Thanks, Oleg. I thought that might be the case, but was looking for wiser/more experienced minds to verify my suspicion.
One last inquiry - is there a way to manually create a HttpUrlConnection then inject it into a PostMethod or HttpClient? In this way, I could benefit from Java's ability to do transparent NTLM negotiation, but also from HTTPClient's easy to work w/ interfaces. John M. Corro (414) 524-7118 [EMAIL PROTECTED] 05/15/2006 08:11 AM Please respond to [email protected] To [email protected] cc Subject Re: NTLM Authentication for currently logged in Windows user On Mon, 2006-05-15 at 07:43 -0500, [EMAIL PROTECTED] wrote: > I was doing some playing around and opening a connection to the server > (from the applet) using the plain java.net.URL object. When watching the > traffic go back and forth across (using Ethereal), it appeared the native > URL object was negotiating w/ the server (w/o requiring any special steps > from the developer) and actually sending back an authentication response > to the server w/ what "appeared" to be a correct NTLM hashed value. > > Would anyone be able to verify if what I was seeing was correct? I believe as of Java 1.4 HttpUrlConnection can leverage some platform specific code to obtain NT user credentials when running on Microsoft Windows. This, obviously, renders the whole application Windows specific as a result. If your application is not meant to be portable across multiple platforms, you should probably stick with HttpUrlConnection. NTLM support in HttpClient is fully portable across platforms but is limited to NTLMv1 and is unable to interact with the Windows security context. Hope this helps, Oleg > > *NOTE: I opted not to use the native URL object because I was having > issues streaming info back and forth that I was hopeful HTTPClient could > alleviate. > > John M. Corro > (414) 524-7118 > > > > [EMAIL PROTECTED] > 05/14/2006 02:34 PM > Please respond to > [email protected] > > > To > [email protected] > cc > > Subject > Re: NTLM Authentication for currently logged in Windows user > > > > > > > On Fri, 2006-05-12 at 15:30 -0500, [EMAIL PROTECTED] wrote: > > I'm attempting to invoke an Integrated Authenticated protected web > service > > from an applet in a Windows environment. I'd like to make it such that > > the protected web services are invoked under the currently logged in > > user's credentials. I understand that I have to supply an NTCredentials > > > instance, but how can I do that dynamically and without explicitly > asking > > the user or using hardcoded values? That is, I'd like to dynamically > get > > an instance of NTCredentials w/ the currently logged in user's > > username/password. > > > > An additional challenge is that only *some* of the web services are > > Integrated Authentication protected. It'd be much preferred if I could > > delegate the handling of whether a WS is protected or not to the > > HTTPClient instance. In other words, I'd like to always invoke a given > > web service the same way and let HTTPClient figure out the rest. Is > this > > possible? > > > > This is not possible with the stock version of HttpClient. Theoretically > one could use the JNI interface to call a Windows Specific service in > order to retrieve the NT credentials of the actual user from the Windows > security context. Please Windows experts out there correct me if am > wrong. At this point of time we have no plans to include platform > specific code into the stock version of HttpClient > > Oleg > > > > Here's some of the code I've been trying to get working: > > > > // Configure connection settings > > HttpClient httpClient = new HttpClient(); > > String host = ...; > > httpClient.getHostConfiguration().setHost(host); > > > > // Configure actual WS call > > String webServicePath = ...; > > PostMethod postMethod = new PostMethod(webServicePath); > > postMethod.getHostAuthState().setAuthScheme(new NTLMScheme()); > > postMethod.setDoAuthentication(true); > > byte[] xmlPayload = ...; > > postMethod.setRequestEntity(new ByteArrayRequestEntity(xmlPayload)); > > > > try { > > httpClient.executeMethod(postMethod); > > if(postMethod.getStatusCode() == HttpStatus.SC_OK) { > > // Unmarshall returned XML > > ... > > ... > > } > > } finally { > > postMethod.releaseConnection(); > > } > > > > > > John M. Corro > > (414) 524-7118 > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
