[jcifs] RE: AuthenticationFilter and <error-page> definitions

Kimberlin, Michael Michael.Kimberlin at savvis.net
Wed May 4 14:56:01 GMT 2005

So a code change was necessary...thanks for the help.  I'm attaching a
patched AuthenticationFilter, in the event that someone else may find it
useful.  This filter does basically what is described in the linked
threads.  I left the default behavior the same as it had been.
Although, I was tempted to give a default page name, as a blank screen
or a tomcat page or whatever you happen to get on any given setup is not
likely to be very friendly.  I resisted the urge, however and left that
up to anyone who might choose to use it.

Set a value for jcifs.http.authFailurePage in the FilterConfig and it
will redirect a user to the given page in the event of authentication

I hope this saves someone a minute or two...

One thing I would note is that for some reason when a user is challenged
for their password, this will prompt them 6 times instead of the normal
3 before failure.  I'm not sure what is causing that yet, but if anyone
has any thoughts I'll look into it.  When I get the time a bit later, I
will check it out anyway.

And, thanks again, Richard!


-----Original Message-----
From: Richard Caper [mailto:rcaper at gmail.com] 
Sent: Tuesday, May 03, 2005 7:39 PM
To: Kimberlin, Michael
Cc: jcifs at lists.samba.org
Subject: Re: [jcifs] RE: AuthenticationFilter and <error-page>



On 5/3/05, Kimberlin, Michael <Michael.Kimberlin at savvis.net> wrote:
> Okay...this is what I get for only testing from one direction (or for
> matter not thinking about what the h3ll I was doing)...This change
> automatic authentication, as I'm sure you'll already know.  So, is
there a
> way, currently to work with this type of error page definition?  My
goal is
> to have automatic authentication take place normally, but send those
> fail to provide valid credentials when challenged sent on to an error
> Pardon me if I'm being blind here, but I would appreciate any thoughts
> this... 
> Thanks, 
> michael 
>  ________________________________
> From: Kimberlin, Michael 
>  Sent: Tuesday, May 03, 2005 3:46 PM
>  To: 'jcifs at lists.samba.org'
>  Subject: AuthenticationFilter and <error-page> definitions 
> In this old thread from the list there was some discussion about using
> <error-page> definition for error 401 with the NtlmAuthFilter... 
> http://lists.samba.org/archive/jcifs/2004-August/003901.html
> I am currently doing the same thing with the AuthenticationFilter.
But, it
> also required a similar code change to the one mentioned in that
thread (the
> removal of resp.flushBuffer() after
> resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED) in
> fail())... 
> Is there any reason that the flush remains alive and well in this
> What this causes is an IllegalStateException if you have an error page
> defined for error 401...I removed it and recompiled it for my
purposes, but it
> seems like something that should be allowed by the package, no? 
> Thanks, 
> michael
-------------- next part --------------
A non-text attachment was scrubbed...
Name: AuthenticationFilter.java
Type: application/octet-stream
Size: 10909 bytes
Desc: AuthenticationFilter.java
Url : http://lists.samba.org/archive/jcifs/attachments/20050504/fcb12a8f/AuthenticationFilter.obj

More information about the jcifs mailing list