Return-Path: X-Original-To: apmail-myfaces-users-archive@www.apache.org Delivered-To: apmail-myfaces-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 399C910EC7 for ; Wed, 21 Aug 2013 13:39:55 +0000 (UTC) Received: (qmail 49808 invoked by uid 500); 21 Aug 2013 13:39:54 -0000 Delivered-To: apmail-myfaces-users-archive@myfaces.apache.org Received: (qmail 49327 invoked by uid 500); 21 Aug 2013 13:39:48 -0000 Mailing-List: contact users-help@myfaces.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "MyFaces Discussion" Delivered-To: mailing list users@myfaces.apache.org Received: (qmail 49318 invoked by uid 99); 21 Aug 2013 13:39:46 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 21 Aug 2013 13:39:46 +0000 X-ASF-Spam-Status: No, hits=1.5 required=5.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of giofyxle@googlemail.com designates 209.85.214.179 as permitted sender) Received: from [209.85.214.179] (HELO mail-ob0-f179.google.com) (209.85.214.179) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 21 Aug 2013 13:39:42 +0000 Received: by mail-ob0-f179.google.com with SMTP id fb19so677963obc.24 for ; Wed, 21 Aug 2013 06:39:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=7+NYZgwoJBgUvKVr/dzmZHDdnZBraq6VB3H3gUxXGIY=; b=jGErs2S/jK0VHLQzmHDvmqllZyjDPAkrIij/n2VztdFrXWfjapNgfBTA37eJaRsDZi ZGtbS6x1DONiuVarYrzvWpt/kg/cDiq8henTIi2hnckcbznAOSUrFCKSDxpEg11oX3zj KdLTdHvNnR+ft+hgggLry0/3hFhRfKqYSNlZJ+U95v51ThAXJU15mzThLJz/+NHl+j4U l+7YbqVQM2XOMO2LmL6q1JQyRkCWk8tMCP8zctG9ZCVD+OdJtJ2TyU5sXJcskk5GEWPh EQiUaROptyrftFyl7tkJsLz/pqoh13FLYltKkX6Bs0Q0Jp2zEoPhG+d/GOCit60sdFYA CZWw== MIME-Version: 1.0 X-Received: by 10.50.9.37 with SMTP id w5mr5914479iga.29.1377092361888; Wed, 21 Aug 2013 06:39:21 -0700 (PDT) Received: by 10.43.136.72 with HTTP; Wed, 21 Aug 2013 06:39:21 -0700 (PDT) In-Reply-To: References: Date: Wed, 21 Aug 2013 15:39:21 +0200 Message-ID: Subject: Re: Consume a ASP.Net Service with windows Authentification from JSF From: =?ISO-8859-1?Q?Georg_F=FCchsle?= To: MyFaces Discussion Content-Type: multipart/alternative; boundary=001a11c2ff900dc88a04e4754d30 X-Virus-Checked: Checked by ClamAV on apache.org --001a11c2ff900dc88a04e4754d30 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable I cancelled this! Still I am not shure about how this has to be done. But I assumed, that I have to send autentication requests to the domain server of the partner company. When I asked for this information (ip and port of the domain server) the partner company stopped their plans and now will offer access top the REST-Service with other autentication proofs. So I will not struggle anymore on this topic. Thank You for your help! Gio 2013/7/25 Georg F=FCchsle > Thanks! Im am still working for it.If I have a solution i will paste it > here. > > > 2013/7/25 Mike Kienenberger > >> I really don't know the details of how it works, but the jcifs servlet >> filter is sufficient to allow NTLM domain-authenticated connections from >> both IE and Firefox to a JSF application most of the time, providing >> all of your web.xml settings are correct. I'm not exactly certain >> how that would play out for connecting to an ASP.NET RESTful service >> instead. >> >> If nothing else, the source code should give you some idea of what's >> going on in a transaction. >> >> On Thu, Jul 25, 2013 at 3:06 AM, Georg F=FCchsle >> wrote: >> > Thank you both, >> > I will try the jcifs first. >> > >> > The autentication method ist NTLM. I assume the Autentification header >> is >> > part of the http-Headers. Is this header only sent from a specially >> > configured browser. Because I try with my own machine and own Browser >> > >> > Thanks >> > Gio. >> > >> > >> > 2013/7/24 Jim May >> > >> >> You would need to find a way to set the authentication header. I dont >> know >> >> how easily that is with windows authentication. Maybe painful. You ma= y >> have >> >> to switch the authentication method OR setup something like oauth tha= t >> uses >> >> tokens so that the two apps trust each other. >> >> On Jul 24, 2013 5:46 AM, "Georg F=FCchsle" >> wrote: >> >> >> >> > I have to make calls to an customers ASP.NET RESTful Service. This >> >> service >> >> > is protecetd by a windows authentification. >> >> > >> >> > As far as I assume, this means, the user will use a browser on a >> windows >> >> > computer inside their company. They open my web-app that is hosted >> >> outside >> >> > their company. From this web-Apap I call again the REST-Service >> inside >> >> this >> >> > company. To have permission to the service I have to send the user >> >> > authentification data. >> >> > >> >> > My question: What do I (in the JSF-web-app outside the company) hav= e >> to >> >> do >> >> > to deliver the user-information towards the REST-service? >> >> > >> >> > Has anybody done something like this? >> >> > >> >> > >> >> > Thanks in advance, >> >> > >> >> > Gio >> >> > >> >> >> > > --001a11c2ff900dc88a04e4754d30--