[jcifs] jcifs
eglass1 at comcast.net
eglass1 at comcast.net
Wed Jun 23 11:12:03 GMT 2004
For information on what determines whether the user will be prompted see:
http://jcifs.samba.org/src/docs/ntlmhttpauth.html#transparent
You would probably be looking at this from the opposite perspective, as you
*want* people to be prompted for login. The easiest way would likely be
to configure the end user's IE options, under security, "Prompt for Username
and Password" (default is, I believe, "Automatic Logon only in Intranet zone").
This would apply to all applications employing NTLM, however.
You could also possibly do some funky things with DNS to do this on a
per-application basis (to trick IE into thinking the application is outside the
intranet). You might be able to do this simply by accessing the site via
IP address rather than hostname, or use the FQDN (depending on how
your zones are set up).
Another option would be to modify jCIFS to disable NTLM authentication
altogether, then set "jcifs.http.enableBasic" to true. This will do HTTP
Basic authentication only, which will prompt you for credentials. Note that
this should only be used over HTTPS, as Basic is highly insecure.
Eric
> Hello Guys,
> I'm new user of JCIFS,
> I have implement jcifs 0.9.2 for Single Sign On and it's works great !
> By the way, I have a few questions,
> Is there any way or any parameter setting to trigger the samba login form
> always pop up every time user access crucial web applications? even user
> have checked the "Save this password in your password list" option?
> The purpose is to increase web applications security when any user
> forgotten to lock/log off his computer,
>
> thanks,
> K. Rezza
>
> rezza at websystemarchitech.com
>
More information about the jcifs
mailing list