[jcifs] RE: AuthenticationFilter and <error-page> definitions

Richard Caper rcaper at gmail.com
Wed May 4 00:38:34 GMT 2005


http://lists.samba.org/archive/jcifs/2005-March/004799.html

http://lists.samba.org/archive/jcifs/2005-March/004800.html



On 5/3/05, Kimberlin, Michael <Michael.Kimberlin at savvis.net> wrote:
>  
>  
> 
> Okay…this is what I get for only testing from one direction (or for that
> matter not thinking about what the h3ll I was doing)…This change breaks
> automatic authentication, as I'm sure you'll already know.  So, is there a
> way, currently to work with this type of error page definition?  My goal is
> to have automatic authentication take place normally, but send those who
> fail to provide valid credentials when challenged sent on to an error page… 
> Pardon me if I'm being blind here, but I would appreciate any thoughts on
> this… 
> 
>   
> 
> Thanks, 
> 
> michael 
> 
>   
>  
>  ________________________________
>  
> 
> From: Kimberlin, Michael 
>  Sent: Tuesday, May 03, 2005 3:46 PM
>  To: 'jcifs at lists.samba.org'
>  Subject: AuthenticationFilter and <error-page> definitions 
>  
> 
>   
> 
> In this old thread from the list there was some discussion about using an
> <error-page> definition for error 401 with the NtlmAuthFilter… 
> 
>   
> 
> http://lists.samba.org/archive/jcifs/2004-August/003901.html
> 
>   
> 
> I am currently doing the same thing with the AuthenticationFilter.  But, it
> also required a similar code change to the one mentioned in that thread (the
> removal of resp.flushBuffer() after
> resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED) in
> fail())… 
> 
>   
> 
> Is there any reason that the flush remains alive and well in this class? 
> What this causes is an IllegalStateException if you have an error page
> defined for error 401…I removed it and recompiled it for my purposes, but it
> seems like something that should be allowed by the package, no? 
> 
>   
> 
> Thanks, 
> 
> michael


More information about the jcifs mailing list