[jcifs] SPNEGO NTLM
Jeffrey Winter
jeffreywinter at gmail.com
Wed Jun 23 16:46:36 GMT 2004
Eric,
I have been testing the SPNEGO support code that you posted a couple
of weeks ago and was hoping you might have some insight into an
issue that I'm running into with NTML.
When I set "jcifs.http.enableNegotiate" to "false" so that the
AuthenticationFilter always sets the "WWW-Authenticate" header
to "NTML" I am able to authenticate against the domain controller
without a problem.
When I set When I set "jcifs.http.enableNegotiate" to true, it
looks like IE6.0 is returning a SPNEGO token wrapping a NTML
token as everything flows through the Authenticate.processNtml()
method. The entire negotiation process goes without a hitch
until it tries to authenticate based on the final Type 3 NTML token.
The call to:
SmbSession.logon(dc, (NtlmPasswordAuthentication) principal);
in AuthenticationFilter, fails with an NT_STATUS_ACCESS_VIOLATION
SmbAuthException.
The generation of the token types seems to be the same in either
case, yet the Negotiate version if failing. Do you have any
insight on this, or hints at what I might be able to do to
isolate the problem?
Thanks,
Jeff
More information about the jcifs
mailing list