JCIFS使用NTLM HTTP认证供参习.docxVIP

JCIFS NTLM HTTP AuthenticationJCIFS使用NTLM HTTP认证A common requirement of websites on corporate Intranets is NTLM HTTP authentication also sometimes referred to as Single Sign On (SSO).一个企业内联网网站上常见的需求是NTLM HTTP认证有时也被称为单点登录（SSO）。Microsoft Internet Explorer has the ability to negotiate NTLM password hashes over an HTTP session using base 64 encoded NTLMSSP messages.微软IE浏览器的能力，谈判通过HTTP使用Base 64编码NTLMSSP消息会话使用NTLM密码散列。This is a staple feature of IIS but Java application servers too can use jCIFS to authenticate MSIE clients against a domain controller.这是一个Java应用程序的IIS，但也可以使用jCIFS来验证客户端的域控制器MSIE主食服务器功能。This is a useful feature because many of the tasks surrounding user management now fall back to computer support and HR.这是一个有用的功能，因为周围的用户管理，现在回落到电脑支持和人力资源的许多任务。It is not necessary to add and remove users as they join and leave the company.这是没有必要添加和删除用户，因为他们加入和离开公司。Perhaps most important from a users perspective; they do not need to enter a username or password if their workstation is a member of the domain.也许最重要的，从用户的角度来看，他们并不需要输入用户名和密码，如果他们的工作站是域的成员。The password hashes generated when they logged on to their workstation will be negotiated during the initial request for a session, passed through jCIFS, and validated against a PDC or BDC.时产生的密码哈希他们登录到自己的工作站将在通过jCIFS通过了会议，初步要求谈判，并针对PDC或BDC验证。This also makes the users domain, username, and password available for managing session information, profiles, preferences, etc. Using the jCIFS Servlet Filter it is trivial to add NTLM HTTP authentication support to your site.这也使得用户的网域，用户名和密码管理会话的信息，特征，喜好等使用jCIFS Servlet过滤器是微不足道的HTTP验证的支持NTLM身份加入到您的网站上。It is also possible to build custom authentication modules using the NtlmSsp classes directly.它也可以创建自定义身份验证模块使用NtlmSsp类直接。This Filter scales very well primarily because sessions are multiplexed over transports.这个过滤器尺度非常好，主要是因为会话是在复用传输。But this functionality is not without caveats.但是，这个功能也不是没有警告。Note: This functionality is a non-conformant extension to HTTP conceived entirely by Microsoft.注：此