Calling protected IIS web service from java client with windows credentials

2
votes

I'm building a java app that needs to get some data from a web service. I've been provided with a wsdl file and all the info I need, but getting back the 401 code, not authorised. I've been told by the guy who did the web service, that the web service directory in IIS must have anonymous authentication turned off therefore I need to pass windows credentials. I've been googling for a solution for quite a while but not found anything that doesn't pass the username and password directly. What I need to do is to use the credentials the user is logged in to windows, so that entering the username and password is no longer needed. Has anyone an experience with this? I found somethig called SPNEGO, but that also uses username and password directly.

Thanks for any help.

2
javaweb-servicesiissoapaxis

2 Answers

0
votes

You did not write, which webservice framework you use (I assume you're not creating and sending the soap-request by hand).

I assume that the webservice is secured via http-basic authentication.

If I'd be you, I'd do a quick test with the testing tool soapUI which supports this feature against your webservice and check, if this is the case (See: http://www.soapui.org/SOAP-and-WSDL/authenticating-soap-requests.html)

If you'll be succesful, you will need to pass the user and password within the http-header area. (See part "client" here: http://en.wikipedia.org/wiki/Basic_access_authentication for an example value)

0
votes

Yeah, sorry, forgot to mention that I'm using axis. Nevertheless, finally managed to authenticate to the service, as it turned out it didn't use the basic authentication but NTLM. So now I do something like this:

    BAWebServiceLocator locator = new BAWebServiceLocator(getEngineConfiguration());
    BAWebServiceSoap baWebServiceSoap = locator.getBAWebServiceSoap(url);

    ((Stub)baWebServiceSoap).setUsername(props.getProperty("username"));
    ((Stub)baWebServiceSoap).setPassword(props.getProperty("password"));

So I still have to pass in my username and password. What I'd like to do is to use the credentials that I am logged in to windows. Any ideas?