【问题标题】:NTLM Authentication in ColdFusionColdFusion 中的 NTLM 身份验证
【发布时间】:2009-05-21 21:45:59
【问题描述】:

在 ColdFusion 中是否有推荐的(最好是免费的)方法来访问受 NTLM 身份验证保护的远程文件? cfhttp 标签似乎只支持基本身份验证。

【问题讨论】:

    标签: coldfusion ntlm


    【解决方案1】:

    这个 CFX 标签 - CFX_HTTP5 - 应该可以满足您的需求。它确实要花 50 美元,但也许物有所值?似乎要付出很小的代价。

    【讨论】:

    • 这不是一个糟糕的解决方案;我过去曾使用过它并且它有效。我想避免的不是金钱成本,而是维护许可证和外部依赖的麻烦成本。
    • 嗯,您目前无法在 CF 中本地执行此操作,因此您要么需要这样的第三方解决方案,要么需要自己推出。
    • 也有免费的java库可以做类似的事情,但没有一个像CFX标签那样容易使用。
    【解决方案2】:

    这是我找到的一些代码:

    http://www.bpurcell.org/downloads/presentations/securing_cfapps_examples.zip

    还有 ldap、webservices 等的示例。我将在此处粘贴 2 个文件,以便您有一个想法,代码看起来应该仍然可以工作。

    <cfapplication name="example2" sessionmanagement="Yes" loginStorage="Session">
    <!-- Application.cfm -->
    <!-- CFMX will check for authentication with each page request. -->
    <cfset Request.myDomain="allaire">
    
    <cfif isdefined("url.logout")>
        <CFLOGOUT>
    </cfif>
    
    
    <cflogin>
       <cfif not IsDefined("cflogin")>
          <cfinclude template="loginform.cfm">
          <cfabort>
       <cfelse>
          <!--Invoke NTSecurity CFC -->
            <cfinvoke component = "NTSecurity" method = "authenticateAndGetGroups"
                returnVariable = "userRoles" domain = "#Request.myDomain#"
                userid = "#cflogin.name#" passwd = "#cflogin.password#">
            <cfif userRoles NEQ "">
                <cfloginuser name = "#cflogin.name#" password = "#cflogin.password#" roles="#stripSpacesfromList(userRoles)#">
                <cfset session.displayroles=stripSpacesfromList(userRoles)><!--- for displaying roles only --->
            <cfelse>
                <cfset loginmessage="Invalid Login">
                <cfinclude template="loginform.cfm">
                <cfabort>
            </cfif>
       </cfif>
    </cflogin>
    
    <!-- strips leading & trailing spaces from the list of roles that was returned -->
    <cffunction name="stripSpacesfromList">
        <cfargument name="myList">
        <cfset myArray=listtoarray(arguments.myList)>
        <cfloop index="i" from="1" to="#arraylen(myArray)#" step="1">
            <!--- <cfset myArray[i]=replace(trim(myArray[i]), " ", "_")> 
            out<br>--->
            <cfset myArray[i]=trim(myArray[i])>
        </cfloop>
        <cfset newList=arrayToList(myArray)>
        <cfreturn newList>
    </cffunction>
    

    这是您可能感兴趣的 cfc:

    <!--- 
    This component implements methods for use for NT Authentication and Authorization.
    
    $Log: NTSecurity.cfc,v $
    Revision 1.1  2002/03/08 22:40:41  jking
    Revision 1.2  2002/06/26 22:46  Brandon Purcell
    component for authentication and authorization
    --->
    
    <cfcomponent name="NTSecurity" >
    
            <!---  Authenticates the user and outputs true on success and false on failure. --->
            <cffunction name="authenticateUser" access="REMOTE" output="no" static="yes" hint="Authenticates the user." returntype="boolean">
                    <cfargument name="userid" type="string" required="true" />
                    <cfargument name="passwd" type="string" required="true" />
                    <cfargument name="domain" type="string" required="true" />
                    <cftry> 
                            <cfscript>
                            ntauth = createObject("java", "jrun.security.NTAuth");
                            ntauth.init(arguments.domain);
                            // authenticateUser throws an exception if it fails, 
                            ntauth.authenticateUser(arguments.userid, arguments.passwd);
                            </cfscript>
    
