[jcifs] NTLM Auth, custom login page
Michael B Allen
mba2000 at ioplex.com
Thu Oct 21 01:43:55 GMT 2004
Laurent Michenaud said:
> I think it is not the clean way.
> In the NTLM process, at which step u know that the browser doesnot
> support silent login ?
You don't. That's handled entirely by the client (e.g. IE).
> The best from my point of view would be to have in the jcifs properties
> something like :
> jcifs.redirect.login.url = http://mywebapp/login.jsp
> This page would be called when browser silent login fails.
> The login page may submit the login/password value to a jcifs servlet
> that will do NTLM authentification.
> It is a kind of feature request ;)
I don't think such a thing is really feasible as you envision it. We could
present a page if the login fails. But there's no way to tell if the
client supports transparent authentication. Meaning Firefox would still
present the password dialog. The logon page would only appear after the
user entered bogus creds and the login failed.
I think using the user agent information is your best bet.
More information about the jcifs