当前位置: 文江博客话题详情

ColdFusion 中的 NTLM 身份验证

发布于 2024-07-21 12:42:43 字数 80 浏览 3 评论 0原文

ColdFusion 中是否有推荐的(最好是免费的)方法来访问受 NTLM 身份验证保护的远程文件? cfhttp 标签似乎仅支持基本身份验证。

原文

Is there a recommended (and preferably free) way in ColdFusion to access a remote file that is protected by NTLM authentication? The cfhttp tag appears to only support Basic authentication.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(5

誰認得朕 2024-07-28 12:42:43

此 CFX 标签 - CFX_HTTP5 - 应该可以满足您的需要。 它确实要花 50 美元,但也许值得这个钱? 看起来付出的代价很小。

This CFX Tag - CFX_HTTP5 - should do what you need. It does cost $50, but perhaps it's worth the cost? Seems like a small price to pay.

回复 原文
玩世 2024-07-28 12:42:43

这是我在以下位置找到的一些代码:

http://www.bpurcell.org/downloads/ presentations/securing_cfapps_examples.zip

还有 ldap、webservices 等的示例。我将在此处粘贴 2 个文件,以便您可以有一个想法,代码看起来应该仍然可以工作。

<cfapplication name="example2" sessionmanagement="Yes" loginStorage="Session">
<!-- Application.cfm -->
<!-- CFMX will check for authentication with each page request. -->
<cfset Request.myDomain="allaire">

<cfif isdefined("url.logout")>
    <CFLOGOUT>
</cfif>


<cflogin>
   <cfif not IsDefined("cflogin")>
      <cfinclude template="loginform.cfm">
      <cfabort>
   <cfelse>
      <!--Invoke NTSecurity CFC -->
        <cfinvoke component = "NTSecurity" method = "authenticateAndGetGroups"
            returnVariable = "userRoles" domain = "#Request.myDomain#"
            userid = "#cflogin.name#" passwd = "#cflogin.password#">
        <cfif userRoles NEQ "">
            <cfloginuser name = "#cflogin.name#" password = "#cflogin.password#" roles="#stripSpacesfromList(userRoles)#">
            <cfset session.displayroles=stripSpacesfromList(userRoles)><!--- for displaying roles only --->
        <cfelse>
            <cfset loginmessage="Invalid Login">
            <cfinclude template="loginform.cfm">
            <cfabort>
        </cfif>
   </cfif>
</cflogin>

<!-- strips leading & trailing spaces from the list of roles that was returned -->
<cffunction name="stripSpacesfromList">
    <cfargument name="myList">
    <cfset myArray=listtoarray(arguments.myList)>
    <cfloop index="i" from="1" to="#arraylen(myArray)#" step="1">
        <!--- <cfset myArray[i]=replace(trim(myArray[i]), " ", "_")> 
        out<br>--->
        <cfset myArray[i]=trim(myArray[i])>
    </cfloop>
    <cfset newList=arrayToList(myArray)>
    <cfreturn newList>
</cffunction>

这是您可能感兴趣的 cfc:

<!--- 
This component implements methods for use for NT Authentication and Authorization.

$Log: NTSecurity.cfc,v $
Revision 1.1  2002/03/08 22:40:41  jking
Revision 1.2  2002/06/26 22:46  Brandon Purcell
component for authentication and authorization
--->

<cfcomponent name="NTSecurity" >

        <!---  Authenticates the user and outputs true on success and false on failure. --->
        <cffunction name="authenticateUser" access="REMOTE" output="no" static="yes" hint="Authenticates the user." returntype="boolean">
                <cfargument name="userid" type="string" required="true" />
                <cfargument name="passwd" type="string" required="true" />
                <cfargument name="domain" type="string" required="true" />
                <cftry> 
                        <cfscript>
                        ntauth = createObject("java", "jrun.security.NTAuth");
                        ntauth.init(arguments.domain);
                        // authenticateUser throws an exception if it fails, 
                        ntauth.authenticateUser(arguments.userid, arguments.passwd);
                        </cfscript>

                <cfreturn true>
                <cfcatch>
                <cfreturn false>
                </cfcatch>
                </cftry>  
        </cffunction>

        <!--- 
                Authenticates the user and outputs true on success and false on failure.
        --->
        <cffunction access="remote" name="getUserGroups" output="false" returntype="string" hint="Gets user groups." static="yes">
                <cfargument name="userid" type="string" required="true" />
                <cfargument name="domain" type="string" required="true" />

