Uploaded image for project: 'Red Hat Fuse'
  1. Red Hat Fuse
  2. ENTESB-4785

Switchyard: Invoking outbound soap webservice with NTLM authentication fails

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • jboss-fuse-6.3
    • jboss-fuse-6.2.1
    • SwitchYard
    • None
    • % %
    • Hide

      Check the attached switchyard application, (switchyard-example.xml).
      This issue is with Windows NTML authentication.

      Workaround :

      import sun.net.www.protocol.http.ntlm.NTLMAuthenticationCallback;

static {
    NTLMAuthenticationCallback.setNTLMAuthenticationCallback(new NTLMAuthenticationCallback()
    {
        @Override
        public boolean isTrustedSite(URL url)
        {
            return false;
        }
    });
}
      • The deployment of the above code in the artifacts is failing as FSW server was not recognizing the internal sun APIs. Using the code above, resulted in successful invocation of the webservice and a valid response as well.
      Show
      Check the attached switchyard application, (switchyard-example.xml). This issue is with Windows NTML authentication. Workaround : As per the link http://stackoverflow.com/questions/6184881/can-javas-single-sign-on-use-credentials-from-credential-manager-on-windo , including the below code snippet in the JUnit test case gives a valid response from the web service. User credentials that are configured in switchyard.xml are being passed to the webservice. import sun.net.www.protocol.http.ntlm.NTLMAuthenticationCallback; static { NTLMAuthenticationCallback.setNTLMAuthenticationCallback( new NTLMAuthenticationCallback() { @Override public boolean isTrustedSite(URL url) { return false ; } }); } The deployment of the above code in the artifacts is failing as FSW server was not recognizing the internal sun APIs. Using the code above, resulted in successful invocation of the webservice and a valid response as well.

      • Check the below credentials for NTLM authentication in the attached switchyard.xml file in the soap binding. Replace the username, password and domain to map to the NTML server credentials. 
        <sca:reference name="MyService" multiplicity="0..1" promote="mycomponent/MyService">
      <sca:interface.wsdl interface="MyServiceInterface.wsdl#wsdl.porttype(MyServiceInterface)"/>
      <soap:binding.soap name="soap1">
        <soap:wsdl>META-INF/CRM_IntegrationService.wsdl</soap:wsdl>
        <soap:wsdlPort>BasicHttpBinding_CRM_IntegrationService</soap:wsdlPort>
        <soap:endpointAddress>http://localhost:8080/switchyard-example-server/CRM_IntegrationService</soap:endpointAddress>
        <soap:ntlm>
          <soap:user>vgohel</soap:user>
          <soap:password>somePass</soap:password>
          <soap:domain>SomeDomain</soap:domain>
        </soap:ntlm>
      </soap:binding.soap>
    </sca:reference>

      The application deploys fine. The issue is that if JBoss Fuse/FSW server is configured to run as a windows service, it is observed that NTLM authentication is being successfully performed but not with user credentials as specified in the switchyard.xml file as the above. It is being done with the logged in user in the Windows.

      • The credentials specified for NTML in the switchyard.xml seem to be ignored and the authentication does not happen with those credentials.

        1. switchyard-example.zip
          42 kB

            virchete_jira David virgil naranjo (Inactive)
            rhn-support-vgohel Viral Gohel
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: