Can you explain how to call a REST Service which is secured by NTLM?

asked 09.10.2017 at 06:03

SupportIvyTeam's gravatar image

SupportIvyTeam ♦♦
accept rate: 77%

1) Add the library jersey-apache-connector-*.jar to your project. You can find this library in the public maven repository:

2) Implement a NTLM feature which will add the credentials to each request:


import org.apache.http.auth.AuthScope;
import org.apache.http.auth.NTCredentials;
import org.apache.http.client.CredentialsProvider;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.glassfish.jersey.apache.connector.ApacheClientProperties;

public class NtlmFeature implements Feature {

    private static String USER = "your-username";
    private static String PASSWORD = "your-password";
    private static String WORKSTATION = null;
    private static String DOMAIN = null;

    public boolean configure(FeatureContext context) {
        CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
        NTCredentials ntCredentials = new NTCredentials(USER, PASSWORD, WORKSTATION, DOMAIN);
        credentialsProvider.setCredentials(AuthScope.ANY, ntCredentials);, credentialsProvider);
        return true;


3) Add the tomcat plugin to the project. This plugin holds the Jersey Client Libraries which will be needed in step 4.

  • Convert the project as plugin-project (Java Perspective > Right Click on the Project > Configure > Convert to Plugin-Projects ...)
  • Go to Tab Dependencies and add the tomcat plugin (simply type tomcat)

4) Implement the call. In this scenario you must create the rest client on your own and you can't use the Ivy Rest Clients (


import org.glassfish.jersey.apache.connector.ApacheConnectorProvider;
import org.glassfish.jersey.client.ClientConfig;

import ch.ivyteam.ivy.environment.Ivy;

public class NtlmClient {

    private static String baseUrl = "http://localhost/ntlmProtectedRessource";

    public static void callNtlmProtectedRestService() {
        Client client = ClientBuilder.newClient(createConfig());
        client.register(new NtlmFeature());
        WebTarget target =;
        Response response = target.request(MediaType.APPLICATION_JSON_TYPE).get();
        Ivy.log().info("HTTP Status Code: " + response.getStatus());

    private static ClientConfig createConfig() {
        ClientConfig clientConfig = new ClientConfig();
        clientConfig.connectorProvider(new ApacheConnectorProvider());
        return clientConfig;


Axon.ivy 7.1 and later: Starting with Axon.ivy 7.1 a Feature called NtlmAuthenticationFeature will be provided, that simplifies the calling of NTLM protected web services.


answered 09.10.2017 at 06:20

Alex%20Suter's gravatar image

Alex Suter ♦♦
accept rate: 82%

edited 10.01.2018 at 08:37

SupportIvyTeam's gravatar image

SupportIvyTeam ♦♦


This approach works in Axon.ivy 7.0 LTS and newer. 6.3 and maybe other Leading Edge versions have to be patched as follows:

  • open the /plugins/ch.ivyteam.tomcat.XYZ.jar of the Designer with 7-ZIP.
  • Modify the META-INF/Manifest.MF. Extend the 'Export-Package: ' entry with an additional classpath org.glassfish.jersey.client.spi . Update the JAR with your modified Manifest.
  • Start the Designer binary with -clean to enforce that the plugin MANIFST.MF will be read

alt text

(25.10.2017 at 09:08) Reguel Werme... ♦♦ Reguel%20Wermelinger's gravatar image
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported



Asked: 09.10.2017 at 06:03

Seen: 3,180 times

Last updated: 10.01.2018 at 08:37