[akka-user] Akka Http Client-Side API and NTLM Authentication Flow

Thu, 12 May 2016 04:48:08 -0700 

Morning all,

I'm investigating how to authenticate to an external http server that 
requires NTLM authentication with Akka's HTTP Client Side API. Like TLS, 
NTLM requires a handshake/context exchange and the lifetime of the context 
is bound to the tcp channel.

>From the streams documentation and code it looks like I would need to write 
a custom BidiFlow[HttpRequest, HttpResponse, ...] that can be joined to a 
Https or Http Flow[HttpRequest, HttpResponse, ...]


        |  +----------------------+                   
+---------------------------+ 
    I1 ~~> |  --------->   ---->  |   HttpRequest ->  |                     
      | 
        |  |   Auth Flow   |  401 |                   | Outgoing Http 
Connection  | 
    O2 <~~ |  <---------   <----  | <- HttpResponse   |                     
      | 
        |  +----------------------+                   
+---------------------------+ 
      (materialize a Future NTLM context)

The NTLM BidiFlow would need to withhold the body and send the negotiate 
token in an outgoing request, handle the incoming 401 response, extract and 
validate the challenge token and finally send the challenge response along 
with the body. I would need to materialize the NTLM context so users can 
validate the remote host and sign/verify/encryt/decrypt messages.

This approach requires some time to develop, I was hoping it would be 
possible to extend a base authentication trait or something? I have read up 
on using directives for authentication - but this appears to apply to 
server side routes. Is this BidiFlow approach sound/sensible or is there an 
easier way to do authentication

Thanks
Ian

-- 
>>>>>>>>>>      Read the docs: http://akka.io/docs/
>>>>>>>>>>      Check the FAQ: 
>>>>>>>>>> http://doc.akka.io/docs/akka/current/additional/faq.html
>>>>>>>>>>      Search the archives: https://groups.google.com/group/akka-user
--- 
You received this message because you are subscribed to the Google Groups "Akka 
User List" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/group/akka-user.
For more options, visit https://groups.google.com/d/optout.

Reply via email to