How to call a NTLM protected REST Service

0

Can you explain how to call a REST Service which is secured by NTLM?

asked 09.10.2017 at 06:03

SupportIvyTeam's gravatar image

SupportIvyTeam ♦♦
1.4k102118122
accept rate: 77%

One Answer:
active answersoldestnewestmost voted
1

1) Add the library jersey-apache-connector-*.jar to your project. You can find this library in the public maven repository: https://mvnrepository.com/artifact/org.glassfish.jersey.connectors/jersey-apache-connector

2) Implement a NTLM feature which will add the credentials to each request:

import javax.ws.rs.core.Feature;
import javax.ws.rs.core.FeatureContext;

import org.apache.http.auth.AuthScope;
import org.apache.http.auth.NTCredentials;
import org.apache.http.client.CredentialsProvider;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.glassfish.jersey.apache.connector.ApacheClientProperties;

public class NtlmFeature implements Feature {

    private static String USER = "your-username";
    private static String PASSWORD = "your-password";
    private static String WORKSTATION = null;
    private static String DOMAIN = null;

    @Override
    public boolean configure(FeatureContext context) {
        CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
        NTCredentials ntCredentials = new NTCredentials(USER, PASSWORD, WORKSTATION, DOMAIN);
        credentialsProvider.setCredentials(AuthScope.ANY, ntCredentials);
        context.property(ApacheClientProperties.CREDENTIALS_PROVIDER, credentialsProvider);
        return true;
    }

}

3) Add the tomcat plugin to the project. This plugin holds the Jersey Client Libraries which will be needed in step 4.

  • Convert the project as plugin-project (Java Perspective > Right Click on the Project > Configure > Convert to Plugin-Projects ...)
  • Open META-INF/MANIFEST.MF
  • Go to Tab Dependencies and add the tomcat plugin (simply type tomcat)

4) Implement the call. In this scenario you must create the rest client on your own and you can't use the Ivy Rest Clients (Ivy.rest().client(..)):

import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;

import org.glassfish.jersey.apache.connector.ApacheConnectorProvider;
import org.glassfish.jersey.client.ClientConfig;

import ch.ivyteam.ivy.environment.Ivy;

public class NtlmClient {

    private static String baseUrl = "http://localhost/ntlmProtectedRessource";

    public static void callNtlmProtectedRestService() {
        Client client = ClientBuilder.newClient(createConfig());
        client.register(new NtlmFeature());
        WebTarget target = client.target(baseUrl);
        Response response = target.request(MediaType.APPLICATION_JSON_TYPE).get();
        Ivy.log().info("HTTP Status Code: " + response.getStatus());
    }

    private static ClientConfig createConfig() {
        ClientConfig clientConfig = new ClientConfig();
        clientConfig.connectorProvider(new ApacheConnectorProvider());
        return clientConfig;
    }

}

Axon.ivy 7.1 and later: Starting with Axon.ivy 7.1 a Feature called NtlmAuthenticationFeature will be provided, that simplifies the calling of NTLM protected web services.

link

answered 09.10.2017 at 06:20

Alex%20Suter's gravatar image

Alex Suter ♦♦
3.1k122247
accept rate: 84%

edited 10.01.2018 at 08:37

SupportIvyTeam's gravatar image

SupportIvyTeam ♦♦
1.4k102118122

1

This approach works in Axon.ivy 7.0 LTS and newer. 6.3 and maybe other Leading Edge versions have to be patched as follows:

  • open the /plugins/ch.ivyteam.tomcat.XYZ.jar of the Designer with 7-ZIP.
  • Modify the META-INF/Manifest.MF. Extend the 'Export-Package: ' entry with an additional classpath org.glassfish.jersey.client.spi . Update the JAR with your modified Manifest.
  • Start the Designer binary with -clean to enforce that the plugin MANIFST.MF will be read

alt text

(25.10.2017 at 09:08) Reguel Werme... ♦♦ Reguel%20Wermelinger's gravatar image

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

learn more about Markdown

Tags:

×33
×2

Asked: 09.10.2017 at 06:03

Seen: 6,204 times

Last updated: 10.01.2018 at 08:37

Related questions

Calling NTLM protected REST service with SSO

Does ivy RestAPI require @Path on class body?

Is WADL as description of REST services supported?

Complete Task from REST

REST API and JSESSIONID

Consuming Rest in Plugin Project

REST token authentication

How to get the URL of a process start within a JAX-RS class

Using the Dialog REST api for Data

Is it possible to access Ivy's RESTful API from an HtmlDialog or within the same session?