cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Kulp <dk...@apache.org>
Subject Re: NTLM security between WCF and CXF
Date Tue, 06 Sep 2011 20:24:52 GMT


This exception is due to the WSDL that is being used likely having a custom MS 
defined policy extensor in it.  If you grab the wsdl and use a "clean" 
version, your code likely should work.

Dan


On Friday, September 02, 2011 12:55:53 PM samyem wrote:
> I'm trying to use NTLM to secure WCF web service that is to be called from
> CXF. I'm using .NET 4 and CXF 2.4.2. On an earlier version of CXF, I had
> been successful in using NTLM authentication using the jcifs library as
> described in
> http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html
> 
> It appears that now with the newer version, things have changed and that
> technique no longer seems to work. On WCF, I got the binding defined as:
> <basicHttpBinding>
> <binding name="serviceBinding">
>   <security mode="TransportCredentialOnly">
>      <transport clientCredentialType="Ntlm" proxyCredentialType="None"
> realm=""/>
>    </security>
> </binding>
> </basicHttpBinding>
> 
> On the Java side, I got the proxy generated and the client side code has the
> jcifs code:
>         jcifs.Config.setProperty("jcifs.smb.client.domain",
> domain.toLowerCase());
>         jcifs.Config.setProperty("jcifs.netbios.wins", hostname);
>         jcifs.Config.setProperty("jcifs.smb.client.soTimeout", "300000");
> 
>         // 20 minutes
>         jcifs.Config.setProperty("jcifs.netbios.cachePolicy", "1200");
>         jcifs.Config.setProperty("jcifs.smb.client.username", user);
>         jcifs.Config.setProperty("jcifs.smb.client.password", password);
> 
>         jcifs.Config.registerSmbURLHandler();
> ...
>         Client client = ClientProxy.getClient(port);
>         HTTPConduit http = (HTTPConduit) client.getConduit();
>         HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
>         httpClientPolicy.setConnectionTimeout(36000);
>         httpClientPolicy.setAllowChunking(false);
>         http.setClient(httpClientPolicy);
> 
> ...
> 
> When I run the Java client, I get this:
> 
> Sep 2, 2011 1:44:33 PM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl
> handleNoRegisteredBuilder
> WARNING: No assertion builder for type
> {http://schemas.microsoft.com/ws/06/2004/policy/http}NtlmAuthentication
> registered.
> Exception in thread "main" org.apache.cxf.ws.policy.PolicyException: None of
> the policy alternatives can be satisfied.
> 	at
> org.apache.cxf.ws.policy.EndpointPolicyImpl.chooseAlternative(EndpointPolicy
> Impl.java:165) at
> org.apache.cxf.ws.policy.EndpointPolicyImpl.finalizeConfig(EndpointPolicyImp
> l.java:145) at
> org.apache.cxf.ws.policy.EndpointPolicyImpl.initialize(EndpointPolicyImpl.ja
> va:141) at
> org.apache.cxf.ws.policy.PolicyEngineImpl.createEndpointPolicyInfo(PolicyEng
> ineImpl.java:555) at
> org.apache.cxf.ws.policy.PolicyEngineImpl.getEndpointPolicy(PolicyEngineImpl
> .java:301) at
> org.apache.cxf.ws.policy.PolicyEngineImpl.getClientEndpointPolicy(PolicyEngi
> neImpl.java:283) at
> org.apache.cxf.transport.http.policy.PolicyUtils.getClient(PolicyUtils.java:
> 150) at
> org.apache.cxf.transport.http.HTTPConduit.<init>(HTTPConduit.java:304) at
> org.apache.cxf.transport.http.ClientOnlyHTTPTransportFactory.getConduit(Clie
> ntOnlyHTTPTransportFactory.java:63) at
> org.apache.cxf.transport.http.ClientOnlyHTTPTransportFactory.getConduit(Clie
> ntOnlyHTTPTransportFactory.java:50) at
> org.apache.cxf.binding.soap.SoapTransportFactory.getConduit(SoapTransportFac
> tory.java:228) at
> org.apache.cxf.endpoint.AbstractConduitSelector.getSelectedConduit(AbstractC
> onduitSelector.java:88) at
> org.apache.cxf.endpoint.UpfrontConduitSelector.selectConduit(UpfrontConduitS
> elector.java:71) at
> org.apache.cxf.endpoint.ClientImpl.getConduit(ClientImpl.java:814)
> 
> 
> Thus failing as soon as client.getConduit() is called. I have not found any
> working example of what's the proper way of using NTLM with CXF. Any help?
> 
> Thanks,
> Samyem
> 
> --
> View this message in context:
> http://cxf.547215.n5.nabble.com/NTLM-security-between-WCF-and-CXF-tp4763671
> p4763671.html Sent from the cxf-user mailing list archive at Nabble.com.
-- 
Daniel Kulp
dkulp@apache.org
http://dankulp.com/blog
Talend - http://www.talend.com

Mime
View raw message