[jcifs] jcifs.http.NtlmHttpFilter and POST

Kevin Tapperson kevin at tapperson.net
Fri Aug 22 13:17:21 GMT 2008

Hi Robert,

There are a couple of things that I can recommend that you try.

First, from your post ("...when I use the login in this code in my
filter..."), it sounds like you've copied the code and you're trying to use
it inside another filter.  If this is the case, then I'd recommend that you
remove this code from your other filter and use the version that I posted
exactly as is.

The second thing is to make sure that this code (NTLMPostFilter) is executed
before other filters in the filter chain.  This filter should be the first
one in your filter chain.  The order of the filter chain is controlled by
the order of the filter-mapping tags in web.xml.

The NTLMPostFilter that I posted was developed for and used with Vignette
Portal 7.  It's been in a production environment for about 4-5 years now.
If you have continued trouble, I can see if I can dig up the old web.xml
file from the portal to see the exact order of the filters and how they are

Kevin Tapperson

On Thu, Aug 21, 2008 at 5:00 AM, Robert Baldock <robert.baldock at pfiks.com>wrote:

> Looking further into this, I found Kevin Tapperson's NTLMPostFilter from
> 2004 on this page:
> http://article.gmane.org/gmane.network.samba.java/3708/
> However, when I use the logic in this code in my filter, this check for
> an Authorization header:
> String msg = httpRequest.getHeader("Authorization");
> if ((msg != null) && (msg.startsWith("NTLM "))) ...
> always results in a msg with a null value.  As a result, the subsequent
> code that tries to fool IE is never actually entered.  The end result is
> that POST requests end up being ignored completely by the filter.
> Does anyone know why this might be the case?
> Robert
-------------- next part --------------
HTML attachment scrubbed and removed

More information about the jcifs mailing list