I'm attempting to invoke an Integrated Authenticated protected web service
from an applet in a Windows environment. I'd like to make it such that
the protected web services are invoked under the currently logged in
user's credentials. I understand that I have to supply an NTCredentials
instance, but how can I do that dynamically and without explicitly asking
the user or using hardcoded values? That is, I'd like to dynamically get
an instance of NTCredentials w/ the currently logged in user's
username/password.
An additional challenge is that only *some* of the web services are
Integrated Authentication protected. It'd be much preferred if I could
delegate the handling of whether a WS is protected or not to the
HTTPClient instance. In other words, I'd like to always invoke a given
web service the same way and let HTTPClient figure out the rest. Is this
possible?
Here's some of the code I've been trying to get working:
// Configure connection settings
HttpClient httpClient = new HttpClient();
String host = ...;
httpClient.getHostConfiguration().setHost(host);
// Configure actual WS call
String webServicePath = ...;
PostMethod postMethod = new PostMethod(webServicePath);
postMethod.getHostAuthState().setAuthScheme(new NTLMScheme());
postMethod.setDoAuthentication(true);
byte[] xmlPayload = ...;
postMethod.setRequestEntity(new ByteArrayRequestEntity(xmlPayload));
try {
httpClient.executeMethod(postMethod);
if(postMethod.getStatusCode() == HttpStatus.SC_OK) {
// Unmarshall returned XML
...
...
}
} finally {
postMethod.releaseConnection();
}
John M. Corro
(414) 524-7118
