[jcifs] getting the password after successful NTLM HTTP Filter validation

Ward, Ian iward at softwareag.es
Tue Jun 27 13:32:55 GMT 2006

I am adding Windows domain SSO to my Java app but am using an existing
product underneath an it performs it's own validation.


It says in the documentation on the JCIFS site that...


The password hashes generated when they logged on to their workstation
will be negotiated during the initial request for a session, passed
through jCIFS, and validated against a PDC or BDC. This also makes the
users domain, username, and password available for managing session
information, profiles, preferences, etc.


I have found how to get the user's name and domain using
'req.getRemoteUser();' but cannot see how to get the password... is this


If not (as I suspect) is it possible to at least get a password hash
which could then be validated by the underlying product in a custom
validation routine? Or do I have to generate one myself?




Ian Ward

-------------- next part --------------
HTML attachment scrubbed and removed

More information about the jcifs mailing list