[jcifs] NTLMSSP (SSPI) work with IE client ???

Ajax Zheng adzheng at gmail.com
Fri Apr 10 20:06:34 GMT 2009


I wrote a small test web server trying to talk to IE client for *NTLM*
authentication. I'm using SSPI AcceptSecurityContext() etc in my
server side code. I was able to get IE send me the Type-3 message with
LM and NT response hashes. But when I called AcceptSecurityContext()
the 2nd time to pass in these response data, it returned ACCESS LOGIN DENIED

(The logon attempt failed. Unknown user name or bad password).

I checked the decoded Type-3 message received from IE and found out that the
response field are only filled the first 8 bytes and the rest 16 bytes are
all 0x00.

I'm not sure if this is the reason that cause the AcceptSecurityContext() to

Does anyone know if a server implementing NTLMSSP(using SSPI,
AcceptSecurityContext() api etc..) authentication will work with a IE
client performing *NTLM* authentication?
-------------- next part --------------
HTML attachment scrubbed and removed

More information about the jcifs mailing list