Is There Any Solid Way To Deal With Windows Integrated (ntlm) Authentication From An Android App?

As the title states, we're looking for a way to access a .NET 3.5 Web service that is behind a Windows integrated (NTLM) authentication. We've searched the internets and this foru

Solution 1:

The short answer is no, there is no out-of-the-box method for NTLM on android.

The long answer is that there have been successful attempts in hacking together your own solution using the Apache HttpClient. See the following links:

http://danhounshell.com/blog/android-using-ntlm-authentication-with-httpclient/http://mrrask.wordpress.com/2009/08/21/android-authenticating-via-ntlm/

Solution 2:

There is no way an Android device can have a valid NTLM token for a Windows domain it does not belong to.

The only option you have is to change the authentification mechanism on the server to something more appropriate. If you need to restrict access to the page, here are some options available to you:

• Basic authentification (over http or over https)
• form based authentification (over http or over https)
• https with SSL certificate authentification (in Android app and server side)
• public page with Oauth (over http or hhtps)
• public page with OpenID (over http or hhtps)