[jcifs] Re: windows login popup following session timeout onaform.submit

Jose Luis Martinez Avial jlmartinez at pb-santander.com
Wed Jan 21 15:34:47 GMT 2009

If I remember correctly, the IE tries to reauthenticate every time a
POST request is sent to the server. I think that is what is happening.





From: jcifs-bounces+jlmartinez=bpi-gruposantander.com at lists.samba.org
[mailto:jcifs-bounces+jlmartinez=bpi-gruposantander.com at lists.samba.org]
On Behalf Of Travaglini, Joseph
Sent: Wednesday, January 21, 2009 10:23 AM
To: Bill Comer; jcifs at lists.samba.org
Subject: RE: [jcifs] Re: windows login popup following session timeout


Which browser(s) does this happen in?  Is this happening in Firefox as

I've had an application that exhibits similar behavior, but I've only
been able to reproduce the problem in IE.


Could be the same problem... I have a hunch on what it might be, but
I'll withhold my analysis for the time being..


From: jcifs-bounces+joseph.travaglini=fmr.com at lists.samba.org
[mailto:jcifs-bounces+joseph.travaglini=fmr.com at lists.samba.org] On
Behalf Of Bill Comer
Sent: Wednesday, January 21, 2009 10:12 AM
To: jcifs at lists.samba.org
Subject: [jcifs] Re: windows login popup following session timeout on


Is it relevant that the document.submit() is a POST ?

The other thing I have noticed is that the windows popup occurrs
following a
call to HttpServletResponse.flushBuffer() in the method


On Wed, Jan 21, 2009 at 2:34 PM, Bill Comer <bill.comer at gmail.com>

Not sure if I am best posting this here or to spring but here goes.

I am using jcifs-1.2.25 with spring-security-2.0.4
My config is using

If I allow the session to timeout and request a new page then all is
I can see a new authentication occurring OK and the new page is

However, if again I allow the session to timeout on a page and then
click on a button that performs a document.submit()
the filter is again hit and attepts to do an authentication.
However this manifests itself as a windows authentication popup asking
for the users details.

How can I stop this authentication window popup occurring ?

Ideally the user should be returned to a default page due to the loss of
session data.
Also, Any ideas how this might be done ?

Bill Comer
blog: http://billcomer.blogspot.com

Internet communications are not secure and therefore Banco 
Santander International does not accept legal responsibility for 
the contents of this message. Any views or opinions presented are 
solely those of the author and do not necessarily represent those 
of Banco Santander International unless otherwise specifically 

Las comunicaciones via Internet no son seguras y por lo tanto 
Banco Santander International no asume responsabilidad legal ni 
de ningun otro tipo por el contenido de este mensaje. Cualquier 
opinion transmitida pertenece unicamente al autor y no 
necesariamente representa la opinion del Banco Santander 
International a no ser que este expresamente detallado.

-------------- next part --------------
HTML attachment scrubbed and removed

More information about the jcifs mailing list