Fwd: [jcifs] NTLM authentication caching filter

Mike Kienenberger mkienenb at gmail.com
Tue Sep 26 15:05:01 GMT 2006

Since Kevin has approved the use of his code,  I'm going to go ahead
and post it here on the mailing list since the java class is only 9kb.

If for some reason this attachment gets stripped from the message, let
me know, and I'll repost it as part of the text message.

I don't currently have an appropriate location to make this available
as a download.

Note that the only thing you need to do to use this is to change the
filter-class line in your web.xml file:

	    <!-- <filter-class>jcifs.http.NtlmHttpFilter</filter-class> -->

If you want, you can control what attribute name is used to store it
in the session by using the following optional filter init-param, but
the default of "jcifs.ext.cached_principal" should be namespace-safe:


---------- Forwarded message ----------
From: Fahad Sayeed. Siddiqui <fsyeed at xavient.com>
Date: Sep 26, 2006 12:37 AM
Subject: RE: [jcifs] NTLM authentication
To: Kevin Tapperson <kevin at tapperson.net>, Mike Kienenberger
<mkienenb at gmail.com>
Cc: jcifs at lists.samba.org

Please do the post the same code and provide me the link to the same.

I am having a little problem with doing the same caching of login
password in session when authentication occurs.

The Filter is behaving erratically sometimes.


From: kevintap at gmail.com [mailto:kevintap at gmail.com] On Behalf Of
Kevin Tapperson
 Sent: Tuesday, September 26, 2006 2:05 AM
 To: Mike Kienenberger
 Cc: jcifs at lists.samba.org; Fahad Sayeed. Siddiqui
 Subject: Re: [jcifs] NTLM authentication

Mike, I would be fine with including my posted code in the jcifs
package.  Feel free to use it, modify it, re-package it as

On 9/21/06, Mike Kienenberger <mkienenb at gmail.com> wrote:

I've written a subclass of NtlmHttpFilter that caches the
 NtlmPasswordAuthentication Principle in a session attribute (provided
 there was a non-null username in it).   It then uses the code from
 Kevin's NTLMPostFilter to handle the additional IE requests and
 returns the cached NtlmPasswordAuthentication as the UserPrincipal in
 a RequestWrapper.

 It's a drop-in replacement for NtlmHttpFilter with one additional
 optional init-param parameter for specifying which session attribute
 to use.

 If Kevin's ok with the use of his code, is there any interest in
 making this filter available?   If nothing else, I could post it to
 the mailing list.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CachingNtlmHttpFilter.java
Type: application/octet-stream
Size: 8656 bytes
Desc: not available
Url : http://lists.samba.org/archive/jcifs/attachments/20060926/586c6101/CachingNtlmHttpFilter.obj

More information about the jcifs mailing list