[jcifs] Re-authenticating and jCIFS

Persona Non Grata nongrata at yahoo.com
Mon Feb 2 05:38:29 GMT 2004


Hi all,

Many thanks for an excellent product -- I've been
using it for a while
now and it rocks!

I am wondering if there's a way to perform an
equivalent of Kerberos
delegation with jCIFS. This can be best illustrated
with an example.
Let's say there are 3 actors. One is a "client", the
other a "proxy",
and a third is a "protected resource". Protected
resource is an
application fronted by IIS or ISA or some such thing;
the only way to
gain access to protected resource is via NTLM over
HTTP.  The $64,000
question is: if I stick jCIFS NTLM HTTP filter in
front of the proxy
(say it's a J2EE webapp), can I somehow reuse the
result of the
negotiation between the client and the proxy so as to
have the proxy
sign in with the client's credentials into the
protected resource? I
know Kerberos was designed for this and but I am
curious if NTLM or
jCIFS w/o NTLM can do this.

Thank you.

png


__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free web site building tool. Try it!
http://webhosting.yahoo.com/ps/sb/


More information about the jcifs mailing list