[jcifs] NTLM Ajax POST
Jonathan Trumbull
jonathan.trumbull at gmail.com
Wed May 17 16:03:16 GMT 2006
Mike,
>>Due to the NTLM HTTP authentication protocol being a three message...<<
But, if you are performing the AJAX calls against the server for which you
have already established a session there shouldn't be any messing about with
NTLM messages. It should just check to see if the NTLM object is present in
the session and let the request through (restating the obvious here--of
course!). I think most of my problems were caused by the app server session
timing out before making multiple asynchronous AJAX requests. Then both IE
and the servlet filter get terribly confused with the barrage of messages
and requests just like you mentioned.
>>Yet again, the solution is to use Kerberos which doesn't normally require
multiple messages.<<
Among other benefits!
BTW, thanks for all the work on jCIFs and the NtlmHttpFilter in particular!
We use them on quite a few projects.
--Jonathan
On 5/16/06, Michael B Allen <mba2000 at ioplex.com> wrote:
>
> On Tue, 16 May 2006 15:58:31 -0500
> "Jonathan Trumbull" <jonathan.trumbull at gmail.com> wrote:
>
> > Mike,
> >
> > What errors are you seeing in the log files and is it consistently doing
>
> > this? I have observed this problem before intermittently with AJAX-type
> > posts. It seemed to be much more of a problem if there were several
> rapid
> > asynchronous calls.
>
> Due to the NTLM HTTP authentication protocol being a three message
> handshake and coupled with the fact that there is no form of multiplex
> id, if the client tries to pipeline requests the server will likely get
> confused. I suspect the has nothing to do with JCIFS and you would see
> it with IIS too if NTLM was negotiated.
>
> Yet again, the solution is to use Kerberos which doesn't normally require
> multiple messages. NTLM is really showing it's age :-<
>
> Mike
>
>
-------------- next part --------------
HTML attachment scrubbed and removed
More information about the jcifs
mailing list