[jcifs] jcifs-0.9.0 released / Documentation

Michael B Allen mba2000 at ioplex.com
Fri May 28 18:56:37 GMT 2004


eglass1 at comcast.net said:
> Mike,
>
> Lines 147-148 in 0.9.0's NtlmHttpFilter should probably be removed:
>
>     resp.sendRedirect( req.getRequestURL().toString() );
>     return;
>
> Sending a redirect can have funky consequences for non-GET or HEAD
> requests
> (i.e. POST).  Letting this just fall through to reinitiate the NTLM auth
> would save a roundtrip anyway (as when the client redirects, the filter
> will
> look for and not find the NPA in the session and demand authentication).

Mmm, I believe you might be right. I think the redirect came from working
out DFS referreral -> HTTP redirect and I just copied it over. In theory
it that condition shouldn't occur anyway because the presence of the NPA
in the HttpSession should bypass the logon so this isn't a show stopper.
I'll take a look...

Thanks,
Mike


More information about the jcifs mailing list