[jcifs] Problem with NTLM HTTP Auth Filter
Eric Jesus
eric.jesus at billback.com
Wed Aug 6 10:25:30 EST 2003
> >>
> >>The only work around I have been able to find is to send a
> 401 status
> >>with a response. This will "trick" the client into forgetting about
> >>NTLM, but is really kludgy.
> >
> >
> > So what is IE keying on? If changing the name of the
> Servlet/path is not
> > sufficient to provoke IE to "forget about NTLM" then I
> suppose the only
> > "correct" solution would be to create a new virtual host on
> the server. If
> > some clients are members of an NT domain and other clients
> are not then it
> > makes good sense to have them access different server names.
> >
> > Mike
> >
>
> That would probably work; I haven't tried. I was looking at this for
> awhile. Simply breaking the connection (i.e., "Connection: close")
> doesn't work -- it will still attempt to renegotiate on the
> next POST.
> Sending the 401 was all I could figure out. Going to another
> server did
> work, though, so a virtual host might also.
>
> Eric
>
>
Thanks for the info guys, based on what you have said, what we are going to try is to exclude some of the servlets by renaming the url for the ones that we don't want to use NTLM and including everything else that doesn't matter in to the NTLM filter, also renaming a couple of jsp page extensions to something else, so they are not included.
We can do it like this, because the User Interface is ok to work with NTLM, but we have some devices that connect to the same location that can't, so one will use the modified *.js2, the others will use a differently mapped servlet path and the UI will use NTLM on all pages.
Many thanks for your help.
More information about the jcifs
mailing list