[jcifs] NTLM HTTP authentication failure forward vs. Network Logon
Dialog?
Dave Trapp
dtrapp at yahoo.com
Mon Aug 9 23:41:40 GMT 2004
NTLMHttpFilter works great for our Intranet
application.
In instances when a user cannot authenticate
transparently, we would like to forward them to a
different URL (a guest view of our application) - as
opposed to them getting challenged with the Network
Logon Dialog.
Through some trial-and-error we can get it to work
some of the time. I don't think I understand the
source that well though.
Any recommendations?
Thanks in advance.
Dave
From:NtlmHttpFilter
<code-snip>
try {
SmbSession.logon( dc, ntlm );
} catch( SmbAuthException sae ) {
if( sae.getNtStatus() ==
sae.NT_STATUS_ACCESS_VIOLATION ) {
/* Server challenge no longer
valid for
* externally supplied password
hashes.
*/
HttpSession ssn =
req.getSession(false);
if (ssn != null) {
ssn.removeAttribute(
"NtlmHttpAuth" );
}
}
/*
HttpSession ssn =
req.getSession(false);
if (ssn != null) {
ssn.removeAttribute( "JSESSIONID"
);
} */
// the url should come from a
configuration file.
resp.sendRedirect(resp.encodeRedirectURL("http://myguest.test.local:8080"));
//resp.setHeader( "WWW-Authenticate",
"NTLM" );
if (offerBasic) {
resp.addHeader(
"WWW-Authenticate", "Basic realm=\"" +
realm + "\"");
}
resp.setHeader( "Connection", "close"
);
//resp.setStatus(
HttpServletResponse.SC_UNAUTHORIZED );
resp.flushBuffer();
return;
</code-snip>
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - 100MB free storage!
http://promotions.yahoo.com/new_mail
More information about the jcifs
mailing list