Thanks for the info John. I does appear that Axis 2 has support for NTLM authentication. Maybe we'll see an update in a future release. I'll submit it as an RFE.
We were able to come up with a work around but I am not thrilled with it. Using BURP Suite's proxy feature (http://www.portswigger.net/suite/) we are able to run the web service call through the BURP proxy and add NTLM credentials before the LANDesk server is called. I am hesitant to call this method production worthy. For one it is a tool for "attacking web applications." I can imagine our security team's response when they find out we want to run this full time as part of our production environment. Also since it is designed to analyze traffic, I am figuring there must be a performance hit. I haven't looked at all of the configuration options, maybe we can run it as just a proxy without the analysis enabled? Still it is a "magic" proxy essentially allows anonymous access and then adds AD credentials. We'll need to figure out the best way to lock it down if we do go this route. I have searched a little for another application that will proxy and add NTLM but haven't found anything yet. We have a pretty talented team of .NET developers. I might see if they can whip up a simple proxy app that will add the NTLM credentials and require some authentication to connect. Jason On Thu, Mar 25, 2010 at 1:40 AM, John Baker <[email protected]>wrote: > Hello, > > I don't believe you can do this out of the box, although it's becoming > more popular so it's worth posting an RFE to BMC. Essentially, it should > not be a difficult task to implement the RFE - there are various Java HTTP > clients that'll perform NTLM authentication: > > http://hc.apache.org/httpclient-3.x/authentication.html#NTLM > > And given the username/password fields already exist, it's only a matter > of somehow setting the scheme. I've read various posts around Axis 1.4 > and NTLM, and it would appear some people have managed it, but the problem > with Axis 1.4 is it's a little old and hence the task may not be quite as > simple as we'd like. > > > John > > -- > Java System Solutions - Single Sign On for the AR System > http://www.javasystemsolutions.com > > > _______________________________________________________________________________ > UNSUBSCRIBE or access ARSlist Archives at www.arslist.org > attend wwrug10 www.wwrug.com ARSlist: "Where the Answers Are" > _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug10 www.wwrug.com ARSlist: "Where the Answers Are"
