Return-Path: Delivered-To: apmail-ws-axis-user-archive@www.apache.org Received: (qmail 44997 invoked from network); 11 Sep 2009 07:15:53 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 11 Sep 2009 07:15:53 -0000 Received: (qmail 71760 invoked by uid 500); 11 Sep 2009 07:15:51 -0000 Delivered-To: apmail-ws-axis-user-archive@ws.apache.org Received: (qmail 71679 invoked by uid 500); 11 Sep 2009 07:15:50 -0000 Mailing-List: contact axis-user-help@ws.apache.org; run by ezmlm Precedence: bulk Reply-To: axis-user@ws.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list axis-user@ws.apache.org Received: (qmail 71670 invoked by uid 99); 11 Sep 2009 07:15:50 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 11 Sep 2009 07:15:50 +0000 X-ASF-Spam-Status: No, hits=2.2 required=10.0 tests=HTML_MESSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of igaffai@googlemail.com designates 209.85.218.221 as permitted sender) Received: from [209.85.218.221] (HELO mail-bw0-f221.google.com) (209.85.218.221) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 11 Sep 2009 07:15:39 +0000 Received: by bwz21 with SMTP id 21so597369bwz.16 for ; Fri, 11 Sep 2009 00:15:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type; bh=ORXb2ZCkri4dJBnawUM8tJgxSTuoPj3CtanlqNWmw6Q=; b=fJObzG9upicQuwqBzPcDF3dXuKz+UCZfc1CiiPpTLyQ3178ps1GkAJjMTBY1v76gth IiVX3oVzwhCaSJaHZvOk2QeKtoLh3fWAm7qu1dlRtbO7dSmUbvIMns4WbLTA3CKkIQk1 1ZNX7mGhP1P50pLSg9OKx1ZdVOfldUPdmIUss= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=OSKD6cLduzKBq0N8MZLNi8q+XueWeY94U4eZ48GQEMv3JS/clRaCsRSJv5BxRb3R2D qRKjoIrta4hQUPnA7VA1wKhejJ1R+3K3vtqBpqzCMV9gjfr+ytSkAKAVKgg0EzVxjgtR bLCpBad0rBWw06BAW5+YdwdNNWJyzsOB8ce8g= MIME-Version: 1.0 Received: by 10.103.81.8 with SMTP id i8mr1271624mul.80.1252653316608; Fri, 11 Sep 2009 00:15:16 -0700 (PDT) In-Reply-To: References: Date: Fri, 11 Sep 2009 09:15:16 +0200 Message-ID: Subject: Re: Axis Soap Client using Kerberos System Credentials or NTLM using Current logged on user From: =?ISO-8859-1?Q?Henning_Gro=DF?= To: axis-user@ws.apache.org Content-Type: multipart/alternative; boundary=0016e65c8c02f6920504734813fc X-Virus-Checked: Checked by ClamAV on apache.org --0016e65c8c02f6920504734813fc Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Hi Martin! The testserver runs internally and cannot be exposed to the www. Otherwise = I would provide you with a user and the url to the website. SP does not have own authentication but relies on either Kerberos or NTLM. There is nothing special about the SharePoint-situation. Its the same with every AD-authenticating webserver... Is it possible to configure the Axis client to use the current users Credentials to authenticate with Kerberos/NTLM? Regards, Henning. 2009/9/10 Martin Gainty > can you supply a barebones Sharepoint WSDL which has one operation and o= ne > parameter returned? > could you supply minimal set of NT credentials from your AD server that c= an > access the Sharepoint Service? > > thanks, > Martin Gainty > ______________________________________________ > Verzicht und Vertraulichkeitanmerkung/Note de d=E9ni et de confidentialit= =E9 > > Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene > Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugt= e > Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht > dient lediglich dem Austausch von Informationen und entfaltet keine > rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von > E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen. > > Ce message est confidentiel et peut =EAtre privil=E9gi=E9. Si vous n'=EAt= es pas le destinataire pr=E9vu, nous te demandons avec bont=E9 que pour sat= isfaire informez l'exp=E9diteur. N'importe quelle diffusion non autoris=E9e= ou la copie de ceci est interdite. Ce message sert =E0 l'information seule= ment et n'aura pas n'importe quel effet l=E9galement obligatoire. =C9tant d= onn=E9 que les email peuvent facilement =EAtre sujets =E0 la manipulation, = nous ne pouvons accepter aucune responsabilit=E9 pour le contenu fourni. > > > > > > > ------------------------------ > Date: Thu, 10 Sep 2009 23:00:27 +0200 > Subject: Axis Soap Client using Kerberos System Credentials or NTLM using > Current logged on user > From: igaffai@googlemail.com > To: axis-user@ws.apache.org; axis-dev@ws.apache.org > > > Hi! > I need a Soap Client in Java to access WebServices on a SharePoint Server > using Active Directory with Kerberos. > We definately do not want the software to pop up for user:password and > cannot specify it because the software is going to be used on many differ= ent > accounts with different rules/rights. > Using urlconnect works fine because it somehow grabs the stuff from > windows. Using the service with axis does not work (401). > I searched around the web how to make Axis work the way I want but it won= t. > Is the only way to fulfill the task to run a proxy server using urlconnec= t > and specifying this proxy to Axis? That is not a very good solution. Even > when I use random port and a random password for security and only open t= he > socket as long as its needed it still is open for a moment (not really a > security problem but still not a satisfieing solution... > Can someone tell me a way to make Axis authenticate with the server using > the current credentials? > Thank you in advance! > ------------------------------ > Get back to school stuff for them and cashback for you. Try Bing now. > --0016e65c8c02f6920504734813fc Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Hi Martin!
The testserver runs internally and cannot be exposed to the w= ww. Otherwise I would provide you with a user and the url to the website.SP does not have own authentication but relies on either Kerberos or NTLM= . There is nothing special about the SharePoint-situation.
Its the same=A0 with every AD-authenticating webserver...
Is it possible= to configure the Axis client to use the current users Credentials to authe= nticate with Kerberos/NTLM?
Regards, Henning.


