You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by Henning Groß <ig...@googlemail.com> on 2009/09/10 23:00:27 UTC
Axis Soap Client using Kerberos System Credentials or NTLM using
Current logged on user
Hi!
I need a Soap Client in Java to access WebServices on a SharePoint Server
using Active Directory with Kerberos.
We definately do not want the software to pop up for user:password and
cannot specify it because the software is going to be used on many different
accounts with different rules/rights.
Using urlconnect works fine because it somehow grabs the stuff from windows.
Using the service with axis does not work (401).
I searched around the web how to make Axis work the way I want but it wont.
Is the only way to fulfill the task to run a proxy server using urlconnect
and specifying this proxy to Axis? That is not a very good solution. Even
when I use random port and a random password for security and only open the
socket as long as its needed it still is open for a moment (not really a
security problem but still not a satisfieing solution...
Can someone tell me a way to make Axis authenticate with the server using
the current credentials?
Thank you in advance!
Re: Axis Soap Client using Kerberos System Credentials or NTLM using
Current logged on user
Posted by Henning Groß <ig...@googlemail.com>.
Hi Martin!
The testserver runs internally and cannot be exposed to the www. Otherwise I
would provide you with a user and the url to the website.
SP does not have own authentication but relies on either Kerberos or NTLM.
There is nothing special about the SharePoint-situation.
Its the same with every AD-authenticating webserver...
Is it possible to configure the Axis client to use the current users
Credentials to authenticate with Kerberos/NTLM?
Regards, Henning.
2009/9/10 Martin Gainty <mg...@hotmail.com>
> can you supply a barebones Sharepoint WSDL which has one operation and one
> parameter returned?
> could you supply minimal set of NT credentials from your AD server that can
> access the Sharepoint Service?
>
> thanks,
> Martin Gainty
> ______________________________________________
> Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité
>
> Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene
> Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte
> Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht
> dient lediglich dem Austausch von Informationen und entfaltet keine
> rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von
> E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.
>
> Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni.
>
>
>
>
>
>
> ------------------------------
> Date: Thu, 10 Sep 2009 23:00:27 +0200
> Subject: Axis Soap Client using Kerberos System Credentials or NTLM using
> Current logged on user
> From: igaffai@googlemail.com
> To: axis-user@ws.apache.org; axis-dev@ws.apache.org
>
>
> Hi!
> I need a Soap Client in Java to access WebServices on a SharePoint Server
> using Active Directory with Kerberos.
> We definately do not want the software to pop up for user:password and
> cannot specify it because the software is going to be used on many different
> accounts with different rules/rights.
> Using urlconnect works fine because it somehow grabs the stuff from
> windows. Using the service with axis does not work (401).
> I searched around the web how to make Axis work the way I want but it wont.
> Is the only way to fulfill the task to run a proxy server using urlconnect
> and specifying this proxy to Axis? That is not a very good solution. Even
> when I use random port and a random password for security and only open the
> socket as long as its needed it still is open for a moment (not really a
> security problem but still not a satisfieing solution...
> Can someone tell me a way to make Axis authenticate with the server using
> the current credentials?
> Thank you in advance!
> ------------------------------
> Get back to school stuff for them and cashback for you. Try Bing now.<http://www.bing.com/cashback?form=MSHYCB&publ=WLHMTAG&crea=TEXT_MSHYCB_BackToSchool_Cashback_BTSCashback_1x1>
>
Re: Generated WSDL has wrong "types"
Posted by Amila Suriarachchi <am...@gmail.com>.
On Fri, Sep 11, 2009 at 8:15 PM, Lorenzo Carnevale <
lorenzo.carnevale@innovery.it> wrote:
> Sorry, I have yet another problem.
> I have to add the policy tags to the wsdl, so I use USEORIGINALWSDL to
> false... the resulting WSDL copies the policy tags correctly from
> SERVICES.XML, but the original 'types' of the input and output elements
> disappered...
