[
https://jira.nuxeo.org/browse/NXP-5599?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Florent Guillaume updated NXP-5599:
-----------------------------------
Description:
Christophe Capon wrote:
This class prevents the standard NuxeoAuthenticationFilter to cache the user
identity
returned by NTLM authentication. It is necessary for NTLM to work with WSS,
since
MSOffice applications post several NTLMSSP_NEGOTIATE and are waiting for the
401 Unauthorized
response. When caching is activated, the standard NuxeoAuthenticationFilter
recognizes the
user previously identified with NTLM and forwards the request to the servlet.
Since the request is a /_vti_bin/.... the servlet fails.
All /_vti_bin/* requests are forwarded to this filter instead of
NuxeoAuthenticationFilter.
When a negotiation is issued by MSOffice, it removes the cached identity, and
therefore forces
the NTLMAuthenticato to issue the challenge again.
was:
This class prevents the standard NuxeoAuthenticationFilter to cache the user
identity
returned by NTLM authentication. It is necessary for NTLM to work with WSS,
since
MSOffice applications post several NTLMSSP_NEGOTIATE and are waiting for the
401 Unauthorized
response. When caching is activated, the standard NuxeoAuthenticationFilter
recognizes the
user previously identified with NTLM and forwards the request to the servlet.
Since the request is a /_vti_bin/.... the servlet fails.
All /_vti_bin/* requests are forwarded to this filter instead of
NuxeoAuthenticationFilter.
When a negotiation is issued by MSOffice, it removes the cached identity, and
therefore forces
the NTLMAuthenticato to issue the challenge again.
> NTLM authentication for MSOffice WSS protocol
> ---------------------------------------------
>
> Key: NXP-5599
> URL: https://jira.nuxeo.org/browse/NXP-5599
> Project: Nuxeo Enterprise Platform
> Issue Type: New Feature
> Reporter: Florent Guillaume
> Fix For: 5.4
>
> Attachments: ntlm-auth-config.xml, nuxeo-platform-login-ntlm.diff,
> nuxeo-platform-wss-backend.diff
>
>
> Christophe Capon wrote:
> This class prevents the standard NuxeoAuthenticationFilter to cache the user
> identity
> returned by NTLM authentication. It is necessary for NTLM to work with WSS,
> since
> MSOffice applications post several NTLMSSP_NEGOTIATE and are waiting for the
> 401 Unauthorized
> response. When caching is activated, the standard NuxeoAuthenticationFilter
> recognizes the
> user previously identified with NTLM and forwards the request to the servlet.
> Since the request is a /_vti_bin/.... the servlet fails.
> All /_vti_bin/* requests are forwarded to this filter instead of
> NuxeoAuthenticationFilter.
> When a negotiation is issued by MSOffice, it removes the cached identity, and
> therefore forces
> the NTLMAuthenticato to issue the challenge again.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.nuxeo.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
ECM-tickets mailing list
[email protected]
http://lists.nuxeo.com/mailman/listinfo/ecm-tickets
