NTLM authentication for HTTP connections
Written on June 28, 2009 by Allan Lykke Christensen
I was recently tasked with integrating one of our products with an off-the-shelf case and document management system used by many organisations in the Danish public sector. The case and document management system allows for integration via RESTful-like HTTP calls to the core of the system. The RESTful-like interface is easy to use, but it was challenging to get through to the system in the first place. You see, it was developed on a Windows platform (dot net) and it relies solely on NTLM authentication provided by the operating system. Automating the NTLM authentication would have been easy if the code was done using a dot net technology, but since our product is Java-based it was causing a bit of a headache. I researched possible API’s (JCIFS and JESPA) for doing the authentication, but they didn’t seem to be straight forward. As I had a partial solution using the JCIFS API, I requested help on the SAMBA-JCIFS mailing list where I was informed that Java 5 and 6 had built-in support for NTLM and there was no need for an API. So, here is the code I ended up with for automating the NTLM authentication:
public static String getResponse(final ConnectionSettings settings, String request) throws IOException { String url = settings.getUrl() + "/" + request; Authenticator.setDefault(new Authenticator() { @Override public PasswordAuthentication getPasswordAuthentication() { System.out.println(getRequestingScheme() + " authentication") // Remember to include the NT domain in the username return new PasswordAuthentication(settings.getDomain() + "\\" + settings.getUsername(), settings.getPassword().toCharArray()); } }); URL urlRequest = new URL(url); HttpURLConnection conn = (HttpURLConnection) urlRequest.openConnection(); conn.setDoOutput(true); conn.setDoInput(true); conn.setRequestMethod("GET"); StringBuilder response = new StringBuilder(); InputStream stream = conn.getInputStream(); BufferedReader in = new BufferedReader(new InputStreamReader(stream)); String str = ""; while ((str = in.readLine()) != null) { response.append(str); } in.close(); return response.toString(); }
That’s all. Thanks to the guys who helped out on the SAMBA-CIFS mailing list and StackOverflow.
References:
- Http Athentication by Sun Microsystems
- NTLM Authentication from Java by Developer Resources
- JCIFS API by Samba
[...] Read more here: NTLM authentication for HTTP connections [...]
Alla,
With regards to JCIFS – something that works for me is not using
jcifs.Config.registerSmbURLHandler();
URL url = new URL(url);
but instead use directly the JCIFS handler (storing the doman, username and password in the url):
URL url = new URL(null, url, new jcifs.http.Handler());
regards,
Leszek
It worked like a charm, so thanks for the post. You saved my day!