I am using NTLM authentication for my service. How to create the NTLM authentication in my API service call can anyone help with that? I need the complete coding for NTLM authentication
1
-
1Does this answer your question? Using NTLM authentication in Java applicationsmuhammad tayyab– muhammad tayyab2021-11-10 16:43:04 +00:00Commented Nov 10, 2021 at 16:43
Add a comment
|
1 Answer
We use the following code to work with NTLM in production. As you can see it checks whether configuration is correct by sending simple HTTP GET.
package xxx;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.apache.http.HttpHeaders;
import org.apache.http.HttpRequestInterceptor;
import org.apache.http.auth.*;
import org.apache.http.client.CredentialsProvider;
import org.apache.http.client.config.AuthSchemes;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.impl.auth.NTLMSchemeFactory;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.oxm.jaxb.Jaxb2Marshaller;
import org.springframework.ws.transport.WebServiceMessageSender;
import org.springframework.ws.transport.http.HttpComponentsMessageSender;
import java.util.Arrays;
@Configuration
public class Configuration {
@Bean
public WebServiceMessageSender messageSender(
@Autowired final Credentials credentials,
@Autowired final HttpUriRequest handshake,
@Value("${service.timeout}") final int timeout
) {
HttpComponentsMessageSender messageSender = new HttpComponentsMessageSender();
CredentialsProvider credentialsProvider;
Registry<AuthSchemeProvider> registry;
RequestConfig requestConfig;
credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(AuthScope.ANY, credentials);
registry = RegistryBuilder.<AuthSchemeProvider> create()
.register(AuthSchemes.NTLM, new NTLMSchemeFactory())
.build();
HttpRequestInterceptor interceptor =
(request, context) -> request.removeHeaders(HttpHeaders.CONTENT_LENGTH);
requestConfig = RequestConfig.custom()
.setConnectTimeout(timeout)
.build();
CloseableHttpClient httpClient = HttpClients.custom()
.setDefaultRequestConfig(requestConfig)
.setDefaultAuthSchemeRegistry(registry)
.setDefaultCredentialsProvider(credentialsProvider)
.addInterceptorFirst(interceptor)
.build();
try {
CloseableHttpResponse r = httpClient.execute(handshake);
if (log.isInfoEnabled()) {
log.info("Handshake initiated, response headers: {}",
Arrays.toString(r.getAllHeaders())
);
}
} catch (Exception e) {
log.error("Could not execute HTTP handshake request (method = {})",
handshake.getMethod(), e
);
}
messageSender.setHttpClient(httpClient);
return messageSender;
}
@Bean
public Credentials credentials(
@Value("${service.auth.username}") String user,
@Value("${service.auth.password}") String pass,
@Value("${service.auth.workstation}") String workstation,
@Value("${service.auth.domain}") String domain
) {
return new org.apache.http.auth.NTCredentials(user, pass, workstation, domain);
}
@Bean
public HttpUriRequest handshake(@Value("${service.uri}") final String uri) {
return new HttpGet(uri);
}
}
application.properties looks like this:
service.uri=http://somehost/somepath/SomeService.svc
service.action=http://somehost1/somepath1
service.timeout=3000
service.auth.username=someuser
service.auth.password=somepassword
service.auth.domain=somedomain
service.auth.workstation=anything
