NTLMv1 / NTLMv2 — Authentication through WSO2 ESB 4.9.0
30 min readDec 17, 2023
[Article moved from ajanthane.blogspot.com]
This article explains how we can invoke a backend which is secured by NTLMv1 / NTLMv2 through WSO2 ESB 4.9.0. Currently in WSO2 ESB, there is no OOB solution to cater this requirement. Due to that we need to go with the custom class mediator solution, to achieve this.
Note: This blog use references from [1] and [2] for NTLMv1 authentication and uses the class mediator code extracted from the blog. Also used the help from this [3].
[1] http://www.dushantech.com/2015/05/ntlm-authentication-wso2-esb-developer.html
[2] http://randikatech.blogspot.com/2015/09/how-to-test-ntlm-mediator-in-wso2-esb.html
[3] http://devsac.blogspot.com/2010/10/supoprt-for-ntlmv2-with-apache.html
Contents Included
1) What is NTLM? And it’s need?
2) NTLM versions
3) How NTLM works?
4) NTLM Message Types.
5) How to secure or create backend which supports NTLMv1 / NTLMv2?
6) Authenticating with NTLMv1 backend with WSO2 ESB 4.9.0
7) Authenticating with NTLMv2 backend with WSO2 ESB 4.9.0
8) Explanation on the Custom Class Mediators
1) What is NTLM? And it’s need?
NTLM is a challenge-response authentication protocol which uses three types of messages ( Type1, Type2 and Type3 ) to authenticate a client in a connection oriented environment, and there will be an additional message if integrity is desired.
If we look at what is challenge-response authentication protocol, take an example like below:
Client-1 tries to connect to a Web Server by providing his username and password, while this communication happens, if a hacker ( client-2 ) listening to the transport, then he can obtain the username and password and able to log into the web server ( This is called Man-in-Middle Attack ). To solve this problem, the challenge-response authentication protocol introduced. During the request from Client-1 to Server, the server will send a challenge, expecting a correct response back from Client-1. Client-1 should use the shared secret key to find the exact reponse to the challenge. If the Client-1 couldn’t send the correct challenge response, the authentication will fail.
The Microsoft Kerberos security package adds greater security than NTLM to systems on a network. Although Microsoft Kerberos is the protocol of choice, NTLM is still supported. NTLM must also be used for logon authentication on stand-alone systems.
2) NTLM versions
NTLMv1 and NTLMv2 available and NTLMv2 is cryptographically strengthened update of NTLMv1.
3) How NTLM works?
1) A user accesses a client computer and provides a domain name, user name, and password.
2) The client computes a cryptographic hash of the password and discards the actual password.
3) The client sends the user name to the server (in plaintext).
4), 5) The server generates a 16-byte random number, called a challenge or nonce, and sends it to the client.
6), 7) The client encrypts this challenge with the hash of the user’s password and returns the result to the server. This is called the response.
8) The server sends the following three items to the domain controller:
- User name
- Challenge sent to the client
- Response received from the client
9) The domain controller uses the user name to retrieve the hash of the user’s password from the Security Account Manager database.
10) It uses this password hash to encrypt the challenge.
11) The domain controller compares the encrypted challenge it computed to the response computed by the client.
12) If they are identical, authentication is successful.
4) NTLM Message Types?
- Type1 Message — The Type 1 message is sent from the client to the server to initiate NTLM authentication.
- Type2 Message — The Type 2 message is sent by the server to the client in response to the client’s type1 message. It serves to complete the negotiation of options with the client, and also provides a challenge to the client.
- Type3 Message -The Type 3 message is the final step in authentication. This message contains the clients’ responses to the Type 2 challenge, which demonstrate that the client has knowledge of the account password without sending the password directly.
5) How to secure or create backend which supports NTLMv1 / NTLMv2?
NTLMV1 Back end Preparation
- Set the Windows authentication to service and enable NTLM.
- Set the Network security: LAN Manager authentication level
NTLMV2 Back end Preparartion
In our test case, to enable the NTLMv2 in Backend Service done the below:
- Set the Windows authentication to service and enable NTLM.
- Set the Network security: LAN Manager authentication level -> Send NTLMv2 response only. Refuse LM & NTLM
- Set the Network security: Minimum session security for NTLM SSP based (including secure RPC) clients -> Require NTLMv2 session security
6) Authenticating with NTLMv1 backend with WSO2 ESB 4.9.0
Follow the below steps:
1) Download the CustomNTLMMediator-1.0.0.jar ( It also have source code ) from https://drive.google.com/file/d/0B-VAIXmh-0yeTGEzQkxNX0EwSnM/view?usp=sharing
2) Got to ESB_HOME/repository/components/dropins and put the jar.
3) Now start the ESB server.
4) Create a proxy service as below:
<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns="http://ws.apache.org/ns/synapse"
name="NTLMProxy"
transports="https,http"
statistics="disable"
trace="disable"
startOnLoad="true">
<target>
<inSequence>
<log level="custom">
<property name="STATUS"
value="-----------------------NTLMProxy Invoked-------------------------"/>
</log>
<class name="com.custom.ntlm.NTLMMediator">
<property name="username" value="Ajanthan"/>
<property name="host" value="192.168.1.3"/>
<property name="ntlmVersion" value="v1"/>
<property name="domain" value="Ajanthan-PC"/>
<property name="password" value="batticaloa"/>
</class>
<log level="custom">
<property name="STATUS"
value="-----------------------NTLMProxy Invoked [AFTER 1]-------------------------"/>
</log>
<class name="com.custom.ntlm.NTLMCalloutMediator">
<property name="serviceURL" value="http://192.168.1.3:9800/Service1.svc/test"/>
<property name="initAxis2ClientOptions" value="false"/>
<property name="action"
value="http://tempuri.org/IService1/ResponseFromNTLMservice"/>
</class>
<log level="custom">
<property name="STATUS"
value="-----------------------NTLMVProxy Invoked [AFTER 2]-------------------------"/>
</log>
<header name="To" action="remove"/>
<property name="RESPONSE" value="true" scope="default" type="STRING"/>
<property name="NO_ENTITY_BODY" scope="axis2" action="remove"/>
<send/>
</inSequence>
</target>
<description/>
</proxy>5) Now send a request to the proxy service. In my case the backend expects the request in the below format.
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns="http://tempuri.org/">
<soapenv:Header/>
<soapenv:Body>
<ResponseFromNTLMservice><message>Test for NTLMV2</message></ResponseFromNTLMservice>
</soapenv:Body>
</soapenv:Envelope>6) Now we can observe the below through the logs.
[2017-06-04 18:06:00,730] DEBUG - wire >> "POST /services/NTLMProxy HTTP/1.1[\r][\n]"
[2017-06-04 18:06:00,730] DEBUG - wire >> "Accept-Encoding: gzip,deflate[\r][\n]"
[2017-06-04 18:06:00,730] DEBUG - wire >> "Content-Type: text/xml;charset=UTF-8[\r][\n]"
[2017-06-04 18:06:00,730] DEBUG - wire >> "SOAPAction: "urn:mediate"[\r][\n]"
[2017-06-04 18:06:00,731] DEBUG - wire >> "Content-Length: 274[\r][\n]"
[2017-06-04 18:06:00,731] DEBUG - wire >> "Host: ajanthan-ThinkPad-T440p:8280[\r][\n]"
[2017-06-04 18:06:00,731] DEBUG - wire >> "Connection: Keep-Alive[\r][\n]"
[2017-06-04 18:06:00,731] DEBUG - wire >> "User-Agent: Apache-HttpClient/4.1.1 (java 1.5)[\r][\n]"
[2017-06-04 18:06:00,731] DEBUG - wire >> "[\r][\n]"
[2017-06-04 18:06:00,731] DEBUG - wire >> "<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns="http://tempuri.org/">[\n]"
[2017-06-04 18:06:00,731] DEBUG - wire >> " <soapenv:Header/>[\n]"
[2017-06-04 18:06:00,731] DEBUG - wire >> " <soapenv:Body>[\n]"
[2017-06-04 18:06:00,732] DEBUG - wire >> " <ResponseFromNTLMservice><message>Test for NTLMV2</message></ResponseFromNTLMservice>[\n]"
[2017-06-04 18:06:00,732] DEBUG - wire >> " </soapenv:Body>[\n]"
[2017-06-04 18:06:00,732] DEBUG - wire >> "</soapenv:Envelope>"
[2017-06-04 18:06:00,732] DEBUG - headers http-incoming-3 >> POST /services/NTLMProxy HTTP/1.1
[2017-06-04 18:06:00,732] DEBUG - headers http-incoming-3 >> Accept-Encoding: gzip,deflate
[2017-06-04 18:06:00,732] DEBUG - headers http-incoming-3 >> Content-Type: text/xml;charset=UTF-8
[2017-06-04 18:06:00,732] DEBUG - headers http-incoming-3 >> SOAPAction: "urn:mediate"
[2017-06-04 18:06:00,732] DEBUG - headers http-incoming-3 >> Content-Length: 274
[2017-06-04 18:06:00,733] DEBUG - headers http-incoming-3 >> Host: ajanthan-ThinkPad-T440p:8280
[2017-06-04 18:06:00,733] DEBUG - headers http-incoming-3 >> Connection: Keep-Alive
[2017-06-04 18:06:00,733] DEBUG - headers http-incoming-3 >> User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
[2017-06-04 18:06:00,734] INFO - LogMediator STATUS = -----------------------NTLMProxy Invoked-------------------------
[2017-06-04 18:06:00,735] DEBUG - NTLMMediator [NTLMMediator] mediate method Invoked.
[2017-06-04 18:06:00,735] DEBUG - NTLMMediator [NTLMMediator] NTLM version is: v1
[2017-06-04 18:06:00,735] INFO - LogMediator STATUS = -----------------------NTLMProxy Invoked [AFTER 1]-------------------------
[2017-06-04 18:06:00,735] DEBUG - NTLMCalloutMediator [NTLMCalloutMediator] mediate method Invoked.
