Re: HttpClient 3.0 rc3 and NTLM logged on user credentials

Fri, 22 Jul 2005 02:44:53 -0700 

Brian,
This seems quite useful. We can accept such a contribution in the contrib package. You must however place the code under the ASF license. The restriction to Win32 platform is not a problem. I guess no other platform makes use of NTLM to authenticate users to the system anyway. 


We are completely aware of the fact that the current NTLM implementation 
is far from complete. The NTLM code is somewhat unmaintained due to lack 
of testing environment, overall NTLM knowledge - and implementing crypto 
protocols is really outside the scope of HttpClient. Ideally the actual 
NTLM code should be in a third-party library (like JCIFS, where it 
originally was taken from) and HttpClient should only have some glue 
code. That way the NTLM code would be maintained completely outside of 
HttpClient.



If you want better CIFS support we will happily accept contributions 
that modify HttpClient into using JCIFS instead.


Ortwin Glück

Brian Moran wrote:

Hi everyone; we had a need to authenticate using NTLM with the
default credentials of the logged-in user, and unfortunately the
HttpClient.Auth.NTLM module is expecting credentials to be supplied
in username / password form -- so we built a version of NTLM that
uses JNI through the Neon libraries to get the default credentials
(avoids someone having to type in their username and password if
they're already logged in).  NTLM has about a five line modification,
and there's a DLL (built from Neon mainly, with some JNI shim code)
that provides the native methods.

I'm not sure if this is of any use to anyone (certainly only works on
Win32 platforms), but it was sure handy for us. Is there a place for
it in the project? BTW, it also can take domain\username and a
password (if the logged-in-user's credentials are not good enough)
and generates the NTLM credentials in whatever form was negotiated
with the server. Again, that portion only works on Win32 platforms.

Where would this find a home?

PS. We found that HttpClient RC 3 (w/o the JNI provided credentials)
provides difficulty for   the 1.1.11 version of JCIFS, we're going to
try the 1.2.1 real soon now.


Thanks, Brian Moran Centeris Corporation



--
[web]  http://www.odi.ch/
[blog] http://www.odi.ch/weblog/
[pgp]  key 0x81CF3416
       finger print F2B1 B21F F056 D53E 5D79  A5AF 02BE 70F5 81CF 3416

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to