Thanks for the info John. I does appear that Axis 2 has support for NTLM
authentication. Maybe we'll see an update in a future release. I'll submit
it as an RFE.
We were able to come up with a work around but I am not thrilled with it.
Using BURP Suite's proxy feature (http://www.portswigger.net/suite/) we are
able to run the web service call through the BURP proxy and add NTLM
credentials before the LANDesk server is called. I am hesitant to call this
method production worthy. For one it is a tool for attacking web
applications. I can imagine our security team's response when they find
out we want to run this full time as part of our production environment.
Also since it is designed to analyze traffic, I am figuring there must be a
performance hit. I haven't looked at all of the configuration options,
maybe we can run it as just a proxy without the analysis enabled? Still it
is a magic proxy essentially allows anonymous access and then adds AD
credentials. We'll need to figure out the best way to lock it down if we do
go this route.
I have searched a little for another application that will proxy and add
NTLM but haven't found anything yet. We have a pretty talented team of .NET
developers. I might see if they can whip up a simple proxy app that will
add the NTLM credentials and require some authentication to connect.
Jason
On Thu, Mar 25, 2010 at 1:40 AM, John Baker
jba...@javasystemsolutions.comwrote:
Hello,
I don't believe you can do this out of the box, although it's becoming
more popular so it's worth posting an RFE to BMC. Essentially, it should
not be a difficult task to implement the RFE - there are various Java HTTP
clients that'll perform NTLM authentication:
http://hc.apache.org/httpclient-3.x/authentication.html#NTLM
And given the username/password fields already exist, it's only a matter
of somehow setting the scheme. I've read various posts around Axis 1.4
and NTLM, and it would appear some people have managed it, but the problem
with Axis 1.4 is it's a little old and hence the task may not be quite as
simple as we'd like.
John
--
Java System Solutions - Single Sign On for the AR System
http://www.javasystemsolutions.com
___
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
attend wwrug10 www.wwrug.com ARSlist: Where the Answers Are
___
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
attend wwrug10 www.wwrug.com ARSlist: Where the Answers Are