[jcifs] Very generic question about NTLM HTTP authentication

André Warnier aw at ice-sa.com
Mon Feb 9 01:15:53 GMT 2009

Michael B Allen wrote:

Thank you very much, Michael.
I'm sorry if I was the umpteenth guy to ask the same question, there is 
just a lot of conflicting information floating around, and some 
confusion with the Vista/NTLMv2 thing.

I'll also get back to your October post and re-read it, since obviously 
I missed something.
In any case, your answer saves me a lot of time exploring unworkable 

> You do realize that if you're running Tomcat through IIS then you can
> just turn on IWA right?

Well, I think so. If accesses to Tomcat would go through IIS and mod_jk 
e.g., then IE would authenticate with IIS, and mod_jk would be able to 
pass that userid to Tomcat.
So for the Tomcat part of the application, it would be fine.

But my problem is also with the Apache part. Although I can think of a 
way.. Mmm.

I have a couple of additional questions :
Referring to this section : http://jcifs.samba.org/src/docs/faq.html#ntlmv2

a) in item 2. , what does the term "target server" refer to ? Is that 
the Tomcat host ? or the DC ?

b) in the case in which I am having problems, the Vista/IE combination 
does not work, but the XP/IE combination is still working. The Tomcat 
server is the same, the jCIFS module is the same, and the DC is the 
same.  So I have to assume that it is the Vista/IE combination which 
does something differently. Do you know what it could be ?

More information about the jcifs mailing list