NTLM是NT LAN Manager的缩写,是微软windows系统的一种登录认证机制,常用做域内主机的自动认证。为了方便管理,公司、学校等,都会要求接入内部网的电脑加入域,用户的登录名、密码都保存在域中服务器上。简单来说,当用户需要登录系统时,服务器返回401需要进一步授权,然后浏览器和服务器进行协商,确认NTLM版本等内容,然后服务器会随机产生一个字符串(叫做挑战,challenge),发给本机,本机会使用保存在本地域中的用户名和密码对其加密,然后将密文发送给服务器,服务器也使用用户的账号和密码进行加密,将两个密文进行比对,如果匹配,就登录成功。详细说明见http://www.innovation.ch/personal/ronald/ntlm.html
下面使用httpclient包,编写代码来模拟NTLM登录过程。
package com.yeetrack.ntlm;
import java.io.IOException;
import java.util.List;
import java.util.ArrayList;
import org.apache.http.HttpEntity;
import org.apache.http.HttpHost;
import org.apache.http.HttpResponse;
import org.apache.http.ParseException;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.NTCredentials;
import org.apache.http.auth.params.AuthPNames;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.params.AuthPolicy;
import org.apache.http.conn.params.ConnRoutePNames;
import org.apache.http.conn.params.ConnRouteParams;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.protocol.BasicHttpContext;
import org.apache.http.protocol.HttpContext;
import org.apache.http.util.EntityUtils;
/**
* @author youthflies
* yeetrack.com
*/
public class NtlmTest
{
public static void main(String[] args)
{
DefaultHttpClient httpclient = new DefaultHttpClient();
List<String> authpref = new ArrayList<String>();
authpref.add(AuthPolicy.NTLM);
httpclient.getParams().setParameter(AuthPNames.TARGET_AUTH_PREF, authpref);
//参数分别为用户名、密码、服务器url、工作域名称
NTCredentials creds = new NTCredentials("username", "password", "serverName", "domain");
httpclient.getCredentialsProvider().setCredentials(AuthScope.ANY, creds);
//设置要连接的目标名称、端口
HttpHost target = new HttpHost("serverName", 80, "http");
// Make sure the same context is used to execute logically related requests
HttpContext localContext = new BasicHttpContext();
// Execute a cheap method first. This will trigger NTLM authentication
HttpGet httpget = new HttpGet("目标域名的详细url:serverName+端口+路径等");
//下面是为请求加上一些header信息,来伪装浏览器
httpget.addHeader("Accept-Language", "zh-Hans-CN,zh-Hans;q=0.8,en-US;q=0.5,en;q=0.3");
httpget.addHeader("Accept","image/jpeg, application/x-ms-application, image/gif, application/xaml+xml, image/pjpeg, application/x-ms-xbap, */*");
httpget.addHeader("DNT","1");
httpget.addHeader("User-Agent", "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/6.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)");
httpget.addHeader("Accept-Encoding","gzip, deflate");
try
{
HttpResponse response = httpclient.execute(httpget);
HttpEntity entity = response.getEntity();
System.out.println(EntityUtils.toString(entity));
} catch (ParseException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
例子采用maven管理,下面是pom.xml文件。
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.yeetrack</groupId>
<artifactId>ntlm</artifactId>
<version>0.0.1-SNAPSHOT</version>
<packaging>jar</packaging>
<name>ntlm</name>
<url>http://maven.apache.org</url>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>3.8.1</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.3-beta1</version>
</dependency>
</dependencies>
</project>
版权声明
本站文章、图片、视频等(除转载外),均采用知识共享署名 4.0 国际许可协议(CC BY-NC-SA 4.0),转载请注明出处、非商业性使用、并且以相同协议共享。
© 空空博客,本文链接:https://www.yeetrack.com/?p=514
近期评论