[jcifs] RE: AuthenticationFilter and <error-page> definitions

Kimberlin, Michael Michael.Kimberlin at savvis.net
Tue May 3 20:53:28 GMT 2005

Okay...this is what I get for only testing from one direction (or for
that matter not thinking about what the h3ll I was doing)...This change
breaks automatic authentication, as I'm sure you'll already know.  So,
is there a way, currently to work with this type of error page
definition?  My goal is to have automatic authentication take place
normally, but send those who fail to provide valid credentials when
challenged sent on to an error page...  Pardon me if I'm being blind
here, but I would appreciate any thoughts on this...






From: Kimberlin, Michael 
Sent: Tuesday, May 03, 2005 3:46 PM
To: 'jcifs at lists.samba.org'
Subject: AuthenticationFilter and <error-page> definitions


In this old thread from the list there was some discussion about using
an <error-page> definition for error 401 with the NtlmAuthFilter...




I am currently doing the same thing with the AuthenticationFilter.  But,
it also required a similar code change to the one mentioned in that
thread (the removal of resp.flushBuffer() after
resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED) in fail())...


Is there any reason that the flush remains alive and well in this class?
What this causes is an IllegalStateException if you have an error page
defined for error 401...I removed it and recompiled it for my purposes,
but it seems like something that should be allowed by the package, no?




-------------- next part --------------
HTML attachment scrubbed and removed

More information about the jcifs mailing list