Skip to main content

Custom authenticator for jax-ws client. Please help.

4 replies [Last post]
dgodbey
Offline
Joined: 2006-10-27
Points: 0

I've raised this issue before as others have. However, I have yet to see a solution, and so I'm getting worried that there is currently no solution.

Problem: NTLMv2 authentication to an Exchange EWS service.

NTLMv2 authentication appears to not work with java.net.Authenticator (does work with NTLM). I have heard suggestions that Authenticator will work with NTLMv2 on a Windows server, but we are a Linux shop. Hence I have not yet tested this.

What options exist authenticating to a web service with a JAX-WS client? How can I couple Apache http-client code to JAX-WS client?

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
dgodbey
Offline
Joined: 2006-10-27
Points: 0

I finally got this worked out, although I'm not completely happy with resolution. Still tweaking and fine tuning.

First, you will recall that you had to store a copy of the Services.wsdl locally, specifically so that you could add the following element to it:

  <wsdl:service name="ExchangeServices">
    <wsdl:port name="ExchangeServicePort" binding="tns:ExchangeServiceBinding">
      <soap:address
      location="http://localhost:8080/exchangeCron/ewsProxy" />
    </wsdl:port>
  </wsdl:service>


It's the location address that your jax-ws client uses as ws endpoint. What you can do is write a servlet, and put it's address in the location attribute instead.

Inside the servlet you can get the SOAP request, post it to the real exchange server using http-components version 4.2.2 or later, receive the SOAP response, and send that back to the client.

Don't forget the headers!

I plan to convert this eventually to a real proxy server. There is an open source proxy server

dgodbey
Offline
Joined: 2006-10-27
Points: 0

I finally got this worked out, although I'm not completely happy with resolution. Still tweaking and fine tuning.

First, you will recall that you had to store a copy of the Services.wsdl locally, specifically so that you could add the following element to it:

<wsdl:service name="ExchangeServices"> <wsdl:port name="ExchangeServicePort" binding="tns:ExchangeServiceBinding"> <soap:address location="http://localhost:8080/exchangeCron/ewsProxy" /> </wsdl:port> </wsdl:service>

It's the location address that your jax-ws client uses as ws endpoint. What you can do is write a servlet, and put it's address in the location attribute instead.

Inside the servlet you can get the SOAP request, post it to the real exchange server using http-components version 4.2.2 or later, receive the SOAP response, and send that back to the client.

Don't forget the headers!

I plan to convert this eventually to a real proxy server. There is an open source proxy server out there called cntlm, but I could not make it work.

dgodbey
Offline
Joined: 2006-10-27
Points: 0

I finally got this worked out, although I'm not completely happy with resolution. Still tweaking and fine tuning.

First, you will recall that you had to store a copy of the Services.wsdl locally, specifically so that you could add the following element to it:



location="https://yourExchangeServerHost/ews/Exchange.asmx" />

It's the location address that your jax-ws client uses as ws endpoint. What you can do is write a servlet, and put it's address in the location attribute instead.

Inside the servlet you can get the SOAP request, post it to the real exchange server using http-components version 4.2.2 or later, receive the SOAP response, and send that back to the client.

Don't forget the headers!

gmazza
Offline
Joined: 2005-01-14
Points: 0

Common authentication options include SSL & users/roles defined in a servlet container, WS-Security with UsernameToken or X.509 security, and WS-Trust using an STS. I have written several tutorials showing these topics in my "Security" section here: http://www.jroller.com/gmazza/entry/blog_article_index

I don't know about JAX-WS, but for JAX-RS/REST, CXF's jax-rs/basic-https sample (available in its download) shows a use of a REST client using Apache HTTP-Component's HttpClient object to make https calls: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/sam...