[jcifs] Kerberos HTTP authentication

Mike Streeton mike.streeton at ardentia.co.uk
Tue Oct 3 12:56:54 GMT 2006

Thanks for this Eric, these are the instructions I have been following.
The issue seems to be that Authentication.isNtlm(byte[] token) is always
returning true, indicating that Kerberos authentication is not taking
place. I have tried setting the "Enable Integrated Windows
Authentication (requires restart)" on in IE setup and adding the machine
to the trusted intranet site. So although the use is authenticated it
does not seem to be using Kerberos.

Many Thanks


www.ardentia.com the home of NetSearch
-----Original Message-----
From: Eric Glass [mailto:eric.glass at gmail.com] 
Sent: 03 October 2006 13:44
To: Mike Streeton
Cc: jcifs at lists.samba.org
Subject: Re: [jcifs] Kerberos HTTP authentication

Here's some instructions I posted awhile back:


This was pre-jcifs-ext but should be pretty close.

On 10/3/06, Mike Streeton <mike.streeton at ardentia.co.uk> wrote:
> I have been trying to get the 1.2.9 Kerberos version working with HTTP
> authentication. I copied the AuthenticationFilter.java + other classes
> from jcifs-ext. I have set up a simple app protected by the filter and
> seems fine, the page can call request.getRemoteUser(). The problem is
> eclipse to debug it I cannot see it going through any of the SPNEGO
code and
> I suspect it is still using NTLM. How can I get IE to negotiate a
> connection instead of NTLM.
> Thanks
> Mike
> www.ardentia.com the home of NetSearch

More information about the jcifs mailing list