[2017-06-04 18:06:00,736] DEBUG - NTLMCalloutMediator [NTLMCalloutMediator] Message : <?xml version='1.0' encoding='utf-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns="http://tempuri.org/"><soapenv:Body>
<ResponseFromNTLMservice><message>Test for NTLMV2</message></ResponseFromNTLMservice>
</soapenv:Body></soapenv:Envelope>
[2017-06-04 18:06:00,736] DEBUG - NTLMCalloutMediator [NTLMCalloutMediator] About to invoke service : http://192.168.1.3:9800/Service1.svc/test with action : http://tempuri.org/IService1/ResponseFromNTLMservice
[2017-06-04 18:06:00,736] DEBUG - NTLMCalloutMediator [NTLMCalloutMediator] Request message payload : <ResponseFromNTLMservice xmlns="http://tempuri.org/"><message>Test for NTLMV2</message></ResponseFromNTLMservice>
[2017-06-04 18:06:00,737] DEBUG - header >> "POST /Service1.svc/test HTTP/1.1[\r][\n]"
[2017-06-04 18:06:00,738] DEBUG - header >> "Content-Type: text/xml; charset=UTF-8[\r][\n]"
[2017-06-04 18:06:00,738] DEBUG - header >> "SOAPAction: "http://tempuri.org/IService1/ResponseFromNTLMservice"[\r][\n]"
[2017-06-04 18:06:00,738] DEBUG - header >> "User-Agent: Axis2[\r][\n]"
[2017-06-04 18:06:00,738] DEBUG - header >> "Host: 192.168.1.3:9800[\r][\n]"
[2017-06-04 18:06:00,738] DEBUG - header >> "Content-Length: 275[\r][\n]"
[2017-06-04 18:06:00,738] DEBUG - header >> "[\r][\n]"
[2017-06-04 18:06:00,738] DEBUG - content >> "<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Body><ResponseFromNTLMservice xmlns="http://tempuri.org/"><message>Test for NTLMV2</message></ResponseFromNTLMservice></soapenv:Body></soapenv:Envelope>"
[2017-06-04 18:06:00,741] DEBUG - header << "HTTP/1.1 401 Unauthorized[\r][\n]"
[2017-06-04 18:06:00,741] DEBUG - header << "HTTP/1.1 401 Unauthorized[\r][\n]"
[2017-06-04 18:06:00,741] DEBUG - header << "Server: Microsoft-IIS/7.5[\r][\n]"
[2017-06-04 18:06:00,741] DEBUG - header << "WWW-Authenticate: NTLM[\r][\n]"
[2017-06-04 18:06:00,742] DEBUG - header << "WWW-Authenticate: Negotiate[\r][\n]"
[2017-06-04 18:06:00,742] DEBUG - header << "X-Powered-By: ASP.NET[\r][\n]"
[2017-06-04 18:06:00,742] DEBUG - header << "Date: Sun, 04 Jun 2017 12:36:00 GMT[\r][\n]"
[2017-06-04 18:06:00,742] DEBUG - header << "Content-Length: 0[\r][\n]"
[2017-06-04 18:06:00,742] DEBUG - header << "[\r][\n]"
[2017-06-04 18:06:00,742] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] processChallenge Invoked.
[2017-06-04 18:06:00,743] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] NTLM Scheme Authentication Method Invoked.
[2017-06-04 18:06:00,743] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] The NTLM version going to use is: v1
[2017-06-04 18:06:00,743] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] Type1Message Generated.
[2017-06-04 18:06:00,744] DEBUG - header >> "POST /Service1.svc/test HTTP/1.1[\r][\n]"
[2017-06-04 18:06:00,744] DEBUG - header >> "Content-Type: text/xml; charset=UTF-8[\r][\n]"
[2017-06-04 18:06:00,744] DEBUG - header >> "SOAPAction: "http://tempuri.org/IService1/ResponseFromNTLMservice"[\r][\n]"
[2017-06-04 18:06:00,745] DEBUG - header >> "User-Agent: Axis2[\r][\n]"
[2017-06-04 18:06:00,745] DEBUG - header >> "Content-Length: 275[\r][\n]"
[2017-06-04 18:06:00,745] DEBUG - header >> "Authorization: NTLM TlRMTVNTUAABAAAAATIAAAsACwAgAAAACwALACsAAABBSkFOVEhBTi1QQzE5Mi4xNjguMS4z[\r][\n]"
[2017-06-04 18:06:00,745] DEBUG - header >> "Host: 192.168.1.3:9800[\r][\n]"
[2017-06-04 18:06:00,745] DEBUG - header >> "[\r][\n]"
[2017-06-04 18:06:00,745] DEBUG - content >> "<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Body><ResponseFromNTLMservice xmlns="http://tempuri.org/"><message>Test for NTLMV2</message></ResponseFromNTLMservice></soapenv:Body></soapenv:Envelope>"
[2017-06-04 18:06:00,746] DEBUG - header << "HTTP/1.1 401 Unauthorized[\r][\n]"
[2017-06-04 18:06:00,746] DEBUG - header << "HTTP/1.1 401 Unauthorized[\r][\n]"
[2017-06-04 18:06:00,746] DEBUG - header << "Content-Type: text/html; charset=us-ascii[\r][\n]"
[2017-06-04 18:06:00,746] DEBUG - header << "Server: Microsoft-HTTPAPI/2.0[\r][\n]"
[2017-06-04 18:06:00,746] DEBUG - header << "WWW-Authenticate: NTLM TlRMTVNTUAACAAAAFgAWADgAAAAFAoICOtlu8xZxJa4AAAAAAAAAAHgAeABOAAAABgGxHQAAAA9BAEoAQQBOAFQASABBAE4ALQBQAEMAAgAWAEEASgBBAE4AVABIAEEATgAtAFAAQwABABYAQQBKAEEATgBUAEgAQQBOAC0AUABDAAQAFgBBAGoAYQBuAHQAaABhAG4ALQBQAEMAAwAWAEEAagBhAG4AdABoAGEAbgAtAFAAQwAHAAgA7pmAHy/d0gEAAAAA[\r][\n]"
[2017-06-04 18:06:00,746] DEBUG - header << "Date: Sun, 04 Jun 2017 12:36:00 GMT[\r][\n]"
[2017-06-04 18:06:00,747] DEBUG - header << "Content-Length: 341[\r][\n]"
[2017-06-04 18:06:00,747] DEBUG - header << "[\r][\n]"
[2017-06-04 18:06:00,747] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] processChallenge Invoked.
[2017-06-04 18:06:00,747] DEBUG - content << "<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">[\r][\n]"
[2017-06-04 18:06:00,747] DEBUG - content << "<HTML><HEAD><TITLE>Not Authorized</TITLE>[\r][\n]"
[2017-06-04 18:06:00,747] DEBUG - content << "<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>[\r][\n]"
[2017-06-04 18:06:00,747] DEBUG - content << "<BODY><h2>Not Authorized</h2>[\r][\n]"
[2017-06-04 18:06:00,747] DEBUG - content << "<hr><p>HTTP Error 401. The requested resource requires user authentication.</p>[\r][\n]"
[2017-06-04 18:06:00,748] DEBUG - content << "</BODY></HTML>[\r][\n]"
[2017-06-04 18:06:00,748] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] NTLM Scheme Authentication Method Invoked.
[2017-06-04 18:06:00,748] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] The NTLM version going to use is: v1
[2017-06-04 18:06:00,748] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] Type2Message Received.
[2017-06-04 18:06:00,749] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] Type3Message Generated.
[2017-06-04 18:06:00,750] DEBUG - header >> "POST /Service1.svc/test HTTP/1.1[\r][\n]"
[2017-06-04 18:06:00,750] DEBUG - header >> "Content-Type: text/xml; charset=UTF-8[\r][\n]"
[2017-06-04 18:06:00,750] DEBUG - header >> "SOAPAction: "http://tempuri.org/IService1/ResponseFromNTLMservice"[\r][\n]"
[2017-06-04 18:06:00,751] DEBUG - header >> "User-Agent: Axis2[\r][\n]"
[2017-06-04 18:06:00,751] DEBUG - header >> "Content-Length: 275[\r][\n]"
[2017-06-04 18:06:00,751] DEBUG - header >> "Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAACoAKgAWAAAABYAFgAAAQAAEAAQABYBAAAWABYAJgEAAAAAAAAAAAAAAQIAAKZ9luKe90+LpOgSw9lffU2vSiZyCvErEh5tH7oelhHSAsVevrZ2OuUBAQAAAAAAANBBax8v3dIB8CX50x2JbE8AAAAAAgAWAEEASgBBAE4AVABIAEEATgAtAFAAQwABABYAQQBKAEEATgBUAEgAQQBOAC0AUABDAAQAFgBBAGoAYQBuAHQAaABhAG4ALQBQAEMAAwAWAEEAagBhAG4AdABoAGEAbgAtAFAAQwAHAAgA7pmAHy/d0gEAAAAAAAAAAEEAagBhAG4AdABoAGEAbgAtAFAAQwBBAGoAYQBuAHQAaABhAG4AMQA5ADIALgAxADYAOAAuADEALgAzAA==[\r][\n]"
[2017-06-04 18:06:00,751] DEBUG - header >> "Host: 192.168.1.3:9800[\r][\n]"
[2017-06-04 18:06:00,751] DEBUG - header >> "[\r][\n]"
[2017-06-04 18:06:00,751] DEBUG - content >> "<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Body><ResponseFromNTLMservice xmlns="http://tempuri.org/"><message>Test for NTLMV2</message></ResponseFromNTLMservice></soapenv:Body></soapenv:Envelope>"
[2017-06-04 18:06:00,753] DEBUG - header << "HTTP/1.1 200 OK[\r][\n]"
[2017-06-04 18:06:00,754] DEBUG - header << "HTTP/1.1 200 OK[\r][\n]"
[2017-06-04 18:06:00,754] DEBUG - header << "Content-Length: 290[\r][\n]"
[2017-06-04 18:06:00,754] DEBUG - header << "Content-Type: text/xml; charset=utf-8[\r][\n]"
[2017-06-04 18:06:00,754] DEBUG - header << "Server: Microsoft-IIS/7.5[\r][\n]"
[2017-06-04 18:06:00,754] DEBUG - header << "Persistent-Auth: true[\r][\n]"
[2017-06-04 18:06:00,754] DEBUG - header << "X-Powered-By: ASP.NET[\r][\n]"
[2017-06-04 18:06:00,754] DEBUG - header << "Date: Sun, 04 Jun 2017 12:36:00 GMT[\r][\n]"
[2017-06-04 18:06:00,754] DEBUG - header << "[\r][\n]"
[2017-06-04 18:06:00,755] DEBUG - content << "<"
[2017-06-04 18:06:00,755] DEBUG - content << "s:E"
[2017-06-04 18:06:00,755] DEBUG - content << "nvelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><ResponseFromNTLMserviceResponse xmlns="http://tempuri.org/"><ResponseFromNTLMserviceResult>Response from the NTLM Enabled Service</ResponseFromNTLMserviceResult></ResponseFromNTLMserviceResponse></s:Body></s:Envelope>"
[2017-06-04 18:06:00,755] DEBUG - NTLMCalloutMediator [NTLMCalloutMediator] Response payload received : <ResponseFromNTLMserviceResponse xmlns="http://tempuri.org/"><ResponseFromNTLMserviceResult>Response from the NTLM Enabled Service</ResponseFromNTLMserviceResult></ResponseFromNTLMserviceResponse>
[2017-06-04 18:06:00,756] DEBUG - NTLMCalloutMediator [NTLMCalloutMediator] mediate method invocation END.
