main(App.java:47)

Environment

  • ОС: Windows 10
  • JRE: AdoptOpenJdk v11
  • Тип прокси: NTLM (Wingate)

Вопрос Что-то не так с приведенным выше кодом?


Obs Тот же код отлично работает с Apache Http Client v4. 5,12

1 Ответ

1 голос
/ 05 апреля 2020

Это незначительная ошибка , исправленная сейчас, для v5.0.1.

...