If your android application use any internet resource like a API call or SOAP call , behind a corporate proxy you might get a authentication failed message. The issue is because the proxy server is using an authentication mechanism to restrict access. Usually proxies support basic authentication then you can get around with android builtin classes see the sample code
1 2 3 4 |
Authenticator.setDefault(new Authenticator(){ protected PasswordAuthentication getPasswordAuthentication() { return new PasswordAuthentication("myuser","mypass".toCharArray()); }}); |
If incase the proxy doesnt support basic authentication and do have NTLM authentication support ( Mostly ISA proxy) you cannot get the authentication to work as easy as before. I have been reading some details on ntlm and few open source implementation of it. I came accross jcif library and found few usefull classes and added few android specific helper classes to make a tiny library.
With the library NTLM authentication is made very simple. Only thing you need to know is you domain name , username and password,Proxy server details if any, add the library to your build path and use NTLM class in net.maxters.ntlm package. Use the static method setNTLM with desired HttpClient and authentication parameters.
few variation of the method is also include where you can explicitly specify the scope, user credentials, proxy details, etc. Methods are
1 2 3 4 5 6 7 8 |
static void setNTLM(AbstractHttpClient client, NTCredentials credential) static void setNTLM(AbstractHttpClient client, NTCredentials credential, AuthScope scope, HttpHost proxy) static void setNTLM(AbstractHttpClient client, NTCredentials credential, HttpHost proxy) static void setNTLM(AbstractHttpClient client, java.lang.String username, java.lang.String password, java.lang.String domain) static void setNTLM(AbstractHttpClient client, java.lang.String username, java.lang.String password, java.lang.String domain, AuthScope scope, java.lang.String proxyHost, int proxyPort) static void setNTLM(AbstractHttpClient client, java.lang.String username, java.lang.String password, java.lang.String domain, java.lang.String proxyHost, int proxyPort) static void setNTLM(DefaultHttpClient client, java.lang.String userName, java.lang.String password, java.lang.String domain, HttpHost proxy) static void setNTLM(DefaultHttpClient client, java.lang.String userName, java.lang.String password, java.lang.String domain, java.lang.String proxyHost, int proxyport) |
An example for http get would be like
1 2 3 4 5 6 |
URL url = new URL(urlString); DefaultHttpClient client = new DefaultHttpClient(); NTLM.setNTLM(client, USER_NAME, PASSWORD, DOMAIN,PROXY_HOST,PROXY_PORT); HttpGet get = new HttpGet(url.toURI()); HttpResponse resp = client.execute(get); InputStream stream= resp.getEntity().getContent(); |
An example for http post would be like
1 2 3 4 5 6 7 8 |
URL url = new URL(urlString); DefaultHttpClient client = new DefaultHttpClient(); NTLM.setNTLM(client, USER_NAME, PASSWORD, DOMAIN,PROXY_HOST,PROXY_PORT); HttpPost post = new HttpPost(url.toURI()); post.setHeader("Content-Type","application/x-www-form-urlencoded"); post.setEntity(new StringEntity(postData)); HttpResponse resp = client.execute(post); InputStream stream= resp.getEntity().getContent(); |
{filelink=4}
thanks
hi, the downlaod link for this ntlm library is broken, any chance of a re-upload???
Thanks for notification. Link is fixed 🙂
That’s great thanks this library is exactly what i’ve been looking for, can i use it freely? giving credit obviously
yup, its free 🙂
thankyou again, credit will be giving where highly due
try this app, solved the proxy settings for web browsers on android devices https://market.android.com/details?id=com.droid.cntlm
Thanks
Great work. Thanks.
I am using your NTLM authentication in an internal app at the company I work for. It works great! Is it possible to get the source? I need to satisfy legal, even with an internal app, that there are no open source license files (Apache, LGPL, etc.) we need to include with the app.
Thanks!
Hi, can i use you libary with this tutorial ? Any example?
http://weblogs.asp.net/uruit/archive/2011/09/13/accessing-odata-from-android-using-restlet.aspx
My Problem: My odata webservice is NTLM protected.
I would try your lib. How can I get it? No download link there!?
click on download at the end of the post
i see login button there and i cannot login also there is no place to register on this website
sorry about that can you try again . it should work without login now.
hi, i am trying to use your library, but the app stop working when i do the client.execute(post),
i need to use https, your library works for it?
hi, i havent tested https , i did it long before , right now i dont have access to ntlm protected system as soon as i get one i will post my results
Hi, I have try it with a signed https conexion. So maybe that difficult the process.
And thanks for your time.
is der any public url which is similar to you scenario ? for testing
i cant give you the one that we are using and i dont know anyone similar. But i test it before with a code that acept all certificates, so you use the IIS default one for that. i get the code from here: “SimonJ Response”
http://stackoverflow.com/questions/3761737/https-get-ssl-with-android-and-self-signed-server-certificate/4008166#4008166
As i say is only for test. and dont have to create a keystore on the app.
Can this be used with a webView? And if so, how?
This lib is not working for me unfortunately. In browser the authentication is working and when I tried decoding the tokens exchanged during authentication I found that browser is sending token in NTLMSSP and your code sends it as NTLMSSP2. If you could explain me what might be wrong I would be grateful to you. Thanks…
Does not work with https. If I put https url, it ignores it and sends http request
I got “The method setNTLM(AbstractHttpClient, String, String, String, AuthScope, HttpHost) from the type NTLM is not visible”
– after adding jar, and importing it to the class.