[2017-06-04 18:06:00,756] INFO - LogMediator STATUS = -----------------------NTLMVProxy Invoked [AFTER 2]-------------------------
[2017-06-04 18:06:00,757] DEBUG - headers http-incoming-3 << HTTP/1.1 200 OK
[2017-06-04 18:06:00,757] DEBUG - headers http-incoming-3 << Host: ajanthan-ThinkPad-T440p:8280
[2017-06-04 18:06:00,757] DEBUG - headers http-incoming-3 << SOAPAction: "urn:mediate"
[2017-06-04 18:06:00,757] DEBUG - headers http-incoming-3 << Accept-Encoding: gzip,deflate
[2017-06-04 18:06:00,757] DEBUG - headers http-incoming-3 << Content-Type: text/xml;charset=UTF-8; charset=UTF-8
[2017-06-04 18:06:00,757] DEBUG - headers http-incoming-3 << Date: Sun, 04 Jun 2017 12:36:00 GMT
[2017-06-04 18:06:00,758] DEBUG - headers http-incoming-3 << Transfer-Encoding: chunked
[2017-06-04 18:06:00,758] DEBUG - headers http-incoming-3 << Connection: Keep-Alive
[2017-06-04 18:06:00,758] DEBUG - wire << "HTTP/1.1 200 OK[\r][\n]"
[2017-06-04 18:06:00,758] DEBUG - wire << "Host: ajanthan-ThinkPad-T440p:8280[\r][\n]"
[2017-06-04 18:06:00,758] DEBUG - wire << "SOAPAction: "urn:mediate"[\r][\n]"
[2017-06-04 18:06:00,758] DEBUG - wire << "Accept-Encoding: gzip,deflate[\r][\n]"
[2017-06-04 18:06:00,759] DEBUG - wire << "Content-Type: text/xml;charset=UTF-8; charset=UTF-8[\r][\n]"
[2017-06-04 18:06:00,759] DEBUG - wire << "Date: Sun, 04 Jun 2017 12:36:00 GMT[\r][\n]"
[2017-06-04 18:06:00,759] DEBUG - wire << "Transfer-Encoding: chunked[\r][\n]"
[2017-06-04 18:06:00,759] DEBUG - wire << "Connection: Keep-Alive[\r][\n]"
[2017-06-04 18:06:00,759] DEBUG - wire << "[\r][\n]"
[2017-06-04 18:06:00,759] DEBUG - wire << "18b[\r][\n]"
[2017-06-04 18:06:00,759] DEBUG - wire << "<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns="http://tempuri.org/">[\n]"
[2017-06-04 18:06:00,759] DEBUG - wire << " <soapenv:Header/>[\n]"
[2017-06-04 18:06:00,759] DEBUG - wire << " <soapenv:Body>[\n]"
[2017-06-04 18:06:00,760] DEBUG - wire << " [\n]"
[2017-06-04 18:06:00,760] DEBUG - wire << " <ResponseFromNTLMserviceResponse><ResponseFromNTLMserviceResult>Response from the NTLM Enabled Service</ResponseFromNTLMserviceResult></ResponseFromNTLMserviceResponse></soapenv:Body>[\n]"
[2017-06-04 18:06:00,760] DEBUG - wire << "</soapenv:Envelope>[\r][\n]"
[2017-06-04 18:06:00,760] DEBUG - wire << "0[\r][\n]"
[2017-06-04 18:06:00,760] DEBUG - wire << "[\r][\n]"7) For the failure checking just change the credential and check, we can get the below logs:
[2017-06-04 18:12:30,216] DEBUG - wire >> "POST /services/NTLMProxy HTTP/1.1[\r][\n]"
[2017-06-04 18:12:30,217] DEBUG - wire >> "Accept-Encoding: gzip,deflate[\r][\n]"
[2017-06-04 18:12:30,217] DEBUG - wire >> "Content-Type: text/xml;charset=UTF-8[\r][\n]"
[2017-06-04 18:12:30,217] DEBUG - wire >> "SOAPAction: "urn:mediate"[\r][\n]"
[2017-06-04 18:12:30,217] DEBUG - wire >> "Content-Length: 274[\r][\n]"
[2017-06-04 18:12:30,217] DEBUG - wire >> "Host: ajanthan-ThinkPad-T440p:8280[\r][\n]"
[2017-06-04 18:12:30,217] DEBUG - wire >> "Connection: Keep-Alive[\r][\n]"
[2017-06-04 18:12:30,217] DEBUG - wire >> "User-Agent: Apache-HttpClient/4.1.1 (java 1.5)[\r][\n]"
[2017-06-04 18:12:30,218] DEBUG - wire >> "[\r][\n]"
[2017-06-04 18:12:30,218] DEBUG - wire >> "<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns="http://tempuri.org/">[\n]"
[2017-06-04 18:12:30,218] DEBUG - wire >> " <soapenv:Header/>[\n]"
[2017-06-04 18:12:30,218] DEBUG - wire >> " <soapenv:Body>[\n]"
[2017-06-04 18:12:30,218] DEBUG - wire >> " <ResponseFromNTLMservice><message>Test for NTLMV2</message></ResponseFromNTLMservice>[\n]"
[2017-06-04 18:12:30,218] DEBUG - wire >> " </soapenv:Body>[\n]"
[2017-06-04 18:12:30,218] DEBUG - wire >> "</soapenv:Envelope>"
[2017-06-04 18:12:30,218] DEBUG - headers http-incoming-5 >> POST /services/NTLMProxy HTTP/1.1
[2017-06-04 18:12:30,219] DEBUG - headers http-incoming-5 >> Accept-Encoding: gzip,deflate
[2017-06-04 18:12:30,219] DEBUG - headers http-incoming-5 >> Content-Type: text/xml;charset=UTF-8
[2017-06-04 18:12:30,219] DEBUG - headers http-incoming-5 >> SOAPAction: "urn:mediate"
[2017-06-04 18:12:30,219] DEBUG - headers http-incoming-5 >> Content-Length: 274
[2017-06-04 18:12:30,219] DEBUG - headers http-incoming-5 >> Host: ajanthan-ThinkPad-T440p:8280
[2017-06-04 18:12:30,219] DEBUG - headers http-incoming-5 >> Connection: Keep-Alive
[2017-06-04 18:12:30,219] DEBUG - headers http-incoming-5 >> User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
[2017-06-04 18:12:30,221] INFO - LogMediator STATUS = -----------------------NTLMProxy Invoked-------------------------
[2017-06-04 18:12:30,221] DEBUG - NTLMMediator [NTLMMediator] mediate method Invoked.
[2017-06-04 18:12:30,221] DEBUG - NTLMMediator [NTLMMediator] NTLM version is: v1
[2017-06-04 18:12:30,221] INFO - LogMediator STATUS = -----------------------NTLMProxy Invoked [AFTER 1]-------------------------
[2017-06-04 18:12:30,221] DEBUG - NTLMCalloutMediator [NTLMCalloutMediator] mediate method Invoked.
[2017-06-04 18:12:30,222] DEBUG - NTLMCalloutMediator [NTLMCalloutMediator] Message : <?xml version='1.0' encoding='utf-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns="http://tempuri.org/"><soapenv:Body>
<ResponseFromNTLMservice><message>Test for NTLMV2</message></ResponseFromNTLMservice>
</soapenv:Body></soapenv:Envelope>
[2017-06-04 18:12:30,222] DEBUG - NTLMCalloutMediator [NTLMCalloutMediator] About to invoke service : http://192.168.1.3:9800/Service1.svc/test with action : http://tempuri.org/IService1/ResponseFromNTLMservice
[2017-06-04 18:12:30,222] DEBUG - NTLMCalloutMediator [NTLMCalloutMediator] Request message payload : <ResponseFromNTLMservice xmlns="http://tempuri.org/"><message>Test for NTLMV2</message></ResponseFromNTLMservice>
[2017-06-04 18:12:30,223] DEBUG - header >> "POST /Service1.svc/test HTTP/1.1[\r][\n]"
[2017-06-04 18:12:30,224] DEBUG - header >> "Content-Type: text/xml; charset=UTF-8[\r][\n]"
[2017-06-04 18:12:30,224] DEBUG - header >> "SOAPAction: "http://tempuri.org/IService1/ResponseFromNTLMservice"[\r][\n]"
[2017-06-04 18:12:30,224] DEBUG - header >> "User-Agent: Axis2[\r][\n]"
[2017-06-04 18:12:30,224] DEBUG - header >> "Host: 192.168.1.3:9800[\r][\n]"
[2017-06-04 18:12:30,224] DEBUG - header >> "Content-Length: 275[\r][\n]"
[2017-06-04 18:12:30,224] DEBUG - header >> "[\r][\n]"
[2017-06-04 18:12:30,224] DEBUG - content >> "<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Body><ResponseFromNTLMservice xmlns="http://tempuri.org/"><message>Test for NTLMV2</message></ResponseFromNTLMservice></soapenv:Body></soapenv:Envelope>"
[2017-06-04 18:12:30,226] DEBUG - header << "HTTP/1.1 401 Unauthorized[\r][\n]"
[2017-06-04 18:12:30,226] DEBUG - header << "HTTP/1.1 401 Unauthorized[\r][\n]"
[2017-06-04 18:12:30,226] DEBUG - header << "Server: Microsoft-IIS/7.5[\r][\n]"
[2017-06-04 18:12:30,227] DEBUG - header << "WWW-Authenticate: NTLM[\r][\n]"
[2017-06-04 18:12:30,227] DEBUG - header << "WWW-Authenticate: Negotiate[\r][\n]"
[2017-06-04 18:12:30,227] DEBUG - header << "X-Powered-By: ASP.NET[\r][\n]"
[2017-06-04 18:12:30,227] DEBUG - header << "Date: Sun, 04 Jun 2017 12:42:30 GMT[\r][\n]"
[2017-06-04 18:12:30,227] DEBUG - header << "Content-Length: 0[\r][\n]"
[2017-06-04 18:12:30,227] DEBUG - header << "[\r][\n]"
[2017-06-04 18:12:30,227] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] processChallenge Invoked.
[2017-06-04 18:12:30,228] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] NTLM Scheme Authentication Method Invoked.
[2017-06-04 18:12:30,228] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] The NTLM version going to use is: v1
[2017-06-04 18:12:30,228] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] Type1Message Generated.
