[jcifs] Problems with NtlmServlet and post method
eglass1 at comcast.net
eglass1 at comcast.net
Thu Aug 14 21:49:37 EST 2003
> So, NtlmLogon servlet are called only if username is NULL.
> Ntlm logon forwards calls to reply address.
> This works well if I don't send any parameters or
> parameters are send with get method. -->
> out.print( "INFO are following: " request.getParameter("INFO"));
> printing the info.
>
> But if post method are used --> printin NULL.
>
> Somehow all post information is lost somewhere.
>
> Everything is working well with NtlmHttpFilter, but I can't use it cause
> the production environment support servlet 2.2
>
After negotiating NTLM authentication with a server, the client will force
a renegotiation before sending POST data. It will first send an empty request
with the type 1 message in the Authorization header; the server will send a
401 with the type 2 challenge, and the client will finally reply with a type 3
response. This last request will contain the POST parameters.
In a Servlet 2.2 environment, any servlets that will be receiving POST
parameters will probably have to extend NtlmHttpServlet in order to properly
handle the renegotiation.
Eric
More information about the jcifs
mailing list