My Situation
I have an intranet MVC application which uses, by mandate, integrated Windows Authentication. It hosts both a business UI and some WebAPI endpoints. I have an endpoint which must be consumed by a SAP PI (Process Integration) REST adapter, which is hosted in Java. The SAP developer has only option for authentication: basic.
The Question
How can a SAP or Java client authenticate to a Windows web application? My company really demands that this call eventually resolves to a Windows account, so mixed forms auth won't fly here. Any suggestions?
My Ideas
One thought I had was to have them encrypt windows credentials in a string and drop them in the headers or in the body of the message. I could then decrypt on my end, impersonate, and, if valid, execute the POST. This seems pretty bad to me, but I could get it to work. However, I think there must be something better out there.