[jcifs] Re: windows login popup following session timeout on aform.submit

[Travaglini, Joseph]

Which browser(s) does this happen in?  Is this happening in Firefox as
well?


I've had an application that exhibits similar behavior, but I've only
been able to reproduce the problem in IE.

 

Could be the same problem... I have a hunch on what it might be, but
I'll withhold my analysis for the time being..

 

From: jcifs-bounces+joseph.travaglini=fmr.com at lists.samba.org
[mailto:jcifs-bounces+joseph.travaglini=fmr.com at lists.samba.org] On
Behalf Of Bill Comer
Sent: Wednesday, January 21, 2009 10:12 AM
To: jcifs at lists.samba.org
Subject: [jcifs] Re: windows login popup following session timeout on
aform.submit

 

Is it relevant that the document.submit() is a POST ?

The other thing I have noticed is that the windows popup occurrs
following a
call to HttpServletResponse.flushBuffer() in the method
NtlmProcessingFilterEntryPoint.commence()

Bill

On Wed, Jan 21, 2009 at 2:34 PM, Bill Comer <bill.comer at gmail.com>
wrote:

Not sure if I am best posting this here or to spring but here goes.

I am using jcifs-1.2.25 with spring-security-2.0.4
My config is using
org.springframework.security.ui.ntlm.NtlmProcessingFilter

If I allow the session to timeout and request a new page then all is
well.
I can see a new authentication occurring OK and the new page is
displayed.

However, if again I allow the session to timeout on a page and then
click on a button that performs a document.submit()
the filter is again hit and attepts to do an authentication.
However this manifests itself as a windows authentication popup asking
for the users details.

How can I stop this authentication window popup occurring ?

Ideally the user should be returned to a default page due to the loss of
session data.
Also, Any ideas how this might be done ?

Bill Comer
blog: http://billcomer.blogspot.com





-------------- next part --------------
HTML attachment scrubbed and removed