NTLM authentication to invoke SOAP webservice from node.js soap client?

Question

I have a node.js app running express.js framework that is trying to consume a SOAP webservice that needs authentication.

If I input the URL for this particular WSDL into a browser, a login dialog pops up. After entering my user credentials, I'll get to the WSDL. But how do I 'loging' from node.js?

Here's a xml code snippet my coworker gave to me. Appearantly it helps with authentication. But I don't know what I'm suppose to do with it.

<binding name="NotificationManager" >
    <security mode="TransportCredentialOnly">
        <transport clientCredentialType="Ntlm" proxyCredentialType="None" realm=""/>
             <message clientCredentialType="UserName" algorithmSuite="Default"/>
    </security>
</binding>

Here's what I have tried though:

Method 1:

var soap = require('soap');

soap.createClient(soapURL, function(err, client) {
    console.log('client created');
    if (err)
      {
          console.log('ERR: -> ');
          console.log(err);
          return false;
      }
    client.setSecurity(new soap.BasicAuthSecurity(username,password));
    console.log('successfully authenticated');
    });
});

Issue with Method 1 And I would get an error. The error page is a html document that says Server Error in Application. Server version Iternet Information Services 7.5. You are not authorized to view this page due to invalid authentication headers.

If I put the error logging after the 'client.setSecurity()' method, the program would crash with an error saying unable to .setSecurity() for undefined.

Method 2:

I saw that the xml mentioned ntlm, so I thought I'd give that a try.

var soap = require('soap');
var httpntlm = require('httpntlm');
var fs = require('fs');

httpntlm.get({
  url: soapURL,
  password: password,
  username: username
}, function(err, wsdl) {

    console.log('successfully authenticated');
    fs.writeFile('wsdl_cache/WDCETA.wsdl', wsdl.body, function() {
        soap.createClient(__dirname + '/wsdl_cache/WDCETA.wsdl', function(err, client) {
            if (err) {
                console.log('SOAP ERR: ->');
                console.log(err);
                return;
            }

        client.setSecurity(new soap.NtlmSecurity(username, password));

        console.log(client);
    });

  })

});

Issue with Method 2

For this method, I would successfully authenticate and download the WSDL into the file system. However, I would get the same error about 'You are not authorized to view this page...' EXCEPT this time, it's for one of the files that the one I've cached imports.

What would be the proper way to interact with this type of SOAP webservice in this situation?

I ran into the same issue and I followed your method2, but still couldn't get it to work(I was using your method1). I am wondering if you found the solution yet. Thank you :-) — George Huang, Feb 20 '17 at 04:32
@GeorgeHuang I have not found a solution. Due to this and a few other problems, I ended up switching the app's backend to asp.net with visual studio which has built in support of this sort of thing. — davidx1, Feb 21 '17 at 05:48

NTLM authentication to invoke SOAP webservice from node.js soap client?

0 Answers0