[jcifs] authentication session concurrency

aspa at kronodoc.fi aspa at kronodoc.fi
Tue Oct 14 00:09:03 EST 2003

i'm trying to implement automatic logon to an existing web application
for Windows network authenticated users (Windows NT4 & XP). because of
architectural limitations i need to use an authentication proxy server
against which the web application can authenticate users. this proxy
will use a Windows 2000 ActiveDirectory server to actually authenticate
users. i'm planning on leveraging jcifs in the authentication proxy
server implementation.

the authentication proxy would basically do what NtlmHttpFilter and
NtlmSsp in the jcifs package do but it would not be running under a
Servlet container.

one question that puzzles me is can jcifs be used to authenticate many
users concurrently from the same authentication server (with a single
threaded authentication proxy)? in the NTLM handshake a challenge is
fetched from the Windows server and used to create a NTLM Type2Message.
doesn't the server need the original challenge when authenticating
clients response to the challenge message? how is state maintained
between these two phases if two or more authentication sessions are
being interleaved?

best regards,
	aspa						http://www.kronodoc.fi/

More information about the jcifs mailing list