How to provide ntlm authentication while calling any url?

Question

I have a hosted url which authenticates using ntlm (windows Integrated authentication). I am on windows and using java 1.8

URL url = new URL(\"someUrl\");
Ht         


        

Answer 1

In Java release notes it is not mentioned anywhere but there is a change in NTLM authentication implementation. I have debugged the java code and arrived at following In java.home/lib there is file net.properties which now mentions following

#
# Transparent NTLM HTTP authentication mode on Windows. Transparent authentication
# can be used for the NTLM scheme, where the security credentials based on the
# currently logged in user's name and password can be obtained directly from the
# operating system, without prompting the user. This property has three possible
# values which regulate the behavior as shown below. Other unrecognized values
# are handled the same as 'disabled'. Note, that NTLM is not considered to be a
# strongly secure authentication scheme and care should be taken before enabling
# this mechanism.
#
# Transparent authentication never used.
#jdk.http.ntlm.transparentAuth=disabled
#
# Enabled for all hosts.
#jdk.http.ntlm.transparentAuth=allHosts
#
# Enabled for hosts that are trusted in Windows Internet settings
#jdk.http.ntlm.transparentAuth=trustedHosts
#
jdk.http.ntlm.transparentAuth=disabled

Till jdk1.8.0_181 there was a default NTLM authentication callback which was useful in NTLM authentication process.

To run the above code with jdk1.8.0_181 onward, all you need is to set jdk.http.ntlm.transparentAuth for your java process.

If you choose trustedHosts, make sure the URL is added in windows trusted site.