+ Start a Discussion

HTTP Callout to a Windows based server with a domain



I am trying to execute a Http Callout to a webservice that is with windows machine and the credentials were given to me as domain\username



I wrote a simple http callout as mentioned in the docs. Did the base 64 thing for username:pwd but I keep getting

HttpResponse[Status=Unauthorized, StatusCode=401]


I tried to put domain as domain\username, domain:username:password with other combinations of moving domain first and last but nothing seems to work.


I have my authorizationheader set as follows


    Blob headerValue = Blob.valueOf(username + ':' + password);
    String authorizationHeader = 'NTLM ' +   EncodingUtil.base64Encode(headerValue);


I tried BASIC above and then tried NTLM too but with same result.


Any help is greatly appreciated.




When I printed the response headers I noticed the following


15:01:02.509|USER_DEBUG|[25]|DEBUG| -- > WWW-Authenticate : NTLM;Negotiate


Does this mean the server is using NTLM? If so what do I have to do?




No ONE really? No one knows?


I haven't looked in a long time, but the NTLM over HTTP protocol didn't used to be doc'd by microsoft. (it might be now). Try starting with this http://www.innovation.ch/personal/ronald/ntlm.html you may want to investigate having the sever support alternative authentication schemes.


Ok Thanks. I went through every link out there and there are some libraries out there that support the NTLM authentication. 


Following are a couple below. Apache Axis and Luigi Dragone has something that supports this but my question how the heck do I use it in SF? It is not like I can drop a jar in the cloud and get going?




So what options do I have?


It is a 2 step authentication where the server returns a nonce after first rejecting the authorization. The browser does the dance then by prompting the user for uid and pwd and then returning the nonce and credentials which then authenticates.


So how do we do it in Apex?





Has no one connected using NTLM from APEX?

Deepika GulatiDeepika Gulati

I think i am little late but i recently solved this issue. 
We had MSD-SFDC integration where a SOAP Service was exposed on Nav2013 server. 

The mode of authentication used was NTLM authentication. 

I downloaded the classes from the below package in my org for Encryption of user name and password : 

For integration, we made a HTTP call : 
        MSDCredentials__c mc = MSDCredentials__c.getValues('MSD Credentials');
        String username = mc.Domain__c + '\\' + mc.Username__c;
        String password = mc.Password__c;  
        HttpClient httpObj = new HttpClient(username,password,True);
        MSDIntegrationURL__c urlVar; 

        HttpRequest req = new HttpRequest();
        String body = createXMLRequest(request);    

        String ep;
        ep = urlVar.EndPointURL__c;
        Map<String,String> headerMap = new Map<String,String>();

        Httpresponse res = new Httpresponse();
        res = httpObj.send(req,headerMap);

The SOAP Action can be obtained from RAW request in SOAP UI client.

Let me know if this helps. 


Aman Verma 45Aman Verma 45
@Deepika Gulati
Thanks for the post .
If i am using it with GET method it is throwing error and status as unauthorised.