Using Apache Axis with integrated Windows Authentication

Occasionally you might want to use Apache Axis with the Integrated Windows Authentication. To do so you need to tell Axis to use different class for HTTP communication than it normally does. I found this post on Mark Mascolino's place on the web on how to do so:

"I haven't seen a single place that describes everything that you need to do in order to use Apache Axis to access web services that are protected using IIS's Integrated Windows Authentication (or NTLM) scheme. Its not very hard to get the product to support it, but the documentation isn't all in one place.

In order for Axis to support Integrated Windows Authentication, you need to tell the Axis client to use a different class for HTTP communications. In Axis parlance, these classes are called Handlers, that is they are subclasses of Handler. By default, the Axis client uses the HTTPSender for its communications. The CommonsHTTPSender however is the one that supports Integrated Windows Authentication. The easiest way to use to instruct the Axis client to use this class for HTTP communications is to create a custom client-config.wsdd file. Here is a simple one that enables using the CommonsHTTPSender class for HTTP communication:



<?xml version="1.0" encoding="UTF-8"?>

<deployment name="commonsHTTPConfig"

xmlns="http://xml.apache.org/axis/wsdd/"

xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">

<transport name="http" pivot="java:org.apache.axis.transport.http.CommonsHTTPSender" />

<transport name="local" pivot="java:org.apache.axis.transport.local.LocalSender" />


<transport name="java" pivot="java:org.apache.axis.transport.java.JavaSender" />

</deployment>

One easy way to make sure that Axis notices your configuration file is to store this file in the classpath at the location org/apache/axis/client. The client will find this configuration file dynamically at runtime. There are several other ways configure the Axis client that may be more appropriate to your situation.

Lastly, make sure your classpath includes Apache Jakarta Commons Http Client and Apache Jakarta Commons Codec. If you are using Apache Axis 1.3, you must use the 3.x series of Http Client.

Once you have done this, you should be able to use Apache Axis against web services that are protected by Integrated Windows Authentication.

Update: To answer Yuhua's question from below, specifing usernames and passwords is no different than any other Axis based webservice. For whatever generated class implements the Stub interface, you can call the setUsername(String) and setPassword(String) methods. The username component would consist of your domain name as well as your username, seperated by a backslash."