| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
| Windows Authenticated Web Service access |
« View previous topic :: View next topic » |
| Author |
Message
|
| dilse |
 Posted: Wed Oct 04, 2006 8:56 am Post subject: |
 |
|
Master
Joined: 24 Jun 2004
Posts: 270
|
Thanks a lot for your help alexey.
I raised a PMR on this and also spoke to some of the IBM personnel and they said they will consider sending userid with the Web Service request.
Bu ib the mean time I will go thru what you have sent me and try to see this thing resolved.
Once agian thanks a lot.
DilSe.. |
|
| Back to top |
|
 |
| nvenkatesh |
| Posted: Wed Jun 27, 2007 1:25 am Post subject: Basic authentication - Base64 encoding in ESQL |
|
|
Apprentice
Joined: 29 Jan 2007
Posts: 45
|
Hi,
If you need to encode the credentials using Base64 encoding for basic authentication in web services,
it can be did using ESQL itself. below is the ESQL function to do the base64 encoding.
| Code: |
CREATE FUNCTION Base64Encode(IN credential CHARACTER) RETURNS CHARACTER
BEGIN
DECLARE Base64 ROW;
SET Base64.BASE64TABLE[] = LIST{'A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z',
'a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z',
'0','1','2','3','4','5','6','7','8','9','+','/'};
DECLARE B64credential CHARACTER '';
DECLARE i INTEGER 1;
DECLARE len INTEGER;
DECLARE credentialbit BIT;
DECLARE PAD BIT B'0';
DECLARE credentialbittrunc BIT;
DECLARE bit6int INTEGER;
DECLARE padlen INTEGER;
SET credentialbit = CAST(credential AS BIT CCSID 1208);
SET padlen = 6 - MOD(LENGTH(credentialbit),6);
IF padlen = 6 THEN
SET padlen = 0;
END IF;
DECLARE bit24mod INTEGER MOD(LENGTH(credentialbit),24);
WHILE i<padlen DO
SET PAD = PAD || B'0';
SET i = i + 1;
END WHILE;
SET credentialbit = credentialbit || PAD;
SET len = LENGTH(credentialbit);
SET i = 1;
WHILE(i<len) DO
SET credentialbittrunc = OVERLAY(B'0000000000000000000000000000000000000000000000000000000000000000' PLACING SUBSTRING(credentialbit FROM i FOR 6) FROM 59 FOR 6);
SET bit6int = CAST(credentialbittrunc AS INTEGER);
SET B64credential = B64credential || Base64.BASE64TABLE[bit6int+1];
SET i = i + 6;
END WHILE;
IF bit24mod = 8 THEN
SET B64credential = B64credential || '==';
ELSEIF bit24mod = 16 THEN
SET B64credential = B64credential || '=';
END IF;
RETURN B64credential;
END; |
[admin]edited for readability[/admin] |
|
| Back to top |
|
|
| gunjand |
| Posted: Wed Aug 05, 2009 7:55 am Post subject: |
|
|
Novice
Joined: 21 May 2009
Posts: 23
|
| Did you find any direct way to invoke NTLM authenticated service from MessageBroker? |
|
| Back to top |
|
|
| angka |
| Posted: Sun Dec 20, 2009 6:53 pm Post subject: |
|
|
Chevalier
Joined: 20 Sep 2005
Posts: 406
|
Hi,
So did anyone find out the solution to authenticate via NTLM using Message Broker httpRequest Node? I am on V7.0.
Below is what I found from wiki:
The protocol uses a challenge-response sequence requiring the transmission of three messages between the client (wishing to authenticate) and the server (requesting authentication):
1)The client first sends a Type 1 message containing a set of flags of features supported or requested (such as encryption key sizes, request for mutual authentication, etc.) to the server.
2)The server responds with a Type 2 message containing a similar set of flags supported or required by the server (thus enabling an agreement on the authentication parameters between the server and the client) and, more importantly, a random challenge (8 bytes).
