I'm working on an email client that needs to do NTLM authentication on the Android platform from Java. I've seen references to using Ksoap2, but nothing there seems to work.
Does anyone know if this is possible? If so, how? I've got basic authentication working fine, but would love to have NTLM working as well.
I googled around about this for awhile, and realized that using Apache's HTTPComponents was the easiest solution. I put a simple example of authenticating, and doing an Exchange Out of Office settings request at the following Git repo:
NTLM and Basic Authentication with Exchange on Android, written in Java
Related
I am trying to fetch some tweets from twitter using Grails. The twitter API now requires authentication via OAuth2 which I have done before in other frameworks and languages quite easily with some plugins/libraries however I cannot seem to find a working implementation in Grails. Most google searches seem to turn up results relating to using OAuth to authenticate users as the server where as I am trying to have Grails instead act as the client.
This plugin looked promising, however the repo for it appears to be broken as the following links to the binaries result in a 404.
https://repo.grails.org/grails/core/org/grails/plugins/twitter/0.2.4/twitter-0.2.4.pom
https://repo.grails.org/grails/core/org/grails/plugins/twitter/0.2.4/twitter-0.2.4.jar
Does anyone have a working implimentation for doing this?
Turns out the read me for the twitter plugin is incorrect and the plugin name should be twitter-service in the build.gradle ie:
compile "org.grails.plugins:twitter-service:0.2.4"
For those attempting to do a similar thing you may also have success with the java twitter4j library.
I'm developing WebSocket messaging backend using Spring WebSockets, which uses SockJS + STOMP protocol. The reason why not to use plain WebSockets is because I will need to leverage security integration that SockJS provides in Spring WebSockets and also other neat features from SockJS, such as rooms, subscriptions, etc. I was wondering if this is a good option to use so that mobile (iOS and Android) and Web client apps can easily connect to the backend server and perform messaging. If yes, then what libraries I can use for iOS and Android.
On SockJS GitHub page they are also listing available client libraries, but no iOS nor Android. So, I'm wondering if SockJS is even worth to use just because of that.
I found that for iOS client Primus-Objc (GitHub page) library claiming that they can connect to native WebSockets, Socket.IO, SockJS or perhaps engine.io. is that a true statement? And event if that's true, what about the quality of that library?
And event if it is ok to use SockJS on the back, then would it be also possible to show an example code for iOS and Android so that I can perform a proof of concept on mobile devices?
If SockJS is not a good option for me, then would it be better than to build my messaging app with Socket.io + Node.js (using JavaScript). Socket.io seems to me have all needed client libraries for iOS (official library by Socket.IO guys) and Android (official library by Socket.IO guys).
Another option can be to use Netty-Socket.io library and build each endpoint manually without any help from Spring Framework (which I'm considering to use) but there is small challenge that I'll have to tackle, that is security. Somebody actually already tried to do it (the same author asking question on the official Netty-Socket.IO Github page) but looks like he didn't have a luck in solving it yet.
Maybe it's more than a year since the question was asked. But, because it's getting in the first results when Googling for SockJS+Android. So, I am posting my answer.
From my experience with a recent project I worked on, we were able to use a STOMP client - like the one here- to connect to Spring Websocket backend from native Android app.
And from the browser, you can still use SockJS client to gain across browsers compatibility to websockets with fallback.
A note to mention that when using only STOMP client to connect to native websocket the URL will be something like ws://mydomain/SockJSEndpoint/websocket,
and when using SockJS client from the browser the URL will be like http://mydomain/SockJSEndpoint.
Please find below useful references related to your requirement for both iOS and Android
http://www.elabs.se/blog/66-using-websockets-in-native-ios-and-android-apps
https://www.cometchat.com/blog/ios-android-chat-mobile-sdk/
https://github.com/elabs/mobile-websocket-example
We have tested them, both Android-client (link) was given by #Amr K. Ismail and
this iOS-client (link) are suitable with Spring-SockJS-Server which has STOMP.
SockJS may be interesting because it provides non-ws transports. Just using WebSockets may not be possible in all situations.
There is one cross-platform SockJs client of the OpenFL project:
https://github.com/jeremyfa/openfl-sockjs
Not tested how well it works, but at least for Android it's using JavaScript from inside WebView, so should be no different than JavaScript one. Again, it is not clear how tightly it is coupled with OpenFL, but the approach of using WebView and stock SockJS client could probably be re-used.
