This week's book giveaway is in the Design forum.
We're giving away four copies of Building Microservices and have Sam Newman on-line!
See this thread for details.
The moose likes Web Services and the fly likes web service client needs to pass a Windows security token for authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Building Microservices this week in the Design forum!
JavaRanch » Java Forums » Java » Web Services
Bookmark "web service client needs to pass a Windows security token for authentication" Watch "web service client needs to pass a Windows security token for authentication" New topic
Author

web service client needs to pass a Windows security token for authentication

Ravi Danum
Ranch Hand

Joined: Jan 13, 2009
Posts: 104
Hello,

I'm writing a client which accesses an IIS web service. The client is on a Windows machine. I have to authenticate with the web service using integrated authentication. I am told that when a user logs onto a Windows machine, a security token is created. In addition, this token should be passed to the IIS web service to authenticate the client. This authentication does not need the client's userId and password.

Does anyone know how the java client code can be written to obtain this token and use it to authenticate with the web service?

If this can't be done in java, is there a library I can use through jni?

(I have used the HttpClient from Apache and got that working using the digest authentication mechanism. For this I needed userid and password. My new requirement is to not use the userid/password)

Thanks in advance for any information.

-Ravi

Pat Gonzalez
Greenhorn

Joined: Oct 18, 2009
Posts: 19
Here's a library, http://spnego.sourceforge.net/protected_soap_service.html, that does exactly what you are describing.
 
I’ve looked at a lot of different solutions, and in my humble opinion Aspose is the way to go. Here’s the link: http://aspose.com
 
subject: web service client needs to pass a Windows security token for authentication
 
It's not a secret anymore!