[2017-06-04 18:12:30,229] DEBUG - header >> "POST /Service1.svc/test HTTP/1.1[\r][\n]"
[2017-06-04 18:12:30,230] DEBUG - header >> "Content-Type: text/xml; charset=UTF-8[\r][\n]"
[2017-06-04 18:12:30,230] DEBUG - header >> "SOAPAction: "http://tempuri.org/IService1/ResponseFromNTLMservice"[\r][\n]"
[2017-06-04 18:12:30,230] DEBUG - header >> "User-Agent: Axis2[\r][\n]"
[2017-06-04 18:12:30,230] DEBUG - header >> "Content-Length: 275[\r][\n]"
[2017-06-04 18:12:30,230] DEBUG - header >> "Authorization: NTLM TlRMTVNTUAABAAAAATIAAAsACwAgAAAACwALACsAAABBSkFOVEhBTi1QQzE5Mi4xNjguMS4z[\r][\n]"
[2017-06-04 18:12:30,231] DEBUG - header >> "Host: 192.168.1.3:9800[\r][\n]"
[2017-06-04 18:12:30,231] DEBUG - header >> "[\r][\n]"
[2017-06-04 18:12:30,231] DEBUG - content >> "<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Body><ResponseFromNTLMservice xmlns="http://tempuri.org/"><message>Test for NTLMV2</message></ResponseFromNTLMservice></soapenv:Body></soapenv:Envelope>"
[2017-06-04 18:12:30,233] DEBUG - header << "HTTP/1.1 401 Unauthorized[\r][\n]"
[2017-06-04 18:12:30,233] DEBUG - header << "HTTP/1.1 401 Unauthorized[\r][\n]"
[2017-06-04 18:12:30,233] DEBUG - header << "Content-Type: text/html; charset=us-ascii[\r][\n]"
[2017-06-04 18:12:30,233] DEBUG - header << "Server: Microsoft-HTTPAPI/2.0[\r][\n]"
[2017-06-04 18:12:30,233] DEBUG - header << "WWW-Authenticate: NTLM TlRMTVNTUAACAAAAFgAWADgAAAAFAoICfq1GpPAvChsAAAAAAAAAAHgAeABOAAAABgGxHQAAAA9BAEoAQQBOAFQASABBAE4ALQBQAEMAAgAWAEEASgBBAE4AVABIAEEATgAtAFAAQwABABYAQQBKAEEATgBUAEgAQQBOAC0AUABDAAQAFgBBAGoAYQBuAHQAaABhAG4ALQBQAEMAAwAWAEEAagBhAG4AdABoAGEAbgAtAFAAQwAHAAgAVDOnBzDd0gEAAAAA[\r][\n]"
[2017-06-04 18:12:30,234] DEBUG - header << "Date: Sun, 04 Jun 2017 12:42:30 GMT[\r][\n]"
[2017-06-04 18:12:30,234] DEBUG - header << "Content-Length: 341[\r][\n]"
[2017-06-04 18:12:30,234] DEBUG - header << "[\r][\n]"
[2017-06-04 18:12:30,234] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] processChallenge Invoked.
[2017-06-04 18:12:30,234] DEBUG - content << "<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">[\r][\n]"
[2017-06-04 18:12:30,234] DEBUG - content << "<HTML><HEAD><TITLE>Not Authorized</TITLE>[\r][\n]"
[2017-06-04 18:12:30,234] DEBUG - content << "<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>[\r][\n]"
[2017-06-04 18:12:30,234] DEBUG - content << "<BODY><h2>Not Authorized</h2>[\r][\n]"
[2017-06-04 18:12:30,235] DEBUG - content << "<hr><p>HTTP Error 401. The requested resource requires user authentication.</p>[\r][\n]"
[2017-06-04 18:12:30,235] DEBUG - content << "</BODY></HTML>[\r][\n]"
[2017-06-04 18:12:30,235] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] NTLM Scheme Authentication Method Invoked.
[2017-06-04 18:12:30,235] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] The NTLM version going to use is: v1
[2017-06-04 18:12:30,235] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] Type2Message Received.
[2017-06-04 18:12:30,236] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] Type3Message Generated.
[2017-06-04 18:12:30,237] DEBUG - header >> "POST /Service1.svc/test HTTP/1.1[\r][\n]"
[2017-06-04 18:12:30,237] DEBUG - header >> "Content-Type: text/xml; charset=UTF-8[\r][\n]"
[2017-06-04 18:12:30,238] DEBUG - header >> "SOAPAction: "http://tempuri.org/IService1/ResponseFromNTLMservice"[\r][\n]"
[2017-06-04 18:12:30,238] DEBUG - header >> "User-Agent: Axis2[\r][\n]"
[2017-06-04 18:12:30,238] DEBUG - header >> "Content-Length: 275[\r][\n]"
[2017-06-04 18:12:30,238] DEBUG - header >> "Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAACoAKgAWAAAABYAFgAAAQAAEgASABYBAAAWABYAKAEAAAAAAAAAAAAAAQIAAPJFC7FMLVEAsdcqdXzngPH/gRIIw8RI1wL8jsIG8iQIerHQu8Wvh9gBAQAAAAAAAMBBkgcw3dIBMht4j/WR6loAAAAAAgAWAEEASgBBAE4AVABIAEEATgAtAFAAQwABABYAQQBKAEEATgBUAEgAQQBOAC0AUABDAAQAFgBBAGoAYQBuAHQAaABhAG4ALQBQAEMAAwAWAEEAagBhAG4AdABoAGEAbgAtAFAAQwAHAAgAVDOnBzDd0gEAAAAAAAAAAEEAagBhAG4AdABoAGEAbgAtAFAAQwBBAGoAYQBuAHQAaABhAG4AMQAxADkAMgAuADEANgA4AC4AMQAuADMA[\r][\n]"
[2017-06-04 18:12:30,238] DEBUG - header >> "Host: 192.168.1.3:9800[\r][\n]"
[2017-06-04 18:12:30,238] DEBUG - header >> "[\r][\n]"
[2017-06-04 18:12:30,238] DEBUG - content >> "<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Body><ResponseFromNTLMservice xmlns="http://tempuri.org/"><message>Test for NTLMV2</message></ResponseFromNTLMservice></soapenv:Body></soapenv:Envelope>"
[2017-06-04 18:12:30,240] DEBUG - header << "HTTP/1.1 401 Unauthorized[\r][\n]"
[2017-06-04 18:12:30,240] DEBUG - header << "HTTP/1.1 401 Unauthorized[\r][\n]"
[2017-06-04 18:12:30,240] DEBUG - header << "Content-Type: text/html[\r][\n]"
[2017-06-04 18:12:30,240] DEBUG - header << "Server: Microsoft-IIS/7.5[\r][\n]"
[2017-06-04 18:12:30,241] DEBUG - header << "WWW-Authenticate: NTLM[\r][\n]"
[2017-06-04 18:12:30,241] DEBUG - header << "WWW-Authenticate: Negotiate[\r][\n]"
[2017-06-04 18:12:30,241] DEBUG - header << "X-Powered-By: ASP.NET[\r][\n]"
[2017-06-04 18:12:30,241] DEBUG - header << "Date: Sun, 04 Jun 2017 12:42:30 GMT[\r][\n]"
[2017-06-04 18:12:30,241] DEBUG - header << "Content-Length: 1293[\r][\n]"
[2017-06-04 18:12:30,241] DEBUG - header << "[\r][\n]"
[2017-06-04 18:12:30,241] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] processChallenge Invoked.
[2017-06-04 18:12:30,242] DEBUG - content << "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">[\r][\n]"
[2017-06-04 18:12:30,242] DEBUG - content << "<html xmlns="http://www.w3.org/1999/xhtml">[\r][\n]"
[2017-06-04 18:12:30,242] DEBUG - content << "<head>[\r][\n]"
[2017-06-04 18:12:30,242] DEBUG - content << "<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>[\r][\n]"
[2017-06-04 18:12:30,242] DEBUG - content << "<title>401 - Unauthorized: Access is denied due to invalid credentials.</title>[\r][\n]"
[2017-06-04 18:12:30,242] DEBUG - content << "<style type="text/css">[\r][\n]"
[2017-06-04 18:12:30,242] DEBUG - content << "<!--[\r][\n]"
[2017-06-04 18:12:30,242] DEBUG - content << "body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}[\r][\n]"
[2017-06-04 18:12:30,242] DEBUG - content << "fieldset{padding:0 15px 10px 15px;} [\r][\n]"
[2017-06-04 18:12:30,243] DEBUG - content << "h1{font-size:2.4em;margin:0;color:#FFF;}[\r][\n]"
[2017-06-04 18:12:30,243] DEBUG - content << "h2{font-size:1.7em;margin:0;color:#CC0000;} [\r][\n]"
[2017-06-04 18:12:30,243] DEBUG - content << "h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} [\r][\n]"
[2017-06-04 18:12:30,243] DEBUG - content << "#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;[\r][\n]"
[2017-06-04 18:12:30,243] DEBUG - content << "background-color:#555555;}[\r][\n]"
[2017-06-04 18:12:30,243] DEBUG - content << "#content{margin:0 0 0 2%;position:relative;}[\r][\n]"
[2017-06-04 18:12:30,243] DEBUG - content << ".content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}[\r][\n]"
[2017-06-04 18:12:30,243] DEBUG - content << "-->[\r][\n]"
[2017-06-04 18:12:30,244] DEBUG - content << "</style>[\r][\n]"
[2017-06-04 18:12:30,244] DEBUG - content << "</head>[\r][\n]"
[2017-06-04 18:12:30,244] DEBUG - content << "<body>[\r][\n]"
[2017-06-04 18:12:30,244] DEBUG - content << "<div id="header"><h1>Server Error</h1></div>[\r][\n]"
[2017-06-04 18:12:30,244] DEBUG - content << "<div id="content">[\r][\n]"
[2017-06-04 18:12:30,244] DEBUG - content << " <div cla"
[2017-06-04 18:12:30,244] DEBUG - content << "ss="content-container"><fieldset>[\r][\n]"
[2017-06-04 18:12:30,245] DEBUG - content << " <h2>401 - Unauthorized: Access is denied due to invalid credentials.</h2>[\r][\n]"
[2017-06-04 18:12:30,245] DEBUG - content << " <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>[\r][\n]"
[2017-06-04 18:12:30,245] DEBUG - content << " </fieldset></div>[\r][\n]"
[2017-06-04 18:12:30,245] DEBUG - content << "</div>[\r][\n]"
[2017-06-04 18:12:30,245] DEBUG - content << "</body>[\r][\n]"
[2017-06-04 18:12:30,246] DEBUG - content << "</html>[\r][\n]"
[2017-06-04 18:12:30,246] INFO - HTTPSender Unable to sendViaPost to url[http://192.168.1.3:9800/Service1.svc/test]
org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized
at org.apache.axis2.transport.http.HTTPSender.handleResponse(HTTPSender.java:331)
at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:196)
at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:451)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:278)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:430)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:554)
at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:530)
at com.custom.ntlm.NTLMCalloutMediator.mediate(NTLMCalloutMediator.java:95)
at org.apache.synapse.mediators.ext.ClassMediator.mediate(ClassMediator.java:78)
at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:81)
at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:48)
at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:149)
at org.apache.synapse.core.axis2.ProxyServiceMessageReceiver.receive(ProxyServiceMessageReceiver.java:185)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:395)
at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:142)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
[2017-06-04 18:12:30,250] INFO - LogMediator To: http://192.168.1.3:9800/Service1.svc/test, WSAction: http://tempuri.org/IService1/ResponseFromNTLMservice, SOAPAction: http://tempuri.org/IService1/ResponseFromNTLMservice, MessageID: urn:uuid:15e6a340-812c-4ece-8ccc-d73817855e28, Direction: request, MESSAGE = Executing default 'fault' sequence, ERROR_CODE = 401000, ERROR_MESSAGE = [NTLMCalloutMediator] Error while performing the callout operation, Envelope: <?xml version='1.0' encoding='utf-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns="http://tempuri.org/"><soapenv:Body>
</soapenv:Body></soapenv:Envelope>
[2017-06-04 18:12:30,250] DEBUG - headers http-incoming-5 << HTTP/1.1 202 Accepted
[2017-06-04 18:12:30,251] DEBUG - headers http-incoming-5 << Date: Sun, 04 Jun 2017 12:42:30 GMT
[2017-06-04 18:12:30,251] DEBUG - headers http-incoming-5 << Transfer-Encoding: chunked
[2017-06-04 18:12:30,251] DEBUG - headers http-incoming-5 << Connection: Keep-Alive
[2017-06-04 18:12:30,251] DEBUG - wire << "HTTP/1.1 202 Accepted[\r][\n]"
[2017-06-04 18:12:30,251] DEBUG - wire << "Date: Sun, 04 Jun 2017 12:42:30 GMT[\r][\n]"
[2017-06-04 18:12:30,252] DEBUG - wire << "Transfer-Encoding: chunked[\r][\n]"
[2017-06-04 18:12:30,252] DEBUG - wire << "Connection: Keep-Alive[\r][\n]"
[2017-06-04 18:12:30,252] DEBUG - wire << "[\r][\n]"
[2017-06-04 18:12:30,252] DEBUG - wire << "0[\r][\n]"
[2017-06-04 18:12:30,252] DEBUG - wire << "[\r][\n]"7) Authenticating with NTLMv2 backend with WSO2 ESB 4.9.0
After configuring the backend as mentioned in above, to authenticate using NTLMV2, you just need to change the ntlmVersion property in the proxy service. The updated proxy service is as below.
