解决域用户 maven 不能更新问题

问题：

公司网络使用了域账号管理机制，上网必须配指定的机器名和域名，最头痛的是还需要密码，访问网站经常弹出输入用户名密码的窗口，很多软件如 Maven 都不能更新。

解决办法：

是使用 Cntlm Authentication Procxy 进行代理的转换，把公司的代理转成本地的标准代理。这样内部的系统也就可以上网了^_^。而且使用了cntlm以后，公司的限制就没有了，哈哈。

下面介绍配置方式：

软件官网：http://sourceforge.net/projects/cntlm/是开源的哦！可以在linux和window下运行。

 

安装windows版：

1、下载 cntlm-0.92.3-setup.exe。

2、默认安装到"C:\Program Files\Cntlm"，不要改变目录否则服务启动不了。

3、修改配置文件cntlm.ini

第8行 设定基本信息

Username你的域用户名
Domain 公司分配的域名
Password  登录域密码

第29行 代理信息

Proxy公司代理ip:端口

第41行 监听信息

Listen 本机ip:端口

其余默认即可，如下所示。

#
# Cntlm Authentication Proxy Configuration
#
# NOTE: all values are parsed literally, do NOT escape spaces,
# do not quote. Use 0600 perms if you use plaintext password.
#

Username	username	
Domain itec
Password	123456
# NOTE: Use plaintext password only at your own risk
# Use hashes instead. You can use a "cntlm -M" and "cntlm -H"
# command sequence to get the right config for your environment.
# See cntlm man page
# Example secure config shown below.
# PassLM          1AD35398BE6565DDB5C4EF70C0593492
# PassNT          77B9081511704EE852F94227CF48A793
### Only for user 'testuser', domain 'corp-uk'
# PassNTLMv2      D5826E9C665C37C80B53397D5C07BBCB

# Specify the netbios hostname cntlm will send to the parent
# proxies. Normally the value is auto-guessed.
#
# Workstation	netbios_hostname

# List of parent proxies to use. More proxies can be defined
# one per line in format <proxy_ip>:<proxy_port>
#
Proxy		isa.itec.com:8080

# List addresses you do not want to pass to parent proxies
# * and ? wildcards can be used
#
NoProxy		localhost, 127.0.0.*, 10.*, 192.168.*

# Specify the port cntlm will listen on
# You can bind cntlm to specific interface by specifying
# the appropriate IP address also in format <local_ip>:<local_port>
# Cntlm listens on 127.0.0.1:3128 by default
#
Listen		192.168.200.88:5865

# If you wish to use the SOCKS5 proxy feature as well, uncomment
# the following option. It can be used several times
# to have SOCKS5 on more than one port or on different network
# interfaces (specify explicit source address for that).
#
# WARNING: The service accepts all requests, unless you use
# SOCKS5User and make authentication mandatory. SOCKS5User
# can be used repeatedly for a whole bunch of individual accounts.
#
#SOCKS5Proxy	8010
#SOCKS5User	dave:password

# Use -M first to detect the best NTLM settings for your proxy.
# Default is to use the only secure hash, NTLMv2, but it is not
# as available as the older stuff.
#
# This example is the most universal setup known to man, but it
# uses the weakest hash ever. I won't have it's usage on my
# conscience. :) Really, try -M first.
#
#Auth		LM
#Flags		0x06820000

# Enable to allow access from other computers
#
#Gateway	yes

# Useful in Gateway mode to allow/restrict certain IPs
# Specifiy individual IPs or subnets one rule per line.
#
#Allow		127.0.0.1
#Deny		0/0

# GFI WebMonitor-handling plugin parameters, disabled by default
#
#ISAScannerSize     1024
#ISAScannerAgent    Wget/
#ISAScannerAgent    APT-HTTP/
#ISAScannerAgent    Yum/

# Headers which should be replaced if present in the request
#
#Header		User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)

# Tunnels mapping local port to a machine behind the proxy.
# The format is <local_port>:<remote_host>:<remote_port>
# 
#Tunnel		11443:remote.com:443

4、启动服务

点击开始菜单->cntlm->Start Cntlm Authentication Proxy 即可启动服务

如果服务启动失败，也可以自己写启动脚本

@echo off
d:
cd D:\Program Files\Cntlm
cntlm -c cntlm.ini -f

 

配置上网：

打开 ie 浏览器，设置代理上网方式为127.0.0.1:5865

5865 是 Cntlm 服务使用的端口号，在 cntlm.ini 里面有默认的配置，可以修改为未被占用的任意端口。

 

配置 Maven：

修改配置文件 %M2_HOME%/conf/settings.xml

  <proxies>
    <!-- proxy
     | Specification for one proxy, to be used in connecting to the network.
     |
    <proxy>
      <id>optional</id>
      <active>true</active>
      <protocol>http</protocol>
      <host>192.168.200.88</host>
      <port>5865</port>
    </proxy>

  </proxies>