[jcifs] Using jCIFS with TomCat mod_jk on Sun One Web Server as
a Proxy Server
Michael B Allen
mba2000 at ioplex.com
Mon Jul 5 20:38:49 GMT 2004
On Mon, 5 Jul 2004 16:53:24 +0000 (UTC)
Steven Dunn <stevendunn at btconnect.com> wrote:
> Hi All,
>
> I Posted a message here last week based on a problem I was having. I've
> had no comments back from anyone about this.
>
> Basically, We use Sun One as a proxy/load balance Web Server where we have
> a mod_jk (nsapi_redirector.so) configured in Sun One 6.0 SP5 to forward
> requests to a TomCat 4.1.18 application using jCIFS NTLM filters on a
> Solaris Server to authenticate incoming requests.
>
> I've have a number of problems,
> getting it to work with Sun One. Unfortunately, the choice of web server.
> can't be changed.
>
> Has anyone successfully, used mod_jk with Sun One Web Server + jCIFS NTLM
> Http Filters. At the moment, I not sure what else to configure.
>
> I'd appreciate some guidance on this.
Steve,
The NTLM HTTP authentication protocol uses some non-standard HTTP
exchanges that require requests be passed without modification over
the same session. If any layer intercepts a message, changes a header,
or closes the session the negotiation can fail. It is known that there
are some environments that have problems and there are clear disclaimers
in the NTLM HTTP documentation about this.
To make it work, I think you would really have to take packet captures
[1] and output debugging information the the jcifs/http/NtlmHttpFilter
to determine what and where the negotiation is failing.
Mike
[1] http://jcifs.samba.org/capture.html
--
Greedo shoots first? Not in my Star Wars.
More information about the jcifs
mailing list