                    <cfreturn true>
                    <cfcatch>
                    <cfreturn false>
                    </cfcatch>
                    </cftry>  
            </cffunction>
    
            <!--- 
                    Authenticates the user and outputs true on success and false on failure.
            --->
            <cffunction access="remote" name="getUserGroups" output="false" returntype="string" hint="Gets user groups." static="yes">
                    <cfargument name="userid" type="string" required="true" />
                    <cfargument name="domain" type="string" required="true" />
    
                     <cftry>
                            <cfscript>
                            ntauth = createObject("java", "jrun.security.NTAuth");
                            ntauth.init(arguments.domain);
                            groups = ntauth.GetUserGroups(arguments.userid); 
                            // note that groups is a java.util.list, which should be 
                            // equiv to a CF array, but it's not right now???
                            groups = trim(groups.toString());
                            groups = mid(groups,2,len(groups)-2);
                            </cfscript>
                           <cfreturn groups>
                    <cfcatch>
                            <cflog text="Error in ntsecurity.cfc method getUserGroups - Error: #cfcatch.message#" type="Error" log="authentication" file="authentication" thread="yes" date="yes" time="yes" application="no"> 
                            <cfreturn "">
                     </cfcatch>
                    </cftry>  
    
            </cffunction>
    
            <!--- 
                    This method combines the functionality of authenticateUser and getUserGroups. 
            --->
            <cffunction access="remote" name="authenticateAndGetGroups" output="false" returntype="string" hint="Authenticates the user and gets user groups if it returns nothing the user is not authticated" static="yes">
                    <cfargument name="userid" type="string" required="true" />
                    <cfargument name="passwd" type="string" required="true" />
                    <cfargument name="domain" type="string" required="true" />  
                     <cftry>  
                            <cfscript>
                            ntauth = createObject("java", "jrun.security.NTAuth");
                            ntauth.init(arguments.domain);
                            // authenticateUser throws an exception if it fails, 
                            // so we don't have anything specific here
                            ntauth.authenticateUser(arguments.userid, arguments.passwd);
                            groups = ntauth.GetUserGroups(arguments.userid);
    
                            // note that groups is a java.util.list, which should be 
                            // equiv to a CF array, but it's not right now
                            groups = trim(groups.toString());
                            groups = mid(groups,2,len(groups)-2);
                            </cfscript>     
                    <cfreturn groups>
                    <cfcatch>
                            <cfreturn "">
                     </cfcatch>
                    </cftry>   
    
            </cffunction>
    
    </cfcomponent>
    

    【讨论】:

    • 如果我想用 NTLM 保护我自己的应用程序,这似乎更多。还是我理解错了?
    【解决方案3】:

    如果 Brandon Purcell 使用 jrun.security.NTauth 类的代码在 cf9 中对您不起作用(对我不起作用),则解决方法是改用 coldfusion.security.NTAuthentication 类。对我来说一切都很好。

    【讨论】:

    • 我刚刚花了半个小时试图找到那个类名!谢谢!!
    【解决方案4】:

    您可以尝试按照此处的指导进行操作:http://cfsilence.com/blog/client/index.cfm/2008/3/17/ColdFusionSharepoint-Integration--Part-1--Authenticating

    这归结为你在做什么:

    edit the client-config.wsdd
    

    改变

    <transport 
        name="http" 
        pivot="java:org.apache.axis.transport.http.HTTPSender">
    </transport>
    

    <transport 
        name="http" 
        pivot="java:org.apache.axis.transport.http.CommonsHTTPSender">
    </transport>
    

    【讨论】:

    • 嗯,这看起来很有希望,但对我不起作用。也许 CF 在发出 SOAP 请求时只使用 Axis? (我只是想获取一个纯文本文件。)
    【解决方案5】:

    就我而言,我使用“NTLM 授权代理服务器”解决了这个问题

    http://www.tldp.org/HOWTO/Web-Browsing-Behind-ISA-Server-HOWTO-4.html

    对我来说很好:)

    【讨论】:

      猜你喜欢
      • 2010-10-02
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 2011-02-27
      • 2019-02-06
      • 2017-04-08
      相关资源
      最近更新 更多