2009/9/10 Martin Gainty <mgainty@hotmail.com>
can you supply a barebones Sharepoint WSDL which has one operation and one = parameter returned?
could you supply minimal set of NT credentials from = your AD server that can access the Sharepoint Service?

thanks,
Martin Gainty
______________________________________________
Verzic= ht und Vertraulichkeitanmerkung/Note de d=E9ni et de confidentialit=E9
<= div>=A0
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehe= ne Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefug= te Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachrich= t dient lediglich dem Austausch von Informationen und entfaltet keine recht= liche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails = koennen wir keine Haftung fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut =EAtre privil=E9gi=E9. Si vo=
us n'=EAtes pas le destinataire pr=E9vu, nous te demandons avec bont=E9=
 que pour satisfaire informez l'exp=E9diteur. N'importe quelle diff=
usion non autoris=E9e ou la copie de ceci est interdite. Ce message sert =
=E0 l'information seulement et n'aura pas n'importe quel effet =
l=E9galement obligatoire. =C9tant donn=E9 que les email peuvent facilement =
=EAtre sujets =E0 la manipulation, nous ne pouvons accepter aucune responsa=
bilit=E9 pour le contenu fourni.





Date: Thu, 10 Sep 2009 23:00:27 +0200
Subject: A= xis Soap Client using Kerberos System Credentials or NTLM using Current lo= gged on user
From: igaffai@googlemail.com
To: axis-user@= ws.apache.org; axis-dev@ws.apache.org


Hi!=
I need a Soap Client in Java to access WebServices on a SharePoint Serv= er using Active Directory with Kerberos.
We definately do not want the software to pop up for user:password and cannot specify it because the software is going to be used on many different accounts with different rules/rights.
Using urlconnect works fine because it somehow grabs the stuff from windows= . Using the service with axis does not work (401).
I searched around the= web how to make Axis work the way I want but it wont.
Is the only way to fulfill the task to run a proxy server using urlconnect and specifying this proxy to Axis? That is not a very good solution. Even when I use random port and a random password for security and only open the socket as long as its needed it still is open for a moment (not really a security problem but still not a satisfieing solution...
Can someone tell me a way to make Axis authenticate with the server using t= he current credentials?
Thank you in advance!
Get bac= k to school stuff for them and cashback for you. Try Bing now.

--0016e65c8c02f6920504734813fc--