<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns="http://ws.apache.org/ns/synapse"
name="NTLMProxy"
transports="https,http"
statistics="disable"
trace="disable"
startOnLoad="true">
<target>
<inSequence>
<log level="custom">
<property name="STATUS"
value="-----------------------NTLMProxy Invoked-------------------------"/>
</log>
<class name="com.custom.ntlm.NTLMMediator">
<property name="username" value="Ajanthan"/>
<property name="host" value="192.168.1.3"/>
<property name="ntlmVersion" value="v2"/>
<property name="domain" value="Ajanthan-PC"/>
<property name="password" value="batticaloa"/>
</class>
<log level="custom">
<property name="STATUS"
value="-----------------------NTLMProxy Invoked [AFTER 1]-------------------------"/>
</log>
<class name="com.custom.ntlm.NTLMCalloutMediator">
<property name="serviceURL" value="http://192.168.1.3:9800/Service1.svc/test"/>
<property name="initAxis2ClientOptions" value="false"/>
<property name="action"
value="http://tempuri.org/IService1/ResponseFromNTLMservice"/>
</class>
<log level="custom">
<property name="STATUS"
value="-----------------------NTLMVProxy Invoked [AFTER 2]-------------------------"/>
</log>
<header name="To" action="remove"/>
<property name="RESPONSE" value="true" scope="default" type="STRING"/>
<property name="NO_ENTITY_BODY" scope="axis2" action="remove"/>
<send/>
</inSequence>
</target>
<description/>
</proxy>Now when we check a successful scenario, the logs will be as below:
[2017-06-04 17:59:32,680] DEBUG - wire >> "POST /services/NTLMProxy HTTP/1.1[\r][\n]"
[2017-06-04 17:59:32,680] DEBUG - wire >> "Accept-Encoding: gzip,deflate[\r][\n]"
[2017-06-04 17:59:32,680] DEBUG - wire >> "Content-Type: text/xml;charset=UTF-8[\r][\n]"
[2017-06-04 17:59:32,680] DEBUG - wire >> "SOAPAction: "urn:mediate"[\r][\n]"
[2017-06-04 17:59:32,680] DEBUG - wire >> "Content-Length: 274[\r][\n]"
[2017-06-04 17:59:32,680] DEBUG - wire >> "Host: ajanthan-ThinkPad-T440p:8280[\r][\n]"
[2017-06-04 17:59:32,680] DEBUG - wire >> "Connection: Keep-Alive[\r][\n]"
[2017-06-04 17:59:32,681] DEBUG - wire >> "User-Agent: Apache-HttpClient/4.1.1 (java 1.5)[\r][\n]"
[2017-06-04 17:59:32,681] DEBUG - wire >> "[\r][\n]"
[2017-06-04 17:59:32,681] DEBUG - wire >> "<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns="http://tempuri.org/">[\n]"
[2017-06-04 17:59:32,681] DEBUG - wire >> " <soapenv:Header/>[\n]"
[2017-06-04 17:59:32,681] DEBUG - wire >> " <soapenv:Body>[\n]"
[2017-06-04 17:59:32,681] DEBUG - wire >> " <ResponseFromNTLMservice><message>Test for NTLMV2</message></ResponseFromNTLMservice>[\n]"
[2017-06-04 17:59:32,681] DEBUG - wire >> " </soapenv:Body>[\n]"
[2017-06-04 17:59:32,681] DEBUG - wire >> "</soapenv:Envelope>"
[2017-06-04 17:59:32,684] DEBUG - headers http-incoming-1 >> POST /services/NTLMProxy HTTP/1.1
[2017-06-04 17:59:32,684] DEBUG - headers http-incoming-1 >> Accept-Encoding: gzip,deflate
[2017-06-04 17:59:32,684] DEBUG - headers http-incoming-1 >> Content-Type: text/xml;charset=UTF-8
[2017-06-04 17:59:32,685] DEBUG - headers http-incoming-1 >> SOAPAction: "urn:mediate"
[2017-06-04 17:59:32,685] DEBUG - headers http-incoming-1 >> Content-Length: 274
[2017-06-04 17:59:32,685] DEBUG - headers http-incoming-1 >> Host: ajanthan-ThinkPad-T440p:8280
[2017-06-04 17:59:32,685] DEBUG - headers http-incoming-1 >> Connection: Keep-Alive
[2017-06-04 17:59:32,685] DEBUG - headers http-incoming-1 >> User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
[2017-06-04 17:59:32,728] INFO - LogMediator STATUS = -----------------------NTLMProxy Invoked-------------------------
[2017-06-04 17:59:32,729] DEBUG - NTLMMediator [NTLMMediator] mediate method Invoked.
[2017-06-04 17:59:32,730] DEBUG - NTLMMediator [NTLMMediator] NTLM version is: v2
[2017-06-04 17:59:32,730] INFO - LogMediator STATUS = -----------------------NTLMProxy Invoked [AFTER 1]-------------------------
[2017-06-04 17:59:32,730] DEBUG - NTLMCalloutMediator [NTLMCalloutMediator] mediate method Invoked.
[2017-06-04 17:59:32,731] DEBUG - NTLMCalloutMediator [NTLMCalloutMediator] Message : <?xml version='1.0' encoding='utf-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns="http://tempuri.org/"><soapenv:Body>
<ResponseFromNTLMservice><message>Test for NTLMV2</message></ResponseFromNTLMservice>
</soapenv:Body></soapenv:Envelope>
[2017-06-04 17:59:32,739] DEBUG - NTLMCalloutMediator [NTLMCalloutMediator] About to invoke service : http://192.168.1.3:9800/Service1.svc/test with action : http://tempuri.org/IService1/ResponseFromNTLMservice
[2017-06-04 17:59:32,739] DEBUG - NTLMCalloutMediator [NTLMCalloutMediator] Request message payload : <ResponseFromNTLMservice xmlns="http://tempuri.org/"><message>Test for NTLMV2</message></ResponseFromNTLMservice>
[2017-06-04 17:59:32,770] DEBUG - header >> "POST /Service1.svc/test HTTP/1.1[\r][\n]"
[2017-06-04 17:59:32,778] DEBUG - header >> "Content-Type: text/xml; charset=UTF-8[\r][\n]"
[2017-06-04 17:59:32,779] DEBUG - header >> "SOAPAction: "http://tempuri.org/IService1/ResponseFromNTLMservice"[\r][\n]"
[2017-06-04 17:59:32,779] DEBUG - header >> "User-Agent: Axis2[\r][\n]"
[2017-06-04 17:59:32,779] DEBUG - header >> "Host: 192.168.1.3:9800[\r][\n]"
[2017-06-04 17:59:32,779] DEBUG - header >> "Content-Length: 275[\r][\n]"
[2017-06-04 17:59:32,779] DEBUG - header >> "[\r][\n]"
[2017-06-04 17:59:32,780] DEBUG - content >> "<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Body><ResponseFromNTLMservice xmlns="http://tempuri.org/"><message>Test for NTLMV2</message></ResponseFromNTLMservice></soapenv:Body></soapenv:Envelope>"
[2017-06-04 17:59:32,782] DEBUG - header << "HTTP/1.1 401 Unauthorized[\r][\n]"
[2017-06-04 17:59:32,783] DEBUG - header << "HTTP/1.1 401 Unauthorized[\r][\n]"
[2017-06-04 17:59:32,783] DEBUG - header << "Server: Microsoft-IIS/7.5[\r][\n]"
[2017-06-04 17:59:32,784] DEBUG - header << "WWW-Authenticate: NTLM[\r][\n]"
[2017-06-04 17:59:32,785] DEBUG - header << "WWW-Authenticate: Negotiate[\r][\n]"
[2017-06-04 17:59:32,785] DEBUG - header << "X-Powered-By: ASP.NET[\r][\n]"
[2017-06-04 17:59:32,785] DEBUG - header << "Date: Sun, 04 Jun 2017 12:29:32 GMT[\r][\n]"
[2017-06-04 17:59:32,785] DEBUG - header << "Content-Length: 0[\r][\n]"
[2017-06-04 17:59:32,786] DEBUG - header << "[\r][\n]"
[2017-06-04 17:59:32,787] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] processChallenge Invoked.