3)Finally, the client uses the challenge obtained from the Type 2 message and the user's credentials to calculate the response. The calculation methods differ based on the NTLM authentication parameters negotiated previously, but in general they apply MD4/MD5 hashing algorithms and DES encryption to compute the response. The client then sends the response to the server in a Type 3 message
There is exchanges of message so how will Message broker handle this?
Thanks |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Sun Dec 20, 2009 9:24 pm Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
The messages you are referring to are part of the authentication or ssl protocol and have nothing to do with the broker messages.
The real question here is: Does the broker handle NTLM authentication in the http node. I suggest you verify the documentation and / or raise a PMR.
Have fun 
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| angka |
| Posted: Mon Dec 21, 2009 6:40 pm Post subject: |
|
|
Chevalier
Joined: 20 Sep 2005
Posts: 406
|
Hi,
Okay thanks. Raised PMR already. Will get back once I got the answer. |
|
| Back to top |
|
|
| mgk |
| Posted: Tue Dec 22, 2009 2:30 am Post subject: |
|
|
Padawan
Joined: 31 Jul 2003
Posts: 1642
|
| Quote: |
| Does the broker handle NTLM authentication |
I'm afraid that the answer is no.
_________________
MGK
The postings I make on this site are my own and don't necessarily represent IBM's positions, strategies or opinions. |
|
| Back to top |
|
|
| zpat |
| Posted: Fri May 13, 2011 5:18 am Post subject: |
|
|
Jedi Council
Joined: 19 May 2001
Posts: 5866
Location: UK
|
| Is the answer still no, with WMB 7.0.0.2? |
|
| Back to top |
|
|
| mgk |
| Posted: Fri May 13, 2011 8:14 am Post subject: |
|
|
Padawan
Joined: 31 Jul 2003
Posts: 1642
|
| Quote: |
| Is the answer still no, with WMB 7.0.0.2? |
Yes, unless you write custom HTTP logic (e.g. in a JCN). If this is something you need, please raise a requirement for it.
Kind Regards,
_________________
MGK
The postings I make on this site are my own and don't necessarily represent IBM's positions, strategies or opinions. |
|
| Back to top |
|
|
| cmrohila |
| Posted: Wed Jul 04, 2012 12:41 pm Post subject: Java code to perform make HTTP/S request after NTLM Auth |
|
|
Newbie
Joined: 04 Jul 2012
Posts: 1
|
Have a separate util class(NTLMAuthenticator) as follows:
| Code: |
import java.net.Authenticator;
import java.net.PasswordAuthentication;
public class NTLMAuthenticator extends Authenticator {
String username = "username";
String password = "password";
public PasswordAuthentication getPasswordAuthentication() {
return (new PasswordAuthentication(username, password.toCharArray()));
}
} |
In JCN you can use it perform the NTLM Authentication and doing an HTTPS communication as follows(For HTTP communication, Omit the certificate acceptance code and directly start building URL object and obtaining a HttpURLConnection object):
| Code: |
Authenticator.setDefault(new NTLMAuthenticator());
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
}
}
};
try {
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (Exception e) {
e.printStackTrace();
}
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
URL url = new URL("webservice URL");
HttpsURLConnection conn = (HttpsURLConnection)url.openConnection();
conn.setDoOutput(true);
conn.setRequestProperty("Content-Type", "text/xml; charset=utf-8");
conn.setRequestProperty("SOAPAction", "SOAPAction string");
conn.setRequestMethod("POST");
OutputStream os = conn.getOutputStream();
// SOAP 1.1
os.write(request.getBytes("UTF-8"));
os.close();
InputStream ins = conn.getInputStream();
BufferedReader reader = new BufferedReader(new InputStreamReader(ins));
StringBuffer responseBuffer = new StringBuffer();
String responseLine = null;
while((responseLine = reader.readLine()) != null)
responseBuffer.append(responseLine);
ins.close();
System.out.println(responseBuffer.toString());
inLocalEnvRoot.createElementAsLastChildFromBitstream(responseBuffer.toString().getBytes("UTF-8"),
MbXMLNSC.PARSER_NAME,
null,
"MsgSetName",
null,
0,
1208,
0); |
|
|
| Back to top |
|
|
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
