[jcifs] JCIFS NTLM on WLS 9.2

Michael B Allen mba2000 at ioplex.com
Fri May 11 16:04:24 GMT 2007 

On Fri, 27 Apr 2007 03:56:48 -0700 (PDT)
JavaSeth <seth.helstrip at bankofamerica.com> wrote:

> 
> Hi there,
> Wondering whether there's anyone out there who's experienced a similar
> problem to me, when implementing NTLM security through JCIFS on Weblogic
> 9.2.  The application was previously developed on Apache Tomcat 4 - where it
> ran without any issues.
> 
> However, when porting to WLS, it seems that if an NTLM filter is applied,
> the server is making multiple (3 in total) requests, to the same servlet. 

This is the NTLM protocol handshake and is normal.

> It also requests authentication 3 times via a pop up (Tomcat uses the OS to
> authenticate).  Without the filter (and hence security), only a single
> request is made to the servlet.

That is not normal. If the NetworkPasswordDialog pops up SSO
authentication has already failed.

> The config of the filter is pretty standard (below), so I can't see where
> I'm going wrong.  Without Weblogic source code, it's difficult to get to the
> root of the problem.  Any help will be greatfully received.  

Without a user & pass SMB signing will fail which is almost certainly
incorrect.

Mike

> 
> Thanks in advance,
> Seth
> 
> 
> from web.xml...
> 
> <!-- Security -->	    
> <filter>
>     <filter-name>NtlmHttpFilter</filter-name>
>     <filter-class>jcifs.http.NtlmHttpFilter</filter-class>
> 
>     <init-param>
>         <param-name>jcifs.netbios.wins</param-name>
>         <param-value>my.net.bios.address</param-value>
>     </init-param>
>     <init-param>
>         <param-name>jcifs.smb.client.domain</param-name>
>         <param-value>defaultDomain</param-value>
>     </init-param>
> 
> </filter>
> 
> <filter-mapping>
>     <filter-name>NtlmHttpFilter</filter-name>
>     <url-pattern>/*.view</url-pattern>
> </filter-mapping>
> 
> -- 
> View this message in context: http://www.nabble.com/JCIFS-NTLM-on-WLS-9.2-tf3657006.html#a10217007
> Sent from the Samba - jcifs mailing list archive at Nabble.com.
> 


-- 
Michael B Allen
PHP Active Directory Kerberos SSO
http://www.ioplex.com/

More information about the jcifs mailing list