[2017-06-04 17:59:32,788] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] NTLM Scheme Authentication Method Invoked.
[2017-06-04 17:59:32,788] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] The NTLM version going to use is: v2
[2017-06-04 17:59:32,794] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] Type1Message Generated.
[2017-06-04 17:59:32,798] DEBUG - header >> "POST /Service1.svc/test HTTP/1.1[\r][\n]"
[2017-06-04 17:59:32,798] DEBUG - header >> "Content-Type: text/xml; charset=UTF-8[\r][\n]"
[2017-06-04 17:59:32,798] DEBUG - header >> "SOAPAction: "http://tempuri.org/IService1/ResponseFromNTLMservice"[\r][\n]"
[2017-06-04 17:59:32,799] DEBUG - header >> "User-Agent: Axis2[\r][\n]"
[2017-06-04 17:59:32,799] DEBUG - header >> "Content-Length: 275[\r][\n]"
[2017-06-04 17:59:32,799] DEBUG - header >> "Authorization: NTLM TlRMTVNTUAABAAAAATIIAAsACwAgAAAACwALACsAAABBSkFOVEhBTi1QQzE5Mi4xNjguMS4z[\r][\n]"
[2017-06-04 17:59:32,799] DEBUG - header >> "Host: 192.168.1.3:9800[\r][\n]"
[2017-06-04 17:59:32,799] DEBUG - header >> "[\r][\n]"
[2017-06-04 17:59:32,799] DEBUG - content >> "<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Body><ResponseFromNTLMservice xmlns="http://tempuri.org/"><message>Test for NTLMV2</message></ResponseFromNTLMservice></soapenv:Body></soapenv:Envelope>"
[2017-06-04 17:59:32,801] DEBUG - header << "HTTP/1.1 401 Unauthorized[\r][\n]"
[2017-06-04 17:59:32,802] DEBUG - header << "HTTP/1.1 401 Unauthorized[\r][\n]"
[2017-06-04 17:59:32,802] DEBUG - header << "Content-Type: text/html; charset=us-ascii[\r][\n]"
[2017-06-04 17:59:32,802] DEBUG - header << "Server: Microsoft-HTTPAPI/2.0[\r][\n]"
[2017-06-04 17:59:32,802] DEBUG - header << "WWW-Authenticate: NTLM TlRMTVNTUAACAAAAFgAWADgAAAAFAooC+AYZ8i4QtJQAAAAAAAAAAHgAeABOAAAABgGxHQAAAA9BAEoAQQBOAFQASABBAE4ALQBQAEMAAgAWAEEASgBBAE4AVABIAEEATgAtAFAAQwABABYAQQBKAEEATgBUAEgAQQBOAC0AUABDAAQAFgBBAGoAYQBuAHQAaABhAG4ALQBQAEMAAwAWAEEAagBhAG4AdABoAGEAbgAtAFAAQwAHAAgA/KZDOC7d0gEAAAAA[\r][\n]"
[2017-06-04 17:59:32,802] DEBUG - header << "Date: Sun, 04 Jun 2017 12:29:32 GMT[\r][\n]"
[2017-06-04 17:59:32,803] DEBUG - header << "Content-Length: 341[\r][\n]"
[2017-06-04 17:59:32,804] DEBUG - header << "[\r][\n]"
[2017-06-04 17:59:32,804] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] processChallenge Invoked.
[2017-06-04 17:59:32,804] DEBUG - content << "<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">[\r][\n]"
[2017-06-04 17:59:32,804] DEBUG - content << "<HTML><HEAD><TITLE>Not Authorized</TITLE>[\r][\n]"
[2017-06-04 17:59:32,804] DEBUG - content << "<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>[\r][\n]"
[2017-06-04 17:59:32,804] DEBUG - content << "<BODY><h2>Not Authorized</h2>[\r][\n]"
[2017-06-04 17:59:32,805] DEBUG - content << "<hr><p>HTTP Error 401. The requested resource requires user authentication.</p>[\r][\n]"
[2017-06-04 17:59:32,805] DEBUG - content << "</BODY></HTML>[\r][\n]"
[2017-06-04 17:59:32,805] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] NTLM Scheme Authentication Method Invoked.
[2017-06-04 17:59:32,805] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] The NTLM version going to use is: v2
[2017-06-04 17:59:32,805] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] Type2Message Received.
[2017-06-04 17:59:32,880] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] Type3Message Generated.
[2017-06-04 17:59:32,881] DEBUG - header >> "POST /Service1.svc/test HTTP/1.1[\r][\n]"
[2017-06-04 17:59:32,882] DEBUG - header >> "Content-Type: text/xml; charset=UTF-8[\r][\n]"
[2017-06-04 17:59:32,882] DEBUG - header >> "SOAPAction: "http://tempuri.org/IService1/ResponseFromNTLMservice"[\r][\n]"
[2017-06-04 17:59:32,882] DEBUG - header >> "User-Agent: Axis2[\r][\n]"
[2017-06-04 17:59:32,882] DEBUG - header >> "Content-Length: 275[\r][\n]"
[2017-06-04 17:59:32,882] DEBUG - header >> "Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAACoAKgAWAAAABYAFgAAAQAAEAAQABYBAAAWABYAJgEAAAAAAAAAAAAAAQIIAHUmjUytX7PrP4eFlY1jwLsP1yCUrRGSc35XiWz0UESHVSioB7FCx+ABAQAAAAAAAPD9Ojgu3dIBsIYPfm/WSMgAAAAAAgAWAEEASgBBAE4AVABIAEEATgAtAFAAQwABABYAQQBKAEEATgBUAEgAQQBOAC0AUABDAAQAFgBBAGoAYQBuAHQAaABhAG4ALQBQAEMAAwAWAEEAagBhAG4AdABoAGEAbgAtAFAAQwAHAAgA/KZDOC7d0gEAAAAAAAAAAEEAagBhAG4AdABoAGEAbgAtAFAAQwBBAGoAYQBuAHQAaABhAG4AMQA5ADIALgAxADYAOAAuADEALgAzAA==[\r][\n]"
[2017-06-04 17:59:32,882] DEBUG - header >> "Host: 192.168.1.3:9800[\r][\n]"
[2017-06-04 17:59:32,883] DEBUG - header >> "[\r][\n]"
[2017-06-04 17:59:32,883] DEBUG - content >> "<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Body><ResponseFromNTLMservice xmlns="http://tempuri.org/"><message>Test for NTLMV2</message></ResponseFromNTLMservice></soapenv:Body></soapenv:Envelope>"
[2017-06-04 17:59:32,885] DEBUG - header << "HTTP/1.1 200 OK[\r][\n]"
[2017-06-04 17:59:32,885] DEBUG - header << "HTTP/1.1 200 OK[\r][\n]"
[2017-06-04 17:59:32,885] DEBUG - header << "Content-Length: 290[\r][\n]"
[2017-06-04 17:59:32,885] DEBUG - header << "Content-Type: text/xml; charset=utf-8[\r][\n]"
[2017-06-04 17:59:32,885] DEBUG - header << "Server: Microsoft-IIS/7.5[\r][\n]"
[2017-06-04 17:59:32,886] DEBUG - header << "Persistent-Auth: true[\r][\n]"
[2017-06-04 17:59:32,886] DEBUG - header << "X-Powered-By: ASP.NET[\r][\n]"
[2017-06-04 17:59:32,886] DEBUG - header << "Date: Sun, 04 Jun 2017 12:29:32 GMT[\r][\n]"
[2017-06-04 17:59:32,886] DEBUG - header << "[\r][\n]"
[2017-06-04 17:59:32,888] DEBUG - content << "<"
[2017-06-04 17:59:32,888] DEBUG - content << "s:E"
[2017-06-04 17:59:32,889] DEBUG - content << "nvelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><ResponseFromNTLMserviceResponse xmlns="http://tempuri.org/"><ResponseFromNTLMserviceResult>Response from the NTLM Enabled Service</ResponseFromNTLMserviceResult></ResponseFromNTLMserviceResponse></s:Body></s:Envelope>"
[2017-06-04 17:59:32,889] DEBUG - NTLMCalloutMediator [NTLMCalloutMediator] Response payload received : <ResponseFromNTLMserviceResponse xmlns="http://tempuri.org/"><ResponseFromNTLMserviceResult>Response from the NTLM Enabled Service</ResponseFromNTLMserviceResult></ResponseFromNTLMserviceResponse>
[2017-06-04 17:59:32,889] DEBUG - NTLMCalloutMediator [NTLMCalloutMediator] mediate method invocation END.
