I have a Java webapp that contains an HttpClient to a remote .NET SOAP web service. So far, so good. The Java webapp runs inside Apache Tomcat on a Windows Server and uses a service account.
Unfortunately, that remote .net web service uses NTLM. This answer gives me some insight into how to do it. But it seems that the configuration stills requires a username/password rather than leveraging the service account Tomcat is running with. Also, I'm not sure what the Java authenticator should look like (as seen here).
Has anyone ever attempted this?
Some interesting links:
It seems that on Java 7/8 with Tomcat 8.x, the following is enough to leverage NTLM authentication "transparently".
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.client.methods.HttpUriRequest;
Followed by
boolean useWindowsAuthentication = true;
HttpUriRequest request;
CloseableHttpClient httpclient;
if (useWindowsAuthentication){
log.info("Using Windows Authentication");
httpclient = WinHttpClients.createDefault();
} else {
httpclient = HttpClients.createDefault();
}