You can achieve SmartCard/PIN based authentication to a Java website using a portlet/servlet on the server side and an applet on the client side.
How would one go about achieving the same thing when you want the site to be a PHP website? (Although not a flat PHP/MySQL situation, but a 3-tier PHP→Spring WS→MySQL)
The best solution would be creating a client in PHP that talks to Spring WS.
In Spring WS you can implement an API that can be used by PHP.
I'm not sure what smartcard you have and what protocol is used.
I spent many days and nights trying to find a proper Java framework that could connect to Microsoft Dynamics CRM which uses Negotiate/NTLM authentication. I tried all existing suggestions on Stackoverflow and other resources with JAX-WS, Axis2, CXF with various HTTP protocol handlers. No one of them worked as expected. The best approach currently is Axis2/commons-httpclient-3.1, where I can trace at least all three phases with NTLM digest, however the target IIS still refuses the authentication with 401 Unauthorized. Apache CXF — both with a built-in Java6 NTLM support and jCIFS, which some people suggested as a remedy, didn't work either as the former fails on the second 401 response (while it should have been send the third request, according to the protocol) and the latter one attempts to read the response code from an empty input stream and fails.
So, the question is whether anybody has succeeded to master an NTLM-protected SOAP web service from the Java 6 platform?
I was hoping somebody else would chime in, as my knowledge of this area is several years old now and perhaps not the best advice - in particular, I've only worked with commons-httpclient 3 and none of the newer packages that promise to do NTLM/NTLMv2 correctly.
As you've probably noticed, commons-httpclient 3's NTLM authentication code supports only NTLM, not the newer NTLMv2 protocol. My solution to this problem was to use commons-httpclient 3 and replace the NTLM authentication code with an NTLMv2 capable solution. Fortunately, the NTLMv2 specification is published by Microsoft. It's honestly not terrible difficult to implement but of course it's now something you have to maintain yourself which may not be desirable for a number of reasons.
I forgot so say that I did find a solution myself. The clue is to replace the standard Java protocol stack with Jespa+jCIFS and make some minor patch to work it with JAX-WS.
What is the correct way to authenticate an Axis2 (Version 1.4) Client at a http proxy server that requires NTLM authentication?
I'm using the following code to provide the proxy credentials, but the authentication still fails (see details at the end):
Options options = serviceStub._getServiceClient().getOptions();
options.setProperty(HTTPConstants.CHUNKED, false);
options.setProperty(HTTPConstants.PROTOCOL_VERSION, HTTPConstants.HEADER_PROTOCOL_10);
ProxyProperties proxyProperties = new ProxyProperties();
proxyProperties.setProxyName("123.123.123.123");
proxyProperties.setProxyPort(8080);
proxyProperties.setUserName("myUser#www.example.org");
proxyProperties.setPassWord("1234");
proxyProperties.setDomain("");
options.setProperty(HTTPConstants.PROXY, proxyProperties);
With exactly the same credentials, a webbrowser, such as Firefox is able to get trough the proxy, so I assume, the proxy server is correctly set up. With the Axis2 client however, the authentication failes (HTTP status code is "407 Proxy Authentication Required").
Further details:
I compared the network traffic from firefox and my client using a network sniffer. The main difference seems to be, that the axis2 client is sending an empty response for the ntlm challenge.
Has anyone successfully authenticated at a http proxy server using NTLM? Can you give me a code example?
I was unable to resolve this problem (with Axis 2). Don't want to blame this on Axis2 tough. Maybe I did something wrong but couldn't figure it out, even after many hours of trying, debugging and reading the docs.
But when I was running out of options I had to look out for other options. This other option came in the form of alternative SOAP-Frameworks. There exist quite a few SOAP frameworks for java. I know about Axis2, CXF and JAX-WS.
Instead of Axis2 I use now JAX-WS. Replacing the frameworks was a straight forward process. A nice side effect of the replacement was, that I got rid of the huge dependency tree, Axis2 comes with. JAX-WS is part of J6EE so there wasn't any need to import other dependencies.
At this time I did the replacement only on the client side. The server still uses Axis2. This combination works great so far, but I still plan to eventually replace Axis2 on the server side too.
All in all: If you do not use a special feature of Axis2, I think, JAX-WS is the better option.