Testing Webservice with SoapUI Having Windows Authentication

Sometims SoapUI doesn't seem to work directly with NTLM authentication, but you can use a proxy such as Burp Suite to do the auth for you.


Following are the steps you can perform:

Burp Suite Configuration
    Download Burp Suite from http://portswigger.net/burp/ and set it up.
    On Burp's "Proxy : Intercept" tab, click the button to turn intercept off.
    On Burp's "Proxy : Options" tab, make sure it's set to an unused port, the default is 8081
    On Burp's "Options" tab, tick "do www authentication" and add a setting for the server you wish to hit. Also tick "prompt for credentials on authentication failure"
    Switch to Burp's "Proxy : History" tab so you can see requests going through.

SoapUI Settings
    In SoapUI, choose File > Preferences, then select "Proxy Settings". Enter Host "localhost" and port "8081".
    Use SoapUI as normal. It will send requests through Burp Proxy, which will do the NTLM authentication for you.

 Exceptions

The above solution will work in most scenarios. If, however, the service uses delegation to access resources on other servers, you will run into a double-hop issue with the NTLM authentication the Burp proxy uses. The proxy will successfully authenticate to the service, but subsequent calls made by the service to other resources using delegation will fail.

The easiest workaround I found for this was to use Fiddler as a proxy. On Fiddler's Rules menu, select 'Automatically Authenticate.' Then update your SoapUI preferences to use fiddler as a proxy (the default location is localhost:8888). Now your calls will be wrapped in a credential that can be delegated.
If you use LoadUI to execute your SoapUI test cases, the SoapUI test runner will use your SoapUI proxy settings, and your calls will continue to work.