[jcifs] Propagation of windows credentials from Java client through to web service

Michael B Allen mba2000 at ioplex.com
Wed Jan 18 17:29:52 GMT 2006


Can't do it. The credential negotiated by the jCIFS HTTP authentication
filter are NTLM hashes which are specific to the server with which they
where aquired (e.g. domain controller) and are not deligatiable like
Kerberos credentials. We do not do Kerberos at this time.

Check out Wedgetail and Vintela. I don't know if you can do this with
their product either but they do Kerberos.

Mike

On Wed, 18 Jan 2006 16:23:53 +0000 (UTC)
mileyd <dean_miley at yahoo.co.uk> wrote:

> Hi 
> 
> I am running a jcifs.http.NtlmHttpFilter on tomcat. This filters requests prior 
> to running my web services for which I use axis. 
> 
> My problem is that I would like to propagate the XP credentials users have 
> already used to login to windows rather than popping up a login dialog and 
> asking them to provide them again so they can log in to my application.
> 
> Using axis I need to provide the user and credentials either within the URL of 
> the endpoint or using a credentials object. 
> 
> Something like:-
>  
>            String endpoint =
>            "http://DOMAIN\\user:password@hostname:8080/NTLMAuthentication/axis/h
> elloworld";
>  
>            Service  service = new Service();
>            Call call    = (Call) service.createCall();
>  
>            call.setTargetEndpointAddress( new java.net.URL(endpoint) );
>            call.setOperationName(new QName("sayHello") );
>  
>            String ret = (String) call.invoke( new Object[] { "Joe!" } );
>  
>            System.out.println("Sent 'Hello!', got '" + ret + "'");
> 
> Problem is I don't know how to get the user's current credentials using Java. I 
> know the JDK uses native windows code in the URLConnection class somewhere to 
> do the same thing but I cannot find how they do it. I know this is not specific 
> to JCIFS, but I think this forum is the one best placed to understand my 
> problem. Any ideas how to get at the cached windows credentials? Or am I going 
> about this in totally the wrong way?
> 
> Thanks
>  
> 
> 


More information about the jcifs mailing list