[jcifs] jCIFS breaks posts to ASP pages

Allistair Crossley Allistair.Crossley at QAS.com
Mon Apr 19 15:12:52 GMT 2004

I would need to get the front page of the ASP applications to remove the NTLM header using the trick you refer to and then redirect back to itself to start the application, but it fails to do so. I tried both

Response.Status = "401 Unauthorized";


Response.Status = "403 Forbidden";

As soon as I then submit my ASP form the NTLM authorisation header appears again. I appreciate that this is related to ASP programming which I am not that au fait with either, but presumably this should do the same thing as the JSP version.


-----Original Message-----
From: eglass1 at comcast.net [mailto:eglass1 at comcast.net]
Sent: 19 April 2004 15:42
To: Allistair Crossley
Cc: jcifs at lists.samba.org
Subject: Re: [jcifs] jCIFS breaks posts to ASP pages

> We are having reports that our ASP applications no longer function and I
> have discovered that the cause is jCIFS in some way. The parts of the ASPs
> that do not work are form posts (so form logins mainly). No form parameters
> are being passed.
> I was able to get to a point where I could run the ASPs successfully and
> this was when I visited the ASP after opening a fresh IE window. However,
> when visiting our jCIFS web application and THEN going to the ASP
> application it failed with empty request form parameters.
> I printed the http headers in the ASP test and the addition of
> HTTP_AUTHORISATION:NTLM is the only difference. 

This is the issue I was referring to in response to the previous post:


Basically, if you have an NTLM-protected resource *anywhere* on a particular
server, Internet Explorer will require re-authentication before sending
POST parameters to that server -- even sections that *aren't* NTLM-protected.
There's a blurb about this here:


This is an Internet Explorer "feature", and isn't related to jCIFS; once you
visit an NTLM page on a site, subsequent POSTs to anything on that site will
be empty until the NTLM handshake is successfully completed.

You can "trick" IE into dropping the NTLM requirement by sending a 401 or
403 response; see this:



QAS Ltd.
Developers of QuickAddress Software
<a href="http://www.qas.com">www.qas.com</a>
Registered in England: No 2582055
Registered in Australia: No 082 851 474

More information about the jcifs mailing list