Java RESTful client [RESTEasy or Apache HttpClient] - NTLM on the other side
Question
How to call RESTful webservice (from Java - using RESTEasy/Apache HttpClient) which requires NTLM authentication within Active Directory, without necessity of entering user data again (domain, username, password) - user is already authenticated in Windows?
GET http://some_server/restapi/books
This works perfectly from web browsers or even java.net.URL library - user is not getting prompted for credentials, no 401 authentication errors - simply 200 OK is returned.
How to do the same using Apache HttpClient or RESTEasy client?
1 answers
solution1
0 2014-01-21 11:04:41
You can do that with this structure;
- When user first enter username and password, you can check user detail on active directory and if success, create an access_token by using username and password. It may be sha-256 encryption(Refer here for creating sha-256)
- Save that access_token to your db and give it an expire time.
- After successful access_token creation, respond that access token to user.
- From now, you can use access_token for service requests
You need to save access token on client side like local storage. Same as if you are useing http client, you can give that access_token in header.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.