Yes, it works (-ish) with request.tomcatAuthentication=false,
but despite of what the switch should do, the Tomcat is still
Requesting a full groups-list from the DC / AD every time, even if the
IIS has already done the auth. On big systems this creates a not
bearable
network load and delay.
Have you tried the setting in jk2.proprties
#gets tomcat to obtain authentication from jk which gets from IIS
request.tomcatAuthentication=false
-lp
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Monday, 8 March 2004 10:23 PM
To: [EMAIL PROTECTED]
String strAuth = request.getHeader(Authorization);
if (strAuth == null)
{
response.setStatus(response.SC_UNAUTHORIZED);
response.setHeader(WWW-Authenticate, NTLM);
return;
}
If i return a JSP page with status UNAUTHORIZED, then subsequent POST
request will quit working.
If i do the above step, client returns NTLM authorization header and
client is authenticated at step 6.
No. step 3 the client only send the message contains the host name and
the NT domain name of the client. The client is not authenticated at
this stage! It requires a further challenge
Im validating the credentials sent by the IE(Step 3 to Step 6).
Successfully got the username and domain name.
OK so if I understand you correctly, you are completing step 6 of the
NTLM authentication and have returned a HTTP 200 back to IE?
Then I will display a form to user in which his
Im using NTLM authentication to authenticate the user in the
intranet.
After authenticating the user the Post request stops working.
The content-length in the request is zero.
Not sure what you mean by the 'post request' has stopped working. Do you
mean tomcat stops accepting HTTP posts
String strAuth = request.getHeader(Authorization);
if (strAuth == null)
{
response.setStatus(response.SC_UNAUTHORIZED);
response.setHeader(WWW-Authenticate, NTLM);
return;
}
After executing the above part of the code, Internet Explorer returns
the
NTLM credentials of the user