Fwd: [jcifs] NTLM authentication caching filter
Mike Kienenberger
mkienenb at gmail.com
Tue Sep 26 15:05:01 GMT 2006
Since Kevin has approved the use of his code, I'm going to go ahead
and post it here on the mailing list since the java class is only 9kb.
If for some reason this attachment gets stripped from the message, let
me know, and I'll repost it as part of the text message.
I don't currently have an appropriate location to make this available
as a download.
Note that the only thing you need to do to use this is to change the
filter-class line in your web.xml file:
<filter-name>NtlmHttpFilter</filter-name>
<!-- <filter-class>jcifs.http.NtlmHttpFilter</filter-class> -->
<filter-class>your-package-goes-here.CachingNtlmHttpFilter</filter-class>
If you want, you can control what attribute name is used to store it
in the session by using the following optional filter init-param, but
the default of "jcifs.ext.cached_principal" should be namespace-safe:
<init-param>
<param-name>jcifs.ext.cached_principal.session.attribute</param-name>
<param-value>cachedPrincipalWithoutAnyNamespacing</param-value>
</init-param>
---------- Forwarded message ----------
From: Fahad Sayeed. Siddiqui <fsyeed at xavient.com>
Date: Sep 26, 2006 12:37 AM
Subject: RE: [jcifs] NTLM authentication
To: Kevin Tapperson <kevin at tapperson.net>, Mike Kienenberger
<mkienenb at gmail.com>
Cc: jcifs at lists.samba.org
Please do the post the same code and provide me the link to the same.
I am having a little problem with doing the same caching of login
password in session when authentication occurs.
The Filter is behaving erratically sometimes.
________________________________
From: kevintap at gmail.com [mailto:kevintap at gmail.com] On Behalf Of
Kevin Tapperson
Sent: Tuesday, September 26, 2006 2:05 AM
To: Mike Kienenberger
Cc: jcifs at lists.samba.org; Fahad Sayeed. Siddiqui
Subject: Re: [jcifs] NTLM authentication
Mike, I would be fine with including my posted code in the jcifs
package. Feel free to use it, modify it, re-package it as
appropriate.
On 9/21/06, Mike Kienenberger <mkienenb at gmail.com> wrote:
I've written a subclass of NtlmHttpFilter that caches the
NtlmPasswordAuthentication Principle in a session attribute (provided
there was a non-null username in it). It then uses the code from
Kevin's NTLMPostFilter to handle the additional IE requests and
returns the cached NtlmPasswordAuthentication as the UserPrincipal in
a RequestWrapper.
It's a drop-in replacement for NtlmHttpFilter with one additional
optional init-param parameter for specifying which session attribute
to use.
If Kevin's ok with the use of his code, is there any interest in
making this filter available? If nothing else, I could post it to
the mailing list.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CachingNtlmHttpFilter.java
Type: application/octet-stream
Size: 8656 bytes
Desc: not available
Url : http://lists.samba.org/archive/jcifs/attachments/20060926/586c6101/CachingNtlmHttpFilter.obj
More information about the jcifs
mailing list