[jcifs] RE: AuthenticationFilter and <error-page> definitions
Kimberlin, Michael
Michael.Kimberlin at savvis.net
Tue May 3 20:53:28 GMT 2005
Okay...this is what I get for only testing from one direction (or for
that matter not thinking about what the h3ll I was doing)...This change
breaks automatic authentication, as I'm sure you'll already know. So,
is there a way, currently to work with this type of error page
definition? My goal is to have automatic authentication take place
normally, but send those who fail to provide valid credentials when
challenged sent on to an error page... Pardon me if I'm being blind
here, but I would appreciate any thoughts on this...
Thanks,
michael
________________________________
From: Kimberlin, Michael
Sent: Tuesday, May 03, 2005 3:46 PM
To: 'jcifs at lists.samba.org'
Subject: AuthenticationFilter and <error-page> definitions
In this old thread from the list there was some discussion about using
an <error-page> definition for error 401 with the NtlmAuthFilter...
http://lists.samba.org/archive/jcifs/2004-August/003901.html
I am currently doing the same thing with the AuthenticationFilter. But,
it also required a similar code change to the one mentioned in that
thread (the removal of resp.flushBuffer() after
resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED) in fail())...
Is there any reason that the flush remains alive and well in this class?
What this causes is an IllegalStateException if you have an error page
defined for error 401...I removed it and recompiled it for my purposes,
but it seems like something that should be allowed by the package, no?
Thanks,
michael
-------------- next part --------------
HTML attachment scrubbed and removed
More information about the jcifs
mailing list