procedure TFormMain.SendXmlOrderRequest(var XMLDoc: IXMLDocument; Url: String);
var
  Response: String;
  Send: TStringStream;
begin
    Send := TStringStream.Create(Utf8Encode(XMLDoc.Xml.Text));

    IdHTTP.Request.BasicAuthentication := false;
    IdHTTP.Request.Username := '';
    IdHTTP.Request.Password := '';

    IdHTTP.Request.Host := 'devap3';
    IdHTTP.Request.ContentType := 'text/xml';
    IdHTTP.Request.Charset := 'utf-8';
    IdHTTP.Request.AcceptCharSet := 'utf-8';
    IdHTTP.Request.ContentLength := Send.Size;
    IdHTTP.Request.CustomHeaders.Values['SOAPAction'] := 'http://tempuri.org/CheckOrder';

    IdHTTP.HTTPOptions := [hoForceEncodeParams, hoInProcessAuth];
    IdHTTP.ProtocolVersion := pv1_1;
   
    try
      Response := IdHTTP.Post(Url, Send);
    except
      on E: Exception do
      begin
      MemoDebug.Lines.Append('Exception HTTP: ' + E.Message);
      // erhalte dies als Ausgabe
      // Exception HTTP: Operation abgebrochen
      end;
    end;
    IdHTTP.Disconnect;   
end;

procedure TFormMain.IdHTTPAuthorization(Sender: TObject; Authentication: TIdAuthentication; var Handled: Boolean);
begin
  Authentication.Username := FUsername;
  Authentication.Password := FPassword;

  MemoDebug.Lines.Append('onAuthorization: ' + Authentication.Authentication);
  // erhalte dies als Ausgabe
  // onAuthorization: NTLM TlRMTVNTUAAB7AAAB7IAAAgACAAgAA7ACgAKACgAAABET00wOTgxMERBREEwOTgxMDM=

  Handled := true;
end;

procedure TFormMain.IdHTTPSelectAuthorization(Sender: TObject; var AuthenticationClass: TIdAuthenticationClass;
  AuthInfo: TIdHeaderList);
begin
  AuthenticationClass := TIdNTLMAuthentication;
end;