[jcifs] RE: AuthenticationFilter and <error-page> definitions
Kimberlin, Michael
Michael.Kimberlin at savvis.net
Wed May 4 14:56:01 GMT 2005
So a code change was necessary...thanks for the help. I'm attaching a
patched AuthenticationFilter, in the event that someone else may find it
useful. This filter does basically what is described in the linked
threads. I left the default behavior the same as it had been.
Although, I was tempted to give a default page name, as a blank screen
or a tomcat page or whatever you happen to get on any given setup is not
likely to be very friendly. I resisted the urge, however and left that
up to anyone who might choose to use it.
Set a value for jcifs.http.authFailurePage in the FilterConfig and it
will redirect a user to the given page in the event of authentication
failure.
I hope this saves someone a minute or two...
One thing I would note is that for some reason when a user is challenged
for their password, this will prompt them 6 times instead of the normal
3 before failure. I'm not sure what is causing that yet, but if anyone
has any thoughts I'll look into it. When I get the time a bit later, I
will check it out anyway.
And, thanks again, Richard!
-michael
-----Original Message-----
From: Richard Caper [mailto:rcaper at gmail.com]
Sent: Tuesday, May 03, 2005 7:39 PM
To: Kimberlin, Michael
Cc: jcifs at lists.samba.org
Subject: Re: [jcifs] RE: AuthenticationFilter and <error-page>
definitions
http://lists.samba.org/archive/jcifs/2005-March/004799.html
http://lists.samba.org/archive/jcifs/2005-March/004800.html
On 5/3/05, Kimberlin, Michael <Michael.Kimberlin at savvis.net> wrote:
>
>
>
> Okay...this is what I get for only testing from one direction (or for
that
> matter not thinking about what the h3ll I was doing)...This change
breaks
> automatic authentication, as I'm sure you'll already know. So, is
there a
> way, currently to work with this type of error page definition? My
goal is
> to have automatic authentication take place normally, but send those
who
> fail to provide valid credentials when challenged sent on to an error
page...
> Pardon me if I'm being blind here, but I would appreciate any thoughts
on
> this...
>
>
>
> Thanks,
>
> michael
>
>
>
> ________________________________
>
>
> From: Kimberlin, Michael
> Sent: Tuesday, May 03, 2005 3:46 PM
> To: 'jcifs at lists.samba.org'
> Subject: AuthenticationFilter and <error-page> definitions
>
>
>
>
> In this old thread from the list there was some discussion about using
an
> <error-page> definition for error 401 with the NtlmAuthFilter...
>
>
>
> http://lists.samba.org/archive/jcifs/2004-August/003901.html
>
>
>
> I am currently doing the same thing with the AuthenticationFilter.
But, it
> also required a similar code change to the one mentioned in that
thread (the
> removal of resp.flushBuffer() after
> resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED) in
> fail())...
>
>
>
> Is there any reason that the flush remains alive and well in this
class?
> What this causes is an IllegalStateException if you have an error page
> defined for error 401...I removed it and recompiled it for my
purposes, but it
> seems like something that should be allowed by the package, no?
>
>
>
> Thanks,
>
> michael
-------------- next part --------------
A non-text attachment was scrubbed...
Name: AuthenticationFilter.java
Type: application/octet-stream
Size: 10909 bytes
Desc: AuthenticationFilter.java
Url : http://lists.samba.org/archive/jcifs/attachments/20050504/fcb12a8f/AuthenticationFilter.obj
More information about the jcifs
mailing list