[2017-06-04 17:59:32,890] INFO - LogMediator STATUS = -----------------------NTLMVProxy Invoked [AFTER 2]-------------------------
[2017-06-04 17:59:32,994] DEBUG - headers http-incoming-1 << HTTP/1.1 200 OK
[2017-06-04 17:59:32,995] DEBUG - headers http-incoming-1 << Host: ajanthan-ThinkPad-T440p:8280
[2017-06-04 17:59:32,995] DEBUG - headers http-incoming-1 << SOAPAction: "urn:mediate"
[2017-06-04 17:59:32,995] DEBUG - headers http-incoming-1 << Accept-Encoding: gzip,deflate
[2017-06-04 17:59:32,995] DEBUG - headers http-incoming-1 << Content-Type: text/xml;charset=UTF-8; charset=UTF-8
[2017-06-04 17:59:32,995] DEBUG - headers http-incoming-1 << Date: Sun, 04 Jun 2017 12:29:32 GMT
[2017-06-04 17:59:32,995] DEBUG - headers http-incoming-1 << Transfer-Encoding: chunked
[2017-06-04 17:59:32,995] DEBUG - headers http-incoming-1 << Connection: Keep-Alive
[2017-06-04 17:59:32,998] DEBUG - wire << "HTTP/1.1 200 OK[\r][\n]"
[2017-06-04 17:59:32,998] DEBUG - wire << "Host: ajanthan-ThinkPad-T440p:8280[\r][\n]"
[2017-06-04 17:59:32,998] DEBUG - wire << "SOAPAction: "urn:mediate"[\r][\n]"
[2017-06-04 17:59:32,999] DEBUG - wire << "Accept-Encoding: gzip,deflate[\r][\n]"
[2017-06-04 17:59:32,999] DEBUG - wire << "Content-Type: text/xml;charset=UTF-8; charset=UTF-8[\r][\n]"
[2017-06-04 17:59:32,999] DEBUG - wire << "Date: Sun, 04 Jun 2017 12:29:32 GMT[\r][\n]"
[2017-06-04 17:59:32,999] DEBUG - wire << "Transfer-Encoding: chunked[\r][\n]"
[2017-06-04 17:59:32,999] DEBUG - wire << "Connection: Keep-Alive[\r][\n]"
[2017-06-04 17:59:32,999] DEBUG - wire << "[\r][\n]"
[2017-06-04 17:59:33,000] DEBUG - wire << "18b[\r][\n]"
[2017-06-04 17:59:33,000] DEBUG - wire << "<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns="http://tempuri.org/">[\n]"
[2017-06-04 17:59:33,000] DEBUG - wire << " <soapenv:Header/>[\n]"
[2017-06-04 17:59:33,000] DEBUG - wire << " <soapenv:Body>[\n]"
[2017-06-04 17:59:33,000] DEBUG - wire << " [\n]"
[2017-06-04 17:59:33,001] DEBUG - wire << " <ResponseFromNTLMserviceResponse><ResponseFromNTLMserviceResult>Response from the NTLM Enabled Service</ResponseFromNTLMserviceResult></ResponseFromNTLMserviceResponse></soapenv:Body>[\n]"
[2017-06-04 17:59:33,001] DEBUG - wire << "</soapenv:Envelope>[\r][\n]"
[2017-06-04 17:59:33,001] DEBUG - wire << "0[\r][\n]"
[2017-06-04 17:59:33,001] DEBUG - wire << "[\r][\n]"And a failure log when using the NTLMv1 ( By changing the ntlmVersion Property ) will be as below:
[2017-06-04 18:01:12,415] DEBUG - wire >> "POST /services/NTLMProxy HTTP/1.1[\r][\n]"
[2017-06-04 18:01:12,416] DEBUG - wire >> "Accept-Encoding: gzip,deflate[\r][\n]"
[2017-06-04 18:01:12,416] DEBUG - wire >> "Content-Type: text/xml;charset=UTF-8[\r][\n]"
[2017-06-04 18:01:12,416] DEBUG - wire >> "SOAPAction: "urn:mediate"[\r][\n]"
[2017-06-04 18:01:12,416] DEBUG - wire >> "Content-Length: 274[\r][\n]"
[2017-06-04 18:01:12,416] DEBUG - wire >> "Host: ajanthan-ThinkPad-T440p:8280[\r][\n]"
[2017-06-04 18:01:12,416] DEBUG - wire >> "Connection: Keep-Alive[\r][\n]"
[2017-06-04 18:01:12,417] DEBUG - wire >> "User-Agent: Apache-HttpClient/4.1.1 (java 1.5)[\r][\n]"
[2017-06-04 18:01:12,417] DEBUG - wire >> "[\r][\n]"
[2017-06-04 18:01:12,417] DEBUG - wire >> "<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns="http://tempuri.org/">[\n]"
[2017-06-04 18:01:12,417] DEBUG - wire >> " <soapenv:Header/>[\n]"
[2017-06-04 18:01:12,417] DEBUG - wire >> " <soapenv:Body>[\n]"
[2017-06-04 18:01:12,417] DEBUG - wire >> " <ResponseFromNTLMservice><message>Test for NTLMV2</message></ResponseFromNTLMservice>[\n]"
[2017-06-04 18:01:12,417] DEBUG - wire >> " </soapenv:Body>[\n]"
[2017-06-04 18:01:12,418] DEBUG - wire >> "</soapenv:Envelope>"
[2017-06-04 18:01:12,418] DEBUG - headers http-incoming-2 >> POST /services/NTLMProxy HTTP/1.1
[2017-06-04 18:01:12,418] DEBUG - headers http-incoming-2 >> Accept-Encoding: gzip,deflate
[2017-06-04 18:01:12,418] DEBUG - headers http-incoming-2 >> Content-Type: text/xml;charset=UTF-8
[2017-06-04 18:01:12,418] DEBUG - headers http-incoming-2 >> SOAPAction: "urn:mediate"
[2017-06-04 18:01:12,418] DEBUG - headers http-incoming-2 >> Content-Length: 274
[2017-06-04 18:01:12,418] DEBUG - headers http-incoming-2 >> Host: ajanthan-ThinkPad-T440p:8280
[2017-06-04 18:01:12,419] DEBUG - headers http-incoming-2 >> Connection: Keep-Alive
[2017-06-04 18:01:12,419] DEBUG - headers http-incoming-2 >> User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
[2017-06-04 18:01:12,425] INFO - LogMediator STATUS = -----------------------NTLMProxy Invoked-------------------------
[2017-06-04 18:01:12,426] DEBUG - NTLMMediator [NTLMMediator] mediate method Invoked.
[2017-06-04 18:01:12,426] DEBUG - NTLMMediator [NTLMMediator] NTLM version is: v1
[2017-06-04 18:01:12,426] INFO - LogMediator STATUS = -----------------------NTLMProxy Invoked [AFTER 1]-------------------------
[2017-06-04 18:01:12,426] DEBUG - NTLMCalloutMediator [NTLMCalloutMediator] mediate method Invoked.
[2017-06-04 18:01:12,427] DEBUG - NTLMCalloutMediator [NTLMCalloutMediator] Message : <?xml version='1.0' encoding='utf-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns="http://tempuri.org/"><soapenv:Body>
<ResponseFromNTLMservice><message>Test for NTLMV2</message></ResponseFromNTLMservice>
</soapenv:Body></soapenv:Envelope>
[2017-06-04 18:01:12,428] DEBUG - NTLMCalloutMediator [NTLMCalloutMediator] About to invoke service : http://192.168.1.3:9800/Service1.svc/test with action : http://tempuri.org/IService1/ResponseFromNTLMservice
[2017-06-04 18:01:12,429] DEBUG - NTLMCalloutMediator [NTLMCalloutMediator] Request message payload : <ResponseFromNTLMservice xmlns="http://tempuri.org/"><message>Test for NTLMV2</message></ResponseFromNTLMservice>
[2017-06-04 18:01:12,433] DEBUG - header >> "POST /Service1.svc/test HTTP/1.1[\r][\n]"
[2017-06-04 18:01:12,434] DEBUG - header >> "Content-Type: text/xml; charset=UTF-8[\r][\n]"
[2017-06-04 18:01:12,434] DEBUG - header >> "SOAPAction: "http://tempuri.org/IService1/ResponseFromNTLMservice"[\r][\n]"
[2017-06-04 18:01:12,434] DEBUG - header >> "User-Agent: Axis2[\r][\n]"
[2017-06-04 18:01:12,434] DEBUG - header >> "Host: 192.168.1.3:9800[\r][\n]"
[2017-06-04 18:01:12,434] DEBUG - header >> "Content-Length: 275[\r][\n]"
[2017-06-04 18:01:12,434] DEBUG - header >> "[\r][\n]"
[2017-06-04 18:01:12,435] DEBUG - content >> "<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Body><ResponseFromNTLMservice xmlns="http://tempuri.org/"><message>Test for NTLMV2</message></ResponseFromNTLMservice></soapenv:Body></soapenv:Envelope>"
[2017-06-04 18:01:12,437] DEBUG - header << "HTTP/1.1 401 Unauthorized[\r][\n]"
[2017-06-04 18:01:12,437] DEBUG - header << "HTTP/1.1 401 Unauthorized[\r][\n]"
[2017-06-04 18:01:12,437] DEBUG - header << "Server: Microsoft-IIS/7.5[\r][\n]"
[2017-06-04 18:01:12,437] DEBUG - header << "WWW-Authenticate: NTLM[\r][\n]"
[2017-06-04 18:01:12,438] DEBUG - header << "WWW-Authenticate: Negotiate[\r][\n]"
[2017-06-04 18:01:12,438] DEBUG - header << "X-Powered-By: ASP.NET[\r][\n]"
[2017-06-04 18:01:12,438] DEBUG - header << "Date: Sun, 04 Jun 2017 12:31:12 GMT[\r][\n]"
[2017-06-04 18:01:12,438] DEBUG - header << "Content-Length: 0[\r][\n]"
[2017-06-04 18:01:12,438] DEBUG - header << "[\r][\n]"
[2017-06-04 18:01:12,438] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] processChallenge Invoked.
[2017-06-04 18:01:12,438] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] NTLM Scheme Authentication Method Invoked.
[2017-06-04 18:01:12,438] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] The NTLM version going to use is: v1
[2017-06-04 18:01:12,438] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] Type1Message Generated.
[2017-06-04 18:01:12,440] DEBUG - header >> "POST /Service1.svc/test HTTP/1.1[\r][\n]"
[2017-06-04 18:01:12,440] DEBUG - header >> "Content-Type: text/xml; charset=UTF-8[\r][\n]"
[2017-06-04 18:01:12,440] DEBUG - header >> "SOAPAction: "http://tempuri.org/IService1/ResponseFromNTLMservice"[\r][\n]"
[2017-06-04 18:01:12,440] DEBUG - header >> "User-Agent: Axis2[\r][\n]"
[2017-06-04 18:01:12,440] DEBUG - header >> "Content-Length: 275[\r][\n]"
[2017-06-04 18:01:12,441] DEBUG - header >> "Authorization: NTLM TlRMTVNTUAABAAAAATIAAAsACwAgAAAACwALACsAAABBSkFOVEhBTi1QQzE5Mi4xNjguMS4z[\r][\n]"
[2017-06-04 18:01:12,441] DEBUG - header >> "Host: 192.168.1.3:9800[\r][\n]"
[2017-06-04 18:01:12,441] DEBUG - header >> "[\r][\n]"
[2017-06-04 18:01:12,441] DEBUG - content >> "<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Body><ResponseFromNTLMservice xmlns="http://tempuri.org/"><message>Test for NTLMV2</message></ResponseFromNTLMservice></soapenv:Body></soapenv:Envelope>"
[2017-06-04 18:01:12,442] DEBUG - header << "HTTP/1.1 401 Unauthorized[\r][\n]"
[2017-06-04 18:01:12,442] DEBUG - header << "HTTP/1.1 401 Unauthorized[\r][\n]"
[2017-06-04 18:01:12,442] DEBUG - header << "Content-Type: text/html[\r][\n]"
[2017-06-04 18:01:12,442] DEBUG - header << "Server: Microsoft-IIS/7.5[\r][\n]"
[2017-06-04 18:01:12,442] DEBUG - header << "WWW-Authenticate: NTLM[\r][\n]"
[2017-06-04 18:01:12,443] DEBUG - header << "WWW-Authenticate: Negotiate[\r][\n]"
[2017-06-04 18:01:12,443] DEBUG - header << "X-Powered-By: ASP.NET[\r][\n]"
[2017-06-04 18:01:12,443] DEBUG - header << "Date: Sun, 04 Jun 2017 12:31:12 GMT[\r][\n]"
[2017-06-04 18:01:12,443] DEBUG - header << "Content-Length: 1293[\r][\n]"
[2017-06-04 18:01:12,443] DEBUG - header << "[\r][\n]"
[2017-06-04 18:01:12,443] DEBUG - CustomNTLMAuthScheme [CustomNTLMAuthScheme] processChallenge Invoked.
