We are using waffle for NTLM login in our application. we are able to successfully achieve the windows authentication but with waffle, Apache CXF is not when Service.create method tries to get the WSDL file by hitting URL it gets a 401 error. please us to figure out how can we make cxf workable with waffles.
Your help will be appreciated.
we had already tried jcifs but it not working in our case.
Related
I am working on integrating a SOAP service provided by european VAT validation service VIES.
the SOAP service is hosted at following links
https://ec.europa.eu/taxation_customs/vies/checkVatService.wsdl
http://ec.europa.eu/taxation_customs/vies/checkVatService.wsdl
I think both of them leads to pretty much same site with one being http and other https
(please let me know if there is a difference).
so I integrated the wsdl into our spring boot application and it worked fine when I tried in in my local host which was http. but as soon as I hosted it in to our live server which is https it started giving error reply.
I searched for possible reasons why it isn't working and ended up with the conclusion that the SOAP services provided by VTES works only in http sites.(let me know if I am wrong)
but when I searched for more solutions I found more sites that provide https secured REST application that uses same SOAP service (https://vatlayer.com/) . We tried to reason with our client to purchase one of those since they only allow a limited number of free VAT validations, but they are not happy with that,
but it got me thinking since they can built a https secured REST API with this thing it means I can do that to. so I searched for a solution but couldn't find any, can anyone please give a insight into it about how it is done.
Thanks and regards.
If you are calling the link from the web browser(client side) and if your live web application runs on HTTPS, then you should also call the SOAP service with HTTPS or otherwise the browser will see it as violating the Same Origin Policy and will block your request.
I have created rest webservice and configured oauth2.0 by following the below link https://github.com/MinchuckSasha/SpringRestSecurityOauth. I deployed my web service on jboss application server.
I got it working i am getting access tokens and everything.
That's for a single webservice i configured oauth2.0, Now i want install Oauth2.0 server on jboss, so that i can register my other api's.
I have been researching from google, stackoverflow and othersites but didn't get any documentation.
Can anyone please help me where i can find related information ??
Thanks in advance....
I recently did a quick mock up of a web service using C# on IIS. All users are using Windows so, in the web service, I was able to get the current user via NTLM.
Now I have to migrate this to a Java web service running on Tomcat or WebSphere.
What authentication options are open to me? I see that Apache HttpComponents has an NTLM feature but I can only find instructions on how to use it on the client side. Can I use it in my web service to determine the current user? (Remember, all users will be Windows users)
Just to clarify: this is for use in a company intranet and all users will be logged in to Windows. This is why NTLM seems to be the right way to go.
Try WAFFLE windows authentication framework.
(http://waffle.codeplex.com/)
It is one of the third party libraries suggested in the tomcat documentation. (https://tomcat.apache.org/tomcat-7.0-doc/windows-auth-howto.html)
It comes with zero configurations and all you have to do is to modify your web.xml to you waffle as in this tutorial (http://code.dblock.org/2010/05/20/single-sign-on-tomcat-negotiate-authenticator-kerberos-ntlm-w-waffle.html)
I'm working on an email client that needs to do NTLM authentication on the Android platform from Java. I've seen references to using Ksoap2, but nothing there seems to work.
Does anyone know if this is possible? If so, how? I've got basic authentication working fine, but would love to have NTLM working as well.
I googled around about this for awhile, and realized that using Apache's HTTPComponents was the easiest solution. I put a simple example of authenticating, and doing an Exchange Out of Office settings request at the following Git repo:
NTLM and Basic Authentication with Exchange on Android, written in Java
What is the correct way to authenticate an Axis2 (Version 1.4) Client at a http proxy server that requires NTLM authentication?
I'm using the following code to provide the proxy credentials, but the authentication still fails (see details at the end):
Options options = serviceStub._getServiceClient().getOptions();
options.setProperty(HTTPConstants.CHUNKED, false);
options.setProperty(HTTPConstants.PROTOCOL_VERSION, HTTPConstants.HEADER_PROTOCOL_10);
ProxyProperties proxyProperties = new ProxyProperties();
proxyProperties.setProxyName("123.123.123.123");
proxyProperties.setProxyPort(8080);
proxyProperties.setUserName("myUser#www.example.org");
proxyProperties.setPassWord("1234");
proxyProperties.setDomain("");
options.setProperty(HTTPConstants.PROXY, proxyProperties);
With exactly the same credentials, a webbrowser, such as Firefox is able to get trough the proxy, so I assume, the proxy server is correctly set up. With the Axis2 client however, the authentication failes (HTTP status code is "407 Proxy Authentication Required").
Further details:
I compared the network traffic from firefox and my client using a network sniffer. The main difference seems to be, that the axis2 client is sending an empty response for the ntlm challenge.
Has anyone successfully authenticated at a http proxy server using NTLM? Can you give me a code example?
I was unable to resolve this problem (with Axis 2). Don't want to blame this on Axis2 tough. Maybe I did something wrong but couldn't figure it out, even after many hours of trying, debugging and reading the docs.
But when I was running out of options I had to look out for other options. This other option came in the form of alternative SOAP-Frameworks. There exist quite a few SOAP frameworks for java. I know about Axis2, CXF and JAX-WS.
Instead of Axis2 I use now JAX-WS. Replacing the frameworks was a straight forward process. A nice side effect of the replacement was, that I got rid of the huge dependency tree, Axis2 comes with. JAX-WS is part of J6EE so there wasn't any need to import other dependencies.
At this time I did the replacement only on the client side. The server still uses Axis2. This combination works great so far, but I still plan to eventually replace Axis2 on the server side too.
All in all: If you do not use a special feature of Axis2, I think, JAX-WS is the better option.