java - How can I get jcifs to play nicely with apache axis

Question

I need to connect Apache Axis 1.4 to a Webservice that uses NTLM authentication to restrict access to its operations. I'm expecting to use Samba Jcifs to handle the NTLM handshake.

I found

http://hc.apache.org/httpcomponents-client/ntlm.html

which gives me fantastic directions for how to wire up HttpClient 4.0 with jcifs.

Trouble is, Axis wants to use Http Client 3.0 and the two apis look very different.

There are 2 possibilities that I can see

1. Write an object for Axis that lets it plug into HttpClient 4.
2. Figure out how to wire HttpClient 3.0 up with Samba Jcifs.

Number 1. looks non-trivial, but possible Number 2. I cannot find any encouraging messages on the web describing how to do this.

My question is: has anyone successfully connected samba jcifs with HttpClient 3.0 ? Has anyone already created an Axis HttpSender object that works with HttpClient 4 ?

Is there some better alternative that I have not considered?

Answer 1

Finally have a solution to this.

The problem

Apache Axis uses Apache HTTPClient which provides its own NTLM implementation.
However this implementation is incomplete; it only supports the primitive LM authentication.
The system I need to connect to insists upon the more recent NTLM authentication.

Therefore my Webservice was failing to authenticate when using the Apache HTTP Client with NTLM.

This actually then enters an infinite loop as the HTTPClient will never stop trying and failing to authenticate.

The solution

jcifs fully supports all 3 versions of the NTLM handshake.
I have copy-and-pasted org.apache.commons.httpclient.auth.NTLM into my own class (it is declared as 'final' in order to defeat inheritance)

I have then overwritten the method

public String getType3Message(
        String user, String password, String host, String domain,
        byte[] nonce) throws AuthenticationException

to construct an instance of jcifs.ntlmssp.Type3Message and use this object to return a Type3Message that has the NTML authentication correctly generated.

I then needed to create my own instance of org.apache.commons.httpclient.auth.AuthScheme to make use of this new NTLM implementation. call org.apache.commons.httpclient.auth.AuthPolicy.registerAuthScheme(AuthPolicy.NTLM, MyNewAuthScheme.class)

start up my WS endpoint stub.

And it works !!!