How to Request an External JSON URL From Within Java Servlet or Class When the JSON URL sits behind NTLM Authentication On Another Server/Domain

Question

Accessing the following JSON URL from within the web browser is simple on a Windows machine as this pops up an authentication box asking for the username and password which when entered displays the JSON data correctly.

www.json-behind-ntlm-authentication.com/view-data 

I am now trying to move this into a Java Servlet.

I have tested the HttpClient library, http://hc.apache.org, and every example I have tried from their documentation, doesn't work. Most of the code I've tried doesn't even compile correctly.

I have also tested Jsoup, https://jsoup.org/, as that is a very good library for web scraping, but this doesn't seem to support accessing pages behind NTLM authentication.

I have also tested the code found here, https://blogs.msdn.microsoft.com/freddyk/2010/01/19/connecting-to-nav-web-services-from-java/, which is the only code sample I can find related to accessing a JSON URL that sits behind NTLM authentication. This is actually what I'm looking to achieve, a Java web application accessing Microsoft Nav data through their web services - and even this official example doesn't compile.

Any pointers / options? There must be a Java library somewhere that has this problem solved? The access is currently over HTTP, but ultimately is going to be over SSL for security reasons, so any solution must also support SSL handshakes.

I would really like not to build a separate C# application using LINQ, https://blogs.msdn.microsoft.com/freddyk/2009/04/20/using-linq-with-nav-web-services/, which I would hope works, but I'm not hopeful that the C# example would work in this scenario based on the Java examples not compiling.

UPDATE

After an awful lot of searching, I've found the following code below which seems to be close to working, but not quite - See the comments in the code where this is breaking. Thanks for the pointers in the comments already.

DefaultHttpClient httpclient = new DefaultHttpClient();
            List<String> authpref = new ArrayList<String>();
            authpref.add(AuthPolicy.NTLM);
            httpclient.getParams().setParameter(AuthPNames.TARGET_AUTH_PREF, authpref); //ERROR - This causes an error: java.lang.VerifyError: Cannot inherit from final class
            NTCredentials creds = new NTCredentials(username, password, "", domain);
            httpclient.getCredentialsProvider().setCredentials(AuthScope.ANY, creds);
            HttpHost target = new HttpHost(baseURL);
            // Make sure the same context is used to execute logically related requests
            HttpContext localContext = new BasicHttpContext();
            // Execute a cheap method first. This will trigger NTLM authentication
            HttpGet httpget = new HttpGet(baseURL);
            HttpResponse response1 = httpclient.execute(target, httpget, localContext); //ERROR - This line is throwing an error: java.lang.VerifyError: Cannot inherit from final class
            HttpEntity entity = response1.getEntity();
            System.out.println(EntityUtils.toString(entity));

I'm still unsure how to actually solve this problem. Any additional pointers?

Answer 1

org.apache.http.auth has NTCredentials which you can use in a HttpComponentsMessageSender in a spring boot @Configuration

HttpComponentsMessageSender httpComponentsMessageSender = new HttpComponentsMessageSender(); NTCredentials credentials = new NTCredentials("username", "password", null, "domain");