Good luck.
Just to complete the thought, for the Mac, we created our own
CredentialsProvider and did something like this:
private static final String DOMAIN_LINE = "Active Directory Domain";
private static final String WORKSTATION_LINE = "Computer Account";
<snip>
Process p = runtime.exec("dsconfigad -show");
try (BufferedReader reader = new BufferedReader(new
InputStreamReader(p.getInputStream()))) {
String line = reader.readLine();
while (line != null && (domain == null || workstation == null))
{
if (domain == null)
domain = checkLine(line, DOMAIN_LINE);
if (workstation == null)
workstation = checkLine(line, WORKSTATION_LINE);
line = reader.readLine();
}
}
<snip>
For us, sometimes the workstation name ended in a "$" that we had to strip.
Disclaimer:
The opinions provided herein do not necessarily state or reflect those of
Donnell Systems, Inc.(DSI). DSI makes no warranty for and assumes no legal
liability or responsibility for the posting.
-----Original Message-----
From: Clemens Wyss DEV [mailto:clemens...@mysign.ch]
Sent: Friday, June 10, 2016 9:30 AM
To: HttpClient User Discussion
Subject: AW: HttpClient & NTLM-auth
Thanks for the reply. I am not on Windows. Also I have meanwhile come to the
conclusion, that the WS endpoint wants to do SPNEGO....
> CredentialsProvider (started on 3/21/2016) Proxy Authentication
>Strategy (started on 4/7/2016) Proxy with digest authentication
>(started on 4/11/2016)
I will check them
-Clemens
-----Ursprüngliche Nachricht-----
Von: Mark A. Claassen [mailto:mclaas...@ocie.net]
Gesendet: Donnerstag, 9. Juni 2016 20:40
An: HttpClient User Discussion
Betreff: RE: HttpClient & NTLM-auth
I am not sure what you have tried. If you are on Windows, you can try using
the native providers. I think these are officially unsupported (probably
because constantly testing this would require too much money / effort), but
they work.
HttpClientBuilder builder;
<snip>
Registry<AuthSchemeProvider> authSchemeRegistry =
RegistryBuilder.<AuthSchemeProvider>create()
.register(AuthSchemes.NTLM, new
WindowsNTLMSchemeFactory(null))
.register(AuthSchemes.SPNEGO, new
WindowsNegotiateSchemeFactory(null))
.register(AuthSchemes.DIGEST, new
DigestSchemeFactory())
.register(AuthSchemes.BASIC, new
BasicSchemeFactory())
.build();
<snip>
builder.setDefaultAuthSchemeRegistry(authSchemeRegistry);
If you don't want to use them, you can subclass a CredentialsProvider.
However, if you are on Windows, I would try the canned versions at first and
see if you can get it to work.
(If you create your own CredentialsProvider)
builder.setDefaultCredentialsProvider(credentialsProvider);
Do you check these email threads?
CredentialsProvider (started on 3/21/2016)
Proxy Authentication Strategy (started on 4/7/2016)
Proxy with digest authentication (started on 4/11/2016)
Disclaimer:
The opinions provided herein do not necessarily state or reflect those of
Donnell Systems, Inc.(DSI). DSI makes no warranty for and assumes no legal
liability or responsibility for the posting.
-----Original Message-----
From: Clemens Wyss DEV [mailto:clemens...@mysign.ch]
Sent: Wednesday, June 08, 2016 4:44 AM
To: httpclient-users@hc.apache.org
Subject: HttpClient & NTLM-auth
I have read (and tested) hundreds (maybe only dozens ;)) of threads/posts
regarding HttpClient and NTLM auth.
-plain HttpClient (which I'd prefer!)
-jcifs
- spnego
- ...
None of the snippets I came along works out for me though, always ending up
with a 401.
Networksniffing shows, that no credential-negotiation/exchange is taking
place...
Taking the latest greatest HttpClient 4.5 what needs to be programmed and
configured(?) to get my java client to do NTLM authentication with a webservice
endpoint?
Do I need to follow anything mentioned here:
http://cr.openjdk.java.net/~weijun/special/krb5winguide-2/raw_files/new/kwin
Thanks for your advices/hints
- Clemens
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org
For additional commands, e-mail: httpclient-users-h...@hc.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org
For additional commands, e-mail: httpclient-users-h...@hc.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org
For additional commands, e-mail: httpclient-users-h...@hc.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org
For additional commands, e-mail: httpclient-users-h...@hc.apache.org
