[jcifs] Using CXF with NTLM/JCIFS authentication as well as SSL/HTTPS
Michael B Allen
ioplex at gmail.com
Thu Dec 3 11:25:42 MST 2009
Well don't declare victory yet. Sun has a bit of a muddled history in
this area. Their Kerberos implementation has had problems and again it
is not crystal clear how complete their NTLM implementation is or how
exactly to control it as it is directly woven into the HTTP client.
Mike
On Thu, Dec 3, 2009 at 12:25 PM, Pink, Simon (AGCS)
<simon.pink at allianz.com> wrote:
> Mike,
>
> Thanks Mike, that's brilliant news about Java/JDK6 support. It seems that NTLM support is now cross-platform, and you can specify the user to authenticate with.
>
> Some relevant links:
> http://ashishgarg.wordpress.com/2007/02/26/new-features-in-jdk-6/
>
> Or more authoritively:
> http://java.sun.com/javase/6/docs/technotes/guides/net/http-auth.html
>
> Hopefully someone else finds this helpful.
>
> Kind Regards,
> Simon.
>
>
> -----Original Message-----
> Subject: Re: [jcifs] Using CXF with NTLM/JCIFS authentication as well as SSL/HTTPS
>
> On Thu, Dec 3, 2009 at 6:24 AM, Pink, Simon (AGCS)
> <simon.pink at allianz.com> wrote:
>> I cannot seem to get jcifs NTLM working with SSL/HTTPS. I get the following
>> exception:
>> java.lang.NoSuchMethodException:
>> jcifs.http.NtlmHttpURLConnection.getSSLSocketFactory()
>>
>> In a nutshell, CXF is trying to decorate the
>> javax.net.ssl.HttpsURLConnection.getSSLSocketFactory method - but NTLM has
>> replaced the https connection with its own handler: NtlmHttpURLConnection
>> which doesn't have this method, hence the exception. Is it actually possible
>
> Hi Simon,
>
> JCIFS' HTTP client is simply a wrapper for the builtin client so it is
> now obsolete because Sun's builtin client has NTLM capability
> including NTLMv2 (not sure about on all platforms) and additionally
> I'm not sure it even works anymore because the builtin client
> intercepts the headers used for communicating authentication tokens.
> Finally, all HTTP related code is going to be removed from JCIFS.
>
> Mike
>
> --
> Michael B Allen
> Java Active Directory Integration
> http://www.ioplex.com/
>
--
Michael B Allen
Java Active Directory Integration
http://www.ioplex.com/
More information about the jCIFS
mailing list