[jcifs] Re: security policy requires NTLMv2

Michael B Allen ioplex at gmail.com
Fri Jan 30 19:12:04 GMT 2009


On Fri, Jan 30, 2009 at 11:40 AM, AJ Weber <aweber at comcast.net> wrote:
> Maybe it's that your precise problem is not clear to me.  A quick check of
> the website shows that, barring any remaining bugs, 1.3 fully supports
> NTLMv2.

JCIFS 1.3 supports NTLMv2 as an *initator*. Meaning it can initiate
NTLMv2 authentication. But it cannot act as an acceptor for NTLMv2.
The HTTP Filter is an acceptor.

> If you are trying to use NTLMv2 in an SSO implementation -- especially the
> way the filter works -- then Mike has made it very clear that it will
> probably never work, because of how the hashes are generated when using
> NTLMv2 protocol.  But that is a specific "issue" with upgrading your
> network, and does not imply that the latest jar does not support the
> protocol.

If you remove "probably", the above statement is mostly true :-)

Mike

-- 
Michael B Allen
Java Active Directory Integration
http://www.ioplex.com/


More information about the jcifs mailing list