[2017-06-04 18:01:12,444] DEBUG - content << "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">[\r][\n]"
[2017-06-04 18:01:12,444] DEBUG - content << "<html xmlns="http://www.w3.org/1999/xhtml">[\r][\n]"
[2017-06-04 18:01:12,444] DEBUG - content << "<head>[\r][\n]"
[2017-06-04 18:01:12,445] DEBUG - content << "<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>[\r][\n]"
[2017-06-04 18:01:12,445] DEBUG - content << "<title>401 - Unauthorized: Access is denied due to invalid credentials.</title>[\r][\n]"
[2017-06-04 18:01:12,445] DEBUG - content << "<style type="text/css">[\r][\n]"
[2017-06-04 18:01:12,445] DEBUG - content << "<!--[\r][\n]"
[2017-06-04 18:01:12,445] DEBUG - content << "body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}[\r][\n]"
[2017-06-04 18:01:12,445] DEBUG - content << "fieldset{padding:0 15px 10px 15px;} [\r][\n]"
[2017-06-04 18:01:12,446] DEBUG - content << "h1{font-size:2.4em;margin:0;color:#FFF;}[\r][\n]"
[2017-06-04 18:01:12,446] DEBUG - content << "h2{font-size:1.7em;margin:0;color:#CC0000;} [\r][\n]"
[2017-06-04 18:01:12,446] DEBUG - content << "h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} [\r][\n]"
[2017-06-04 18:01:12,446] DEBUG - content << "#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;[\r][\n]"
[2017-06-04 18:01:12,446] DEBUG - content << "background-color:#555555;}[\r][\n]"
[2017-06-04 18:01:12,446] DEBUG - content << "#content{margin:0 0 0 2%;position:relative;}[\r][\n]"
[2017-06-04 18:01:12,446] DEBUG - content << ".content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}[\r][\n]"
[2017-06-04 18:01:12,447] DEBUG - content << "-->[\r][\n]"
[2017-06-04 18:01:12,447] DEBUG - content << "</style>[\r][\n]"
[2017-06-04 18:01:12,447] DEBUG - content << "</head>[\r][\n]"
[2017-06-04 18:01:12,447] DEBUG - content << "<body>[\r][\n]"
[2017-06-04 18:01:12,447] DEBUG - content << "<div id="header"><h1>Server Error</h1></div>[\r][\n]"
[2017-06-04 18:01:12,447] DEBUG - content << "<div id="content">[\r][\n]"
[2017-06-04 18:01:12,447] DEBUG - content << " <div cla"
[2017-06-04 18:01:12,447] DEBUG - content << "ss="content-container"><fieldset>[\r][\n]"
[2017-06-04 18:01:12,447] DEBUG - content << " <h2>401 - Unauthorized: Access is denied due to invalid credentials.</h2>[\r][\n]"
[2017-06-04 18:01:12,447] DEBUG - content << " <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>[\r][\n]"
[2017-06-04 18:01:12,447] DEBUG - content << " </fieldset></div>[\r][\n]"
[2017-06-04 18:01:12,448] DEBUG - content << "</div>[\r][\n]"
[2017-06-04 18:01:12,448] DEBUG - content << "</body>[\r][\n]"
[2017-06-04 18:01:12,448] DEBUG - content << "</html>[\r][\n]"
[2017-06-04 18:01:12,449] INFO - HTTPSender Unable to sendViaPost to url[http://192.168.1.3:9800/Service1.svc/test]
org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized
at org.apache.axis2.transport.http.HTTPSender.handleResponse(HTTPSender.java:331)
at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:196)
at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:451)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:278)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:430)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:554)
at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:530)
at com.custom.ntlm.NTLMCalloutMediator.mediate(NTLMCalloutMediator.java:95)
at org.apache.synapse.mediators.ext.ClassMediator.mediate(ClassMediator.java:78)
at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:81)
at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:48)
at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:149)
at org.apache.synapse.core.axis2.ProxyServiceMessageReceiver.receive(ProxyServiceMessageReceiver.java:185)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:395)
at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:142)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
[2017-06-04 18:01:12,597] INFO - LogMediator To: http://192.168.1.3:9800/Service1.svc/test, WSAction: http://tempuri.org/IService1/ResponseFromNTLMservice, SOAPAction: http://tempuri.org/IService1/ResponseFromNTLMservice, MessageID: urn:uuid:d0f6bcb0-3476-4f5a-8c68-ee5ba0da7596, Direction: request, MESSAGE = Executing default 'fault' sequence, ERROR_CODE = 401000, ERROR_MESSAGE = [NTLMCalloutMediator] Error while performing the callout operation, Envelope: <?xml version='1.0' encoding='utf-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns="http://tempuri.org/"><soapenv:Body>
</soapenv:Body></soapenv:Envelope>
[2017-06-04 18:01:12,597] DEBUG - headers http-incoming-2 << HTTP/1.1 202 Accepted
[2017-06-04 18:01:12,598] DEBUG - headers http-incoming-2 << Date: Sun, 04 Jun 2017 12:31:12 GMT
[2017-06-04 18:01:12,598] DEBUG - headers http-incoming-2 << Transfer-Encoding: chunked
[2017-06-04 18:01:12,598] DEBUG - headers http-incoming-2 << Connection: Keep-Alive
[2017-06-04 18:01:12,598] DEBUG - wire << "HTTP/1.1 202 Accepted[\r][\n]"
[2017-06-04 18:01:12,598] DEBUG - wire << "Date: Sun, 04 Jun 2017 12:31:12 GMT[\r][\n]"
[2017-06-04 18:01:12,598] DEBUG - wire << "Transfer-Encoding: chunked[\r][\n]"
[2017-06-04 18:01:12,598] DEBUG - wire << "Connection: Keep-Alive[\r][\n]"
[2017-06-04 18:01:12,599] DEBUG - wire << "[\r][\n]"
[2017-06-04 18:01:12,599] DEBUG - wire << "0[\r][\n]"
[2017-06-04 18:01:12,599] DEBUG - wire << "[\r][\n]"8) Explanation on the Custom Class Mediators
When you download the zip from https://drive.google.com/file/d/0B-VAIXmh-0yeTGEzQkxNX0EwSnM/view?usp=sharing you will find there are three classes involved.
- NTLMMediator.java — This is a mediator which creates the HTTP authenticator to cater the NTLM authentication and get the username / password / host / domain from the class mediator’s property and set it to the authenticator and then read the MultiThreadedHttpConnectionManager from the cache and set it to the Axis2MessageContext. Also registers the CustomNTLMAuthScheme class as the Authentication Policy.
- CustomNTLMAuthScheme.java — This is the customized Authentication Scheme class. When you check this class this is the one which handles the Type1, Type2 and Type3 messages and the flags for the authentication set. The below code segment done that. You can check https://msdn.microsoft.com/en-us/library/cc236650.aspx and modify the flags as how your backend handles them. Here I’m using a basic NTLMv1 flag and NTLMv2 flags.
public String authenticate(Credentials credentials, HttpMethod method)
throws AuthenticationException {
if (logger.isDebugEnabled()) {
logger.debug("[CustomNTLMAuthScheme] NTLM Scheme Authentication Method Invoked.");
}
if (this.state == UNINITIATED) {
throw new IllegalStateException(
"[CustomNTLMAuthScheme] NTLM authentication process has not been initiated");
}
//Get the NTLM version from the NTLMMediator and identify the flags to be used for authentication.
String ntlmVersion = NTLMMediator.getNtlmVersion();
if (logger.isDebugEnabled()) {
logger.debug("[CustomNTLMAuthScheme] The NTLM version going to use is: " + ntlmVersion);
}
int flags = 0;
if (ntlmVersion.toUpperCase().equals("V1")) {
flags = NtlmFlags.NTLMSSP_NEGOTIATE_NTLM;
} else if (ntlmVersion.toUpperCase().equals("V2")) {
flags = NtlmFlags.NTLMSSP_NEGOTIATE_NTLM2;
} else {
if (logger.isDebugEnabled()) {
logger.debug("[CustomNTLMAuthScheme] NTLM Version not specified.");
}
}
NTCredentials ntcredentials = null;
try {
ntcredentials = (NTCredentials) credentials;
} catch (ClassCastException e) {
throw new InvalidCredentialsException(
"[CustomNTLMAuthScheme] Credentials cannot be used for NTLM authentication: "
+ credentials.getClass().getName());
}
byte[] msgBytes = null;
String response = null;
if (this.state == INITIATED) {
Type1Message type1Message = new Type1Message(flags, ntcredentials.getDomain(), ntcredentials.getHost());
msgBytes = type1Message.toByteArray();
this.state = TYPE1_MSG_GENERATED;
if (logger.isDebugEnabled()) {
logger.debug("[CustomNTLMAuthScheme] Type1Message Generated.");
}
} else if (this.state == TYPE2_MSG_RECEIVED) {
if (logger.isDebugEnabled()) {
logger.debug("[CustomNTLMAuthScheme] Type2Message Received.");
}
Type2Message type2Message;
try {
type2Message = new jcifs.ntlmssp.Type2Message(jcifs.util.Base64.decode(this.ntlmChallenge));
} catch (IOException e) {
throw new RuntimeException("[CustomNTLMAuthScheme] Invalid Type2 message", e);
}
Type3Message type3Message = new Type3Message(type2Message, ntcredentials.getPassword(), ntcredentials.getDomain(), ntcredentials.getUserName(), ntcredentials.getHost(), flags);
msgBytes = type3Message.toByteArray();
this.state = TYPE3_MSG_GENERATED;
if (logger.isDebugEnabled()) {
logger.debug("[CustomNTLMAuthScheme] Type3Message Generated.");
}
} else {
throw new RuntimeException("[CustomNTLMAuthScheme] Failed to Authenticate");
}
response = EncodingUtil.getAsciiString(Base64.encodeBase64(msgBytes));
return "NTLM " + response;
}NTLMCalloutMediator.java — This will use the updated Axis2MessageContext and call the backend.
Note: The back end service used in this can be found at:
https://drive.google.com/file/d/0B-VAIXmh-0yeZ3EtXzR0Wll5VlE/view?usp=sharing
That’s it…
