[jcifs] Re: NTLM http client uses Sun NTLM coming with JVM 1.4.2_10
instead of jcifs
os at sdm.de
Fri Feb 3 15:56:35 GMT 2006
My Chi Doan wrote:
> 2) When using System JVM (version 1.4.2_10), regardless which login
> and password is used in the url above, always the user, who is logged
> in on the PC, is got authenticated. E.g. xxx works on PC of yyy and
> tries to call the ntlm client with his own NT login and password. The
> authenticaton is always perfomed for user yyy instead of xxx.
> It looks like in this case the Sun's NTLM is used instead of jcifs.
Hmm, this is the third time this has been asked since Jan 25. Maybe it
should become an entry in the Documentation and/or FAQ:
NTLM authentication of HTTP requests works automatically in Sun JRE
1.4.2_02 and higher on Windows (including Java 5, but I haven't
tested that): When you make an HTTP request to a Web server that
requires Windows authentication, an NTLM authentication attempt is
made automatically and transparently with the user's Windows
credentials (see Java Bug 4857110). Only when that attempt fails
the java.net.Authenticator class is invoked to get a user name and
I do not know how to turn off the initial NTLM authentication with the
Windows user credentials.
More information about the jcifs