>
try to add the policy to relavent place in wsdl file instead of adding them
to services.xml.
thanks,
Amila.
>
> Origianl WSDL :
>
> <element name="ExecuteSelectResponse">
> <complexType>
> <sequence>
> <element name="Result" minOccurs="0" type="tse:selectResponse" />
> </sequence>
> </complexType>
> </element>
>
> <complexType name="selectResponse">
> <sequence>
> <element name="response" type="xsd:int" />
> <element name="xmlResponse" type="xsd:base64Binary" />
> <element name="message" type="xsd:string" />
> </sequence>
> </complexType>
>
> Generated WSDL:
>
> <xs:element name="ExecuteSelectResponse">
> <xs:complexType>
> <xs:sequence>
> <xs:element minOccurs="0" name="return"
> nillable="true" type="xs:anyType"/>
> </xs:sequence>
> </xs:complexType>
> </xs:element>
>
> So the usual 'wizards' that build clients from WSDLs can't really guess
> what's going on.
> Thanks
> Lorenzo
>
--
Amila Suriarachchi
WSO2 Inc.
blog: http://amilachinthaka.blogspot.com/
Generated WSDL has wrong "types"
Posted by Lorenzo Carnevale <lo...@innovery.it>.
Sorry, I have yet another problem.
I have to add the policy tags to the wsdl, so I use USEORIGINALWSDL to
false... the resulting WSDL copies the policy tags correctly from
SERVICES.XML, but the original 'types' of the input and output elements
disappered...
Origianl WSDL :
<element name="ExecuteSelectResponse">
<complexType>
<sequence>
<element name="Result" minOccurs="0" type="tse:selectResponse"
/>
</sequence>
</complexType>
</element>
<complexType name="selectResponse">
<sequence>
<element name="response" type="xsd:int" />
<element name="xmlResponse" type="xsd:base64Binary" />
<element name="message" type="xsd:string" />
</sequence>
</complexType>
Generated WSDL:
<xs:element name="ExecuteSelectResponse">
<xs:complexType>
<xs:sequence>
<xs:element minOccurs="0" name="return"
nillable="true" type="xs:anyType"/>
</xs:sequence>
</xs:complexType>
</xs:element>
So the usual 'wizards' that build clients from WSDLs can't really guess
what's going on.
Thanks
Lorenzo
RE: Axis Soap Client using Kerberos System Credentials or NTLM
using Current logged on user
Posted by Martin Gainty <mg...@hotmail.com>.
can you supply a barebones Sharepoint WSDL which has one operation and one parameter returned?
could you supply minimal set of NT credentials from your AD server that can access the Sharepoint Service?
thanks,
Martin Gainty
______________________________________________
Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni.
Date: Thu, 10 Sep 2009 23:00:27 +0200
Subject: Axis Soap Client using Kerberos System Credentials or NTLM using Current logged on user
From: igaffai@googlemail.com
To: axis-user@ws.apache.org; axis-dev@ws.apache.org
Hi!
I need a Soap Client in Java to access WebServices on a SharePoint Server using Active Directory with Kerberos.
We
definately do not want the software to pop up for user:password and
cannot specify it because the software is going to be used on many
different accounts with different rules/rights.
Using urlconnect works fine because it somehow grabs the stuff from windows. Using the service with axis does not work (401).
I searched around the web how to make Axis work the way I want but it wont.
Is
the only way to fulfill the task to run a proxy server using urlconnect
and specifying this proxy to Axis? That is not a very good solution.
Even when I use random port and a random password for security and only
open the socket as long as its needed it still is open for a moment
(not really a security problem but still not a satisfieing solution...
Can someone tell me a way to make Axis authenticate with the server using the current credentials?
Thank you in advance!
_________________________________________________________________
Get back to school stuff for them and cashback for you.
http://www.bing.com/cashback?form=MSHYCB&publ=WLHMTAG&crea=TEXT_MSHYCB_BackToSchool_Cashback_BTSCashback_1x1