Wednesday, 9 September 2009

NTLM Authentication with Suds

We have a requirement to hit a SOAP web service running on a Windows box with IIS, and unfortunately this service is protected by NTLM authentication. While basic HTTP authentication is well supported and trivial to implement in Suds -- a Python SOAP client module -- NTLM is not.

There is a great blog entry describing how to solve this problem; however the post recommends placing the code within Suds itself, and I had to make a couple of minor modifications to get it to work with the with the latest Suds version (0.3.6).

Here are (very minor) the modifications to C. Bess's code:

from suds.transport.https import HttpAuthenticated
from suds.transport.http import HttpTransport
from ntlm import HTTPNtlmAuthHandler
import urllib2

class WindowsHttpAuthenticated(HttpAuthenticated):
"""
Provides Windows (NTLM) http authentication for suds.
@ivar pm: The password manager.
@ivar handler: The authentication handler.
@author: Christopher Bess (modified by Matt Sullivan)
"""
def __init__(self, **kwargs):
HttpTransport.__init__(self, **kwargs)
self.pm = urllib2.HTTPPasswordMgrWithDefaultRealm()
self.handler =\
HTTPNtlmAuthHandler.HTTPNtlmAuthHandler(self.pm)
self.urlopener = urllib2.build_opener(self.handler)
urllib2.install_opener(self.urlopener)

Using this authentication class is straightforward:

t = WindowsHttpAuthenticated(
username = 'DOMAIN\%s' %username,
password = password
)
url = 'http://www.somesite.com/service.asmx?wsdl'
return Client(url, transport = t)

1 comment:

Johann said...

Note for future readers: suds (since 0.3.8) now includes this code. See https://fedorahosted.org/suds/ticket/84

Also, there is a fork of suds which adds a few other enhancements to help with Exchange Web Services: https://bitbucket.org/daevaorn/suds-ews/overview