                 <cftry>
                        <cfscript>
                        ntauth = createObject("java", "jrun.security.NTAuth");
                        ntauth.init(arguments.domain);
                        groups = ntauth.GetUserGroups(arguments.userid); 
                        // note that groups is a java.util.list, which should be 
                        // equiv to a CF array, but it's not right now???
                        groups = trim(groups.toString());
                        groups = mid(groups,2,len(groups)-2);
                        </cfscript>
                       <cfreturn groups>
                <cfcatch>
                        <cflog text="Error in ntsecurity.cfc method getUserGroups - Error: #cfcatch.message#" type="Error" log="authentication" file="authentication" thread="yes" date="yes" time="yes" application="no"> 
                        <cfreturn "">
                 </cfcatch>
                </cftry>  

        </cffunction>

        <!--- 
                This method combines the functionality of authenticateUser and getUserGroups. 
        --->
        <cffunction access="remote" name="authenticateAndGetGroups" output="false" returntype="string" hint="Authenticates the user and gets user groups if it returns nothing the user is not authticated" static="yes">
                <cfargument name="userid" type="string" required="true" />
                <cfargument name="passwd" type="string" required="true" />
                <cfargument name="domain" type="string" required="true" />  
                 <cftry>  
                        <cfscript>
                        ntauth = createObject("java", "jrun.security.NTAuth");
                        ntauth.init(arguments.domain);
                        // authenticateUser throws an exception if it fails, 
                        // so we don't have anything specific here
                        ntauth.authenticateUser(arguments.userid, arguments.passwd);
                        groups = ntauth.GetUserGroups(arguments.userid);

                        // note that groups is a java.util.list, which should be 
                        // equiv to a CF array, but it's not right now
                        groups = trim(groups.toString());
                        groups = mid(groups,2,len(groups)-2);
                        </cfscript>     
                <cfreturn groups>
                <cfcatch>
                        <cfreturn "">
                 </cfcatch>
                </cftry>   

        </cffunction>

</cfcomponent>

Here is some code I found in:

http://www.bpurcell.org/downloads/presentations/securing_cfapps_examples.zip

There are also examples for ldap, webservices, and more.. I'll paste 2 files here so you can have an idea, code looks like it should still work.

<cfapplication name="example2" sessionmanagement="Yes" loginStorage="Session">
<!-- Application.cfm -->
<!-- CFMX will check for authentication with each page request. -->
<cfset Request.myDomain="allaire">

<cfif isdefined("url.logout")>
    <CFLOGOUT>
</cfif>


<cflogin>
   <cfif not IsDefined("cflogin")>
      <cfinclude template="loginform.cfm">
      <cfabort>
   <cfelse>
      <!--Invoke NTSecurity CFC -->
        <cfinvoke component = "NTSecurity" method = "authenticateAndGetGroups"
            returnVariable = "userRoles" domain = "#Request.myDomain#"
            userid = "#cflogin.name#" passwd = "#cflogin.password#">
        <cfif userRoles NEQ "">
            <cfloginuser name = "#cflogin.name#" password = "#cflogin.password#" roles="#stripSpacesfromList(userRoles)#">
            <cfset session.displayroles=stripSpacesfromList(userRoles)><!--- for displaying roles only --->
        <cfelse>
            <cfset loginmessage="Invalid Login">
            <cfinclude template="loginform.cfm">
            <cfabort>
        </cfif>
   </cfif>
</cflogin>

<!-- strips leading & trailing spaces from the list of roles that was returned -->
<cffunction name="stripSpacesfromList">
    <cfargument name="myList">
    <cfset myArray=listtoarray(arguments.myList)>
    <cfloop index="i" from="1" to="#arraylen(myArray)#" step="1">
        <!--- <cfset myArray[i]=replace(trim(myArray[i]), " ", "_")> 
        out<br>--->
        <cfset myArray[i]=trim(myArray[i])>
    </cfloop>
    <cfset newList=arrayToList(myArray)>
    <cfreturn newList>
</cffunction>

This is the cfc that might be of interest to you:

<!--- 
This component implements methods for use for NT Authentication and Authorization.

$Log: NTSecurity.cfc,v $
Revision 1.1  2002/03/08 22:40:41  jking
Revision 1.2  2002/06/26 22:46  Brandon Purcell
component for authentication and authorization
--->

<cfcomponent name="NTSecurity" >

        <!---  Authenticates the user and outputs true on success and false on failure. --->
        <cffunction name="authenticateUser" access="REMOTE" output="no" static="yes" hint="Authenticates the user." returntype="boolean">
                <cfargument name="userid" type="string" required="true" />
                <cfargument name="passwd" type="string" required="true" />
                <cfargument name="domain" type="string" required="true" />
                <cftry> 
                        <cfscript>
                        ntauth = createObject("java", "jrun.security.NTAuth");
                        ntauth.init(arguments.domain);
                        // authenticateUser throws an exception if it fails, 
                        ntauth.authenticateUser(arguments.userid, arguments.passwd);
                        </cfscript>

                <cfreturn true>
                <cfcatch>
                <cfreturn false>
                </cfcatch>
                </cftry>  
        </cffunction>

