[jcifs] Problem using JCIFs and JSF

[Francisco Pinto]

Hi,

I construct a web application and use JCIFs to authenticate. I observed in
the NtlmHttpFilter class, that filter negotiate with all pages.
Why? I think the authentication (the NTLM negotiation) is necessary only in
the first user page call.

My context is:

I create my own filter class, based in the NtlmHttpFilter, and I use JAAS to
connect to our internal authorization system.
In this system, we use a intranet web service to get the user
credentials. Because the NTLM authentication itself and this authorization
step are a expensive operations, I tryed to create a cached Subject (JAAS
Subject), put it in the session (http request session). Only the first call
negotiate a NTLM. At this moment my application works fine.

But when I use JSF (all .jsf request are intercepted by Faces Servlet), my
JSF file not receives the request parameters. The application negotiate
(NTLM), creates a Subject and put it in the session. After this moment, all
request parameters send to the JSF page are missing. I tryed to debuger but
I could not identify the problem.
If I remove this cache (negotiating all http requests) my JSF application
works fine again.
After make a revision over my code, and compare with the JCIFs http filter
implementation, I remember that JCFs do not use a cache. My question is why?
There are some requirement for that?

I use Tomcat 5.5.14, JSDK 1.4, JCIFs 1.2.7, and JSF 1.1.

Thanks in advance.

--
Francisco Pinto Araújo Júnior
fpintoa at gmail.com
pinto at ezbiz.com.br
-------------- next part --------------
HTML attachment scrubbed and removed