How Do I Call a Web Service Protected by Windows Integrated Authentication? (Magic xpi 4.9)
This topic explains how to configure your environment to enable the consumption of Web services that require Integrated Windows Authentication (IWA).
An overview of IWA is available at: http://en.wikipedia.org/wiki/Integrated_Windows_Authentication
-
Create a text file named jaasconfig.conf that holds the following content:
KrbCredentials {
com.sun.security.auth.module.Krb5LoginModule required debug=true
doNotPrompt=false
useTicketCache=true;
};
-
Add the following three entries to your magic.ini file in the [MAGIC_SPECIALS] section:
-
OverrideSoapSpyForIntegratedAuthentication=Y
-
Java1.6Home = <Magic xpi installation>\Runtime\JRE
-
IntegratedAuthenticationJvmArgs= -Djava.security.auth.login.config=c:\temp\jaasconfig.conf -Dsun.security.jgss.debug=true -Dsun.security.krb5.debug=true
The path for the configuration file (in bold) should match the location of the file on your machine.
-
When you invoke a Web service after this setup, the Windows log-in credentials of the current Windows user is added to each call.
-
The calling party and the provider must use the same active directory.
To enable a trace on the Java proxy server making the calls, change the third SPECIAL flag as follows:
[MAGIC_SPECIALS]
IntegratedAuthenticationJvmArgs=-Djava.security.auth.login.config=C:\temp\jaasconfig.conf -Dsun.security.jgss.debug=true -Dsun.security.krb5.debug=true -Dcom.magicsoftware.ssj.integratedauth.debug=true
The WS calls will now generate a log file named WsInteAuthXXXXXX .log in your %TEMP% folder.
To enable communication via a proxy server, one of the SPECIAL flags needs to be changed as follows:
[MAGIC_SPECIALS]
IntegratedAuthenticationJvmArgs=-Dhttp.proxyHost=Proxy server IP -Dhttp.proxyPort=Proxy Server port -Djava.security.auth.login.config=jaasconfig.conf -Dsun.security.jgss.debug=true -Dsun.security.krb5.debug=true