[jcifs] Http NTLM authenticating everyone

Michael B. Allen miallen at eskimo.com
Fri Jan 24 06:55:02 EST 2003

On Thu, 23 Jan 2003 20:36:50 +0530
Rupesh Kumar <rupesh.kumar at blr.techspan.com> wrote:

> Hello,
> I was trying out the NtlmHttpAuthExample servlet. I set the Security option
> for MSIE to "prompt for username and password". Now even when I enter a
> dummy username and password the NtlmHttpFilter authenticates and I can view
> the generated page. The page says "dom1\<dummy user> successfully logged
> in".
> I am running MSIE 6 on Windows XP. Am I missing something?

Is it possible that the filter is not properly installed? If it is not,
natrually the servlet will be invoked. The NtlmHttpAuthExample is not
very sophisticated about handling this condition. See the NTLM HTTP
documentation. It talks about this.


A  program should be written to model the concepts of the task it
performs rather than the physical world or a process because this
maximizes  the  potential  for it to be applied to tasks that are
conceptually  similar and, more important, to tasks that have not
yet been conceived. 

More information about the jcifs mailing list