[jcifs] Re: Jcifs over the internet and proxies
Oliver Schoett
os at sdm.de
Tue Oct 4 18:52:52 GMT 2005
Pattison, David wrote:
> I'm wondering how or if there is a solution for the following
> situation: We have a customer at an internal company site, who is
> accessing our web-app over the internet, with the app being help at
> another company site. The problem is that both company sites are
> behind proxies/firewalls (I believe it is an MS proxy of some kind),
> and the web app itself is on a personal network.
The NTLM authentication protocol requires that a TCP connection is held
during the exchange, so that challenge and response can be matched.
With a proxy, this no longer works, because both sides have separate
connections with the proxy, not with each other (this is required by the
HTTP RFC 2616, sec. 8.1.3).
A secure soution to your problem would be to establish a VPN connection
betwen the sites, or from the client into the network where the
application resides. Over the VPN, you can then establish normal,
unproxied TCP connections.
Regards,
Oliver Schoett
More information about the jcifs
mailing list