[jcifs] silent authentication

Michael B Allen mba2000 at ioplex.com
Tue Sep 6 07:26:18 GMT 2005


We have a filter for this:

http://jcifs.samba.org/src/docs/ntlmhttpauth.html

On Tue, 6 Sep 2005 08:17:03 +0200 (MEST)
"Markus Pitsch" <markus_pitsch at gmx.net> wrote:

> i am using the following code to get out the current user logged in the
> domain. i need to do this silent authentication by ntlm:
> 
> String auth = request.getHeader("Authorization");
> 		
> 		if (auth == null){
> 			response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
> 			response.setHeader("WWW-Authenticate", "NTLM");
> 			response.flushBuffer();
> 			return;
> 		}
> 	
> 		
> 		if (auth.startsWith("NTLM ")){
> 			byte[] msg = new
> sun.misc.BASE64Decoder().decodeBuffer(auth.substring(5));
> 			int off = 0, length, offset;
> 			if (msg[8] == 1){
> 				byte z = 0;
> 				byte[] msg1 = {(byte)'N', (byte)'T', (byte)'L', (byte)'M', (byte)'S',
> (byte)'S', (byte)'P', 
> 				z,(byte)2, z, z, z, z, z, z, z,(byte)40, z, z, z, 
> 				(byte)1, (byte)130, z, z,z, (byte)2, (byte)2,
> 				(byte)2, z, z, z, z, z, z, z, z, z, z, z, z};
> 				response.setHeader("WWW-Authenticate", "NTLM " + 
> 				new sun.misc.BASE64Encoder().encodeBuffer(msg1));
> 				response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
> 				return;
> 		  }
> 		  else if (msg[8] == 3){
> 		  	off = 30;
> 		  
> 		    length = msg[off+9]*256 + msg[off+8];
> 		    offset = msg[off+11]*256 + msg[off+10];
> 		    String login = new String(msg, offset, length);
> 
> when i get the string login, it contains the user lookes like "t e s t e r"
> all the time there is an empty char between the other letters. is this
> generally normal? can i get the string parsed without empty characters.
> 
> thanks for your help.
> 
> -- 
> 5 GB Mailbox, 50 FreeSMS http://www.gmx.net/de/go/promail
> +++ GMX - die erste Adresse f_r Mail, Message, More +++
> 


More information about the jcifs mailing list