Java problem consuming WebService hosted on IIS secured by WindowsAuthentication

Question

APP Description

The APP that behaving improperly is an Android APP that allows the user to take a photo from his phone and then upload it to a Sharepoint CMS.

Detailed problem description

On a Java App, I'm sending a POST HTTP request containing the bytes of an image as base64 to a SOAP WebService hosted on IIS. This WebService is secured using Windows Authentication. I've configured the Java program to send credentials whenever a request is made. When I check the HTTP response code it is HTTP 401 Unauthorized. I'm unable to check the response contents.

Observations of note

The Java debugger doesn't step into the getPasswordAuthentication method of the Authenticator class as it should be.

APP Specs

• Programming language: Java
• Type of application: Android APP
• Code location: Inside an AsyncTask
• Endpoint type: SOAP WebService
• Endpoint authentication: Windows Authentication

Relevant code

Connection setup

URL url = new URL(ENDPOINT_URL);
HttpURLConnection httpURLConnection = (HttpURLConnection) url.openConnection();
// Enable POST
httpURLConnection.setDoOutput(true);
httpURLConnection.setRequestMethod("POST");
httpURLConnection.setRequestProperty("Content-Type", "text/xml");

Authenticator setup to always send stored credentials

Authenticator.setDefault(new NTLMAuthenticator());

NTLMAuthenticator class

public class NTLMAuthenticator extends Authenticator {
    @Override
    public PasswordAuthentication getPasswordAuthentication() {
        return new PasswordAuthentication("USER_NAME", "PASSWORD".toCharArray());
    }
}

Request POST content setup

try (OutputStream outputStream = httpURLConnection.getOutputStream()) {
    String baseRequest = "<?xml version=\"1.0\" encoding=\"utf-8\"?><soap:Envelope xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\"><soap:Body><Upload xmlns=\"http://schemas.microsoft.com/sharepoint/soap/ois/\"><strListName>%s</strListName><strFolder /><bytes>%s</bytes><fileName>%s</fileName><fOverWriteIfExist>true</fOverWriteIfExist></Upload></soap:Body></soap:Envelope>";
    File f = new File(PATH_TO_FILE);
    byte[] fileBytes = FileUtils.readFileToByteArray(f);
    String fileBase64 = android.util.Base64.encodeToString(fileBytes, 0);
    outputStream.write(String.format(baseRequest, LIST_NAME, fileBase64, FILE_NAME).getBytes());
    outputStream.flush();
} catch (Exception e) {
    e.printStackTrace();
}

Response READ

int response_code = httpURLConnection.getResponseCode();
if (response_code == HttpURLConnection.HTTP_OK) {
    // **response_code IS HTTP_UNAUTHORIZED**
    try (BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(httpURLConnection.getInputStream()))) {
        // **Unreachable code**
        String line;
        while ((line = bufferedReader.readLine()) != null) {
            // Read response line by line
        }
    } catch (Exception e) {
        e.printStackTrace();
    }
}