Access Dynamics NAV Webservice with Java

1
votes

I am trying to access a Dynamics NAV 2013 R2 web service from Java. The web service is running and when I enter the URL in the Internet Explorer, I can see the WSDL but first I am prompted for Username and Password. On Wireshark I can see that it uses authentication based on NTLM. Sofar I was only able to open the WSDL from Internet Explorer, when I open it on Firefox, it give me a blank page and no error.

What I am trying to do is to access the Web Service from Java using the wsimport tool, but I am unable to authenticate. I have already created a folder in ~/.metro/auth and put the following line in there:

http://userfoobar:[email protected]:7047//DynamicsNAV71/WS/CRONUS%20AG/Page/PageWithCapitalization

and I am trying to access the web page with:

wsimport -d generated -s sources http://@192.168.0.170:7047/DynamicsNAV71/WS/CRONUS%20AG/Page/PageWithCapitalization

I always get the error:

[ERROR] Server returned HTTP response code: 401 for URL: http://@192.168.0.170:7047/DynamicsNAV71/WS/CRONUS%20AG/Page/PageWithCapitalization,  "http://@192.168.0.170:7047/DynamicsNAV71/WS/CRONUS%20AG/Page/PageWithCapitalization" needs authorization, please provide authorization file with read access at /home/user/.metro/auth or use -Xauthfile to give the authorization file and on each line provide authorization information using this format : http[s]://user:password@host:port//<url-path>

I have tried this both from Linux and the Windows 7 machine which runs the NAV Webservice. Do I have to perform any additional configuration in NAV? Are there any special tricks to get this to work?

2
javamicrosoft-dynamicsdynamics-navdynamics-nav-2013

2 Answers

3
votes

By default Nav uses Windows Active Directory authorization. I'm not sure what wsimport do in java but credentials provided in url unlikely to work. You need to go through negotiation procedure to authorize with server or change authorization type in Nav Server Administration snap-in on server (or in configuration file).

See here about credential types and here is how to configure server. Also see usefull post in Freddy's blog on how to connect to Nav from Java (I believe its still relevant though it's for Nav 2009).

soapUI can handle NTLM authorization type so you can see all requests and responses through negotiation process in it's logs.

0
votes

You can use NTLM authentication to access a NAV web service from any of the popular programming languages. In this case I'll use Node.js.

For PHP developers, see this article on php ntml authentication. I can of course give more guidance on this if requested.

For Java Developers, the book Extending Microsoft Dynamics NAV 2016 Cookbook details step by step how to consume a NAV web service from Java (page 372). In short, you do something like this: http://<username>:pasword>@localhost:7057/NAV2016_WebService/WS/Codeunit/PostCodeInfo

NTLM authentication allows a client to access a resource on the server by providing credentials for a Windows account that exists on the server.

So if the server has a user named GilbertS with a password Gilbert1000, you can send a request to the server by running the following javascript code:

const httpntlm = require('httpntlm');

const NAV_DimQuery = "http://junit:7148/BC140/ODataV4/Company('CronusCompany')/MyDimensionQuery";
httpntlm.get({
    url: NAV_DimQuery,
    username: 'GilbertS',
    password: 'Gilbert100',
    domain: 'JUNIT'
}, function(err, res) {
    if(err) {
        throw err;
    } 
    console.log(res);
});

Install the necessary library by entering the command: npm i httpntlm Note that other languages like PHP and Java have a similar library.

To get the Domain name, from the command prompt or terminal of the server, run: SET Look for the value of a key called USERDOMAIN. Note that the domain can be left blank if the server is a PC and not a dedicated Windows Server.

NAV / Business Central specific configurations

In NAV or Business Central Administration, there is a field in the General tab called Use NTLM Authentication ensure that it is checked (set to true). If you can not modify it from the NAV / BC Administration window, edit the CustomSettings.config file in path: C:\Program Files\Microsoft Dynamics 365 Business Central\140\Service.

Because we are using NTLM to authenticate, ensure that NAV / BC is configured to use Windows authentication. You do so by setting the Credential Type to Windows.

If the Credential Type is set to something else or you do not tick Use NTLM Authentication, you will get an error when sending the request saying something like the server does not allow NTLM.

Finally, beware of a certain case where running the code makes the NAV Server to stop, I am still trying to figure out what causes this.

You can make inquiries in the comments in case there is something that is still making your requests to fail.

UPDATE

I've created two npm libraries to help with NAV / BC web service integration.

A library that makes creating a URL to send to the web service to consume Odata simple and declarative: https://www.npmjs.com/package/navodata

A client built on top of httpntlm library for accessing a web service using windows authentication. Provides error handling and use of promises: https://www.npmjs.com/package/navclient