ColdFusion中的NTLM身份验证

时间:2009-05-21 21:45:59

标签: coldfusion ntlm

ColdFusion中是否有推荐的(最好是免费的)方式来访问受NTLM身份验证保护的远程文件? cfhttp标记似乎仅支持基本身份验证。

5 个答案:

答案 0 :(得分:4)

这个CFX标签 - CFX_HTTP5 - 应该做你需要的。它确实花了50美元,但也许它值得花费?这似乎是一个很小的代价。

答案 1 :(得分:1)

以下是我发现的一些代码:

http://www.bpurcell.org/downloads/presentations/securing_cfapps_examples.zip

还有ldap,webservices等的示例..我会在这里粘贴2个文件,这样你就可以有一个想法,代码看起来应该仍然有用。

<cfapplication name="example2" sessionmanagement="Yes" loginStorage="Session">
<!-- Application.cfm -->
<!-- CFMX will check for authentication with each page request. -->
<cfset Request.myDomain="allaire">

<cfif isdefined("url.logout")>
    <CFLOGOUT>
</cfif>


<cflogin>
   <cfif not IsDefined("cflogin")>
      <cfinclude template="loginform.cfm">
      <cfabort>
   <cfelse>
      <!--Invoke NTSecurity CFC -->
        <cfinvoke component = "NTSecurity" method = "authenticateAndGetGroups"
            returnVariable = "userRoles" domain = "#Request.myDomain#"
            userid = "#cflogin.name#" passwd = "#cflogin.password#">
        <cfif userRoles NEQ "">
            <cfloginuser name = "#cflogin.name#" password = "#cflogin.password#" roles="#stripSpacesfromList(userRoles)#">
            <cfset session.displayroles=stripSpacesfromList(userRoles)><!--- for displaying roles only --->
        <cfelse>
            <cfset loginmessage="Invalid Login">
            <cfinclude template="loginform.cfm">
            <cfabort>
        </cfif>
   </cfif>
</cflogin>

<!-- strips leading & trailing spaces from the list of roles that was returned -->
<cffunction name="stripSpacesfromList">
    <cfargument name="myList">
    <cfset myArray=listtoarray(arguments.myList)>
    <cfloop index="i" from="1" to="#arraylen(myArray)#" step="1">
        <!--- <cfset myArray[i]=replace(trim(myArray[i]), " ", "_")> 
        out<br>--->
        <cfset myArray[i]=trim(myArray[i])>
    </cfloop>
    <cfset newList=arrayToList(myArray)>
    <cfreturn newList>
</cffunction>

这可能是你感兴趣的cfc:

<!--- 
This component implements methods for use for NT Authentication and Authorization.

$Log: NTSecurity.cfc,v $
Revision 1.1  2002/03/08 22:40:41  jking
Revision 1.2  2002/06/26 22:46  Brandon Purcell
component for authentication and authorization
--->

<cfcomponent name="NTSecurity" >

        <!---  Authenticates the user and outputs true on success and false on failure. --->
        <cffunction name="authenticateUser" access="REMOTE" output="no" static="yes" hint="Authenticates the user." returntype="boolean">
                <cfargument name="userid" type="string" required="true" />
                <cfargument name="passwd" type="string" required="true" />
                <cfargument name="domain" type="string" required="true" />
                <cftry> 
                        <cfscript>
                        ntauth = createObject("java", "jrun.security.NTAuth");
                        ntauth.init(arguments.domain);
                        // authenticateUser throws an exception if it fails, 
                        ntauth.authenticateUser(arguments.userid, arguments.passwd);
                        </cfscript>

                <cfreturn true>
                <cfcatch>
                <cfreturn false>
                </cfcatch>
                </cftry>  
        </cffunction>

        <!--- 
                Authenticates the user and outputs true on success and false on failure.
        --->
        <cffunction access="remote" name="getUserGroups" output="false" returntype="string" hint="Gets user groups." static="yes">
                <cfargument name="userid" type="string" required="true" />
                <cfargument name="domain" type="string" required="true" />

                 <cftry>
                        <cfscript>
                        ntauth = createObject("java", "jrun.security.NTAuth");
                        ntauth.init(arguments.domain);
                        groups = ntauth.GetUserGroups(arguments.userid); 
                        // note that groups is a java.util.list, which should be 
                        // equiv to a CF array, but it's not right now???
                        groups = trim(groups.toString());
                        groups = mid(groups,2,len(groups)-2);
                        </cfscript>
                       <cfreturn groups>
                <cfcatch>
                        <cflog text="Error in ntsecurity.cfc method getUserGroups - Error: #cfcatch.message#" type="Error" log="authentication" file="authentication" thread="yes" date="yes" time="yes" application="no"> 
                        <cfreturn "">
                 </cfcatch>
                </cftry>  

        </cffunction>

        <!--- 
                This method combines the functionality of authenticateUser and getUserGroups. 
        --->
        <cffunction access="remote" name="authenticateAndGetGroups" output="false" returntype="string" hint="Authenticates the user and gets user groups if it returns nothing the user is not authticated" static="yes">
                <cfargument name="userid" type="string" required="true" />
                <cfargument name="passwd" type="string" required="true" />
                <cfargument name="domain" type="string" required="true" />  
                 <cftry>  
                        <cfscript>
                        ntauth = createObject("java", "jrun.security.NTAuth");
                        ntauth.init(arguments.domain);
                        // authenticateUser throws an exception if it fails, 
                        // so we don't have anything specific here
                        ntauth.authenticateUser(arguments.userid, arguments.passwd);
                        groups = ntauth.GetUserGroups(arguments.userid);

                        // note that groups is a java.util.list, which should be 
                        // equiv to a CF array, but it's not right now
                        groups = trim(groups.toString());
                        groups = mid(groups,2,len(groups)-2);
                        </cfscript>     
                <cfreturn groups>
                <cfcatch>
                        <cfreturn "">
                 </cfcatch>
                </cftry>   

        </cffunction>

</cfcomponent>

答案 2 :(得分:1)

如果使用jrun.security.NTauth类的Brandon Purcell的代码在cf9中不适合你(它不适合我),修复方法是使用coldfusion.security.NTAuthentication类代替。一切都很适合我。

答案 3 :(得分:0)

在我的情况下,我使用'NTLM授权代理服务器'

解决了这个问题

following answer

对我来说很好。:)

答案 4 :(得分:0)

您可以尝试按照此处的指导进行操作: http://cfsilence.com/blog/client/index.cfm/2008/3/17/ColdFusionSharepoint-Integration--Part-1--Authenticating

这是归结为你做的:

edit the client-config.wsdd

更改

<transport 
    name="http" 
    pivot="java:org.apache.axis.transport.http.HTTPSender">
</transport>

<transport 
    name="http" 
    pivot="java:org.apache.axis.transport.http.CommonsHTTPSender">
</transport>