Propagation of windows credentials from Java client through to web service

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Propagation of windows credentials from Java client through to web service

mileyd
Hi

I am running a jcifs.http.NtlmHttpFilter on tomcat. This filters requests prior
to running my web services for which I use axis.

My problem is that I would like to propagate the XP credentials users have
already used to login to windows rather than popping up a login dialog and
asking them to provide them again so they can log in to my application.

Using axis I need to provide the user and credentials either within the URL of
the endpoint or using a credentials object.

Something like:-
 
           String endpoint =
           "http://DOMAIN\\user:password@hostname:8080/NTLMAuthentication/axis/h
elloworld";
 
           Service  service = new Service();
           Call call    = (Call) service.createCall();
 
           call.setTargetEndpointAddress( new java.net.URL(endpoint) );
           call.setOperationName(new QName("sayHello") );
 
           String ret = (String) call.invoke( new Object[] { "Joe!" } );
 
           System.out.println("Sent 'Hello!', got '" + ret + "'");

Problem is I don't know how to get the user's current credentials using Java. I
know the JDK uses native windows code in the URLConnection class somewhere to
do the same thing but I cannot find how they do it. I know this is not specific
to JCIFS, but I think this forum is the one best placed to understand my
problem. Any ideas how to get at the cached windows credentials? Or am I going
about this in totally the wrong way?

Thanks
 


Reply | Threaded
Open this post in threaded view
|

Re: Propagation of windows credentials from Java client through to web service

Michael B Allen-4
Can't do it. The credential negotiated by the jCIFS HTTP authentication
filter are NTLM hashes which are specific to the server with which they
where aquired (e.g. domain controller) and are not deligatiable like
Kerberos credentials. We do not do Kerberos at this time.

Check out Wedgetail and Vintela. I don't know if you can do this with
their product either but they do Kerberos.

Mike

On Wed, 18 Jan 2006 16:23:53 +0000 (UTC)
mileyd <[hidden email]> wrote:

> Hi
>
> I am running a jcifs.http.NtlmHttpFilter on tomcat. This filters requests prior
> to running my web services for which I use axis.
>
> My problem is that I would like to propagate the XP credentials users have
> already used to login to windows rather than popping up a login dialog and
> asking them to provide them again so they can log in to my application.
>
> Using axis I need to provide the user and credentials either within the URL of
> the endpoint or using a credentials object.
>
> Something like:-
>  
>            String endpoint =
>            "http://DOMAIN\\user:password@hostname:8080/NTLMAuthentication/axis/h
> elloworld";
>  
>            Service  service = new Service();
>            Call call    = (Call) service.createCall();
>  
>            call.setTargetEndpointAddress( new java.net.URL(endpoint) );
>            call.setOperationName(new QName("sayHello") );
>  
>            String ret = (String) call.invoke( new Object[] { "Joe!" } );
>  
>            System.out.println("Sent 'Hello!', got '" + ret + "'");
>
> Problem is I don't know how to get the user's current credentials using Java. I
> know the JDK uses native windows code in the URLConnection class somewhere to
> do the same thing but I cannot find how they do it. I know this is not specific
> to JCIFS, but I think this forum is the one best placed to understand my
> problem. Any ideas how to get at the cached windows credentials? Or am I going
> about this in totally the wrong way?
>
> Thanks
>  
>
>