        <!--- 
                Authenticates the user and outputs true on success and false on failure.
        --->
        <cffunction access="remote" name="getUserGroups" output="false" returntype="string" hint="Gets user groups." static="yes">
                <cfargument name="userid" type="string" required="true" />
                <cfargument name="domain" type="string" required="true" />

                 <cftry>
                        <cfscript>
                        ntauth = createObject("java", "jrun.security.NTAuth");
                        ntauth.init(arguments.domain);
                        groups = ntauth.GetUserGroups(arguments.userid); 
                        // note that groups is a java.util.list, which should be 
                        // equiv to a CF array, but it's not right now???
                        groups = trim(groups.toString());
                        groups = mid(groups,2,len(groups)-2);
                        </cfscript>
                       <cfreturn groups>
                <cfcatch>
                        <cflog text="Error in ntsecurity.cfc method getUserGroups - Error: #cfcatch.message#" type="Error" log="authentication" file="authentication" thread="yes" date="yes" time="yes" application="no"> 
                        <cfreturn "">
                 </cfcatch>
                </cftry>  

        </cffunction>

        <!--- 
                This method combines the functionality of authenticateUser and getUserGroups. 
        --->
        <cffunction access="remote" name="authenticateAndGetGroups" output="false" returntype="string" hint="Authenticates the user and gets user groups if it returns nothing the user is not authticated" static="yes">
                <cfargument name="userid" type="string" required="true" />
                <cfargument name="passwd" type="string" required="true" />
                <cfargument name="domain" type="string" required="true" />  
                 <cftry>  
                        <cfscript>
                        ntauth = createObject("java", "jrun.security.NTAuth");
                        ntauth.init(arguments.domain);
                        // authenticateUser throws an exception if it fails, 
                        // so we don't have anything specific here
                        ntauth.authenticateUser(arguments.userid, arguments.passwd);
                        groups = ntauth.GetUserGroups(arguments.userid);

                        // note that groups is a java.util.list, which should be 
                        // equiv to a CF array, but it's not right now
                        groups = trim(groups.toString());
                        groups = mid(groups,2,len(groups)-2);
                        </cfscript>     
                <cfreturn groups>
                <cfcatch>
                        <cfreturn "">
                 </cfcatch>
                </cftry>   

        </cffunction>

</cfcomponent>
回复 原文
知足的幸福 2024-07-28 12:42:43

就我而言,我使用“NTLM 授权代理服务器”

http://www.tldp.org/HOWTO/Web-Browsing-Behind-ISA-Server-HOWTO-4.html

对我来说工作正常:)

In my case I fixed this problem using 'NTLM Authorization Proxy Server'

http://www.tldp.org/HOWTO/Web-Browsing-Behind-ISA-Server-HOWTO-4.html

work fine for me :)

回复 原文
裂开嘴轻声笑有多痛 2024-07-28 12:42:43

您可以尝试按照此处的指导进行操作:http://cfsilence.com/blog/client/index.cfm/2008/3/17/ColdFusionSharepoint-Integration--Part-1--Authenticating

这就是您所做的事情:

edit the client-config.wsdd

改成

<transport 
    name="http" 
    pivot="java:org.apache.axis.transport.http.HTTPSender">
</transport>


<transport 
    name="http" 
    pivot="java:org.apache.axis.transport.http.CommonsHTTPSender">
</transport>

You could try following the guidance here: http://cfsilence.com/blog/client/index.cfm/2008/3/17/ColdFusionSharepoint-Integration--Part-1--Authenticating

Here is what it boils down to you doing:

edit the client-config.wsdd

Change

<transport 
    name="http" 
    pivot="java:org.apache.axis.transport.http.HTTPSender">
</transport>

to

<transport 
    name="http" 
    pivot="java:org.apache.axis.transport.http.CommonsHTTPSender">
</transport>
回复 原文
南街九尾狐 2024-07-28 12:42:43

如果来自 Brandon Purcell 的使用 jrun.security.NTauth 类的代码在 cf9 中不适合您(它不适合我),修复方法是使用而是使用 coldfusion.security.NTAuthentication 类。 一切对我来说都很好。

If the code from Brandon Purcell that uses the jrun.security.NTauth class doesn't work for you in cf9 (it didn't for me) the fix is to use the coldfusion.security.NTAuthentication class instead. Everything worked fine for me.

回复 原文
~没有更多了~

关于作者

北城挽邺

暂无简介

0 文章
0 评论
23 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

1CH1MKgiKxn9p

文章 0 评论 0

ゞ记忆︶ㄣ

文章 0 评论 0

JackDx

文章 0 评论 0

信远

文章 0 评论 0

yaoduoduo1995

文章 0 评论 0

霞映澄塘

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文