I cannot contribute the code, but I can describe the basic use
When initializing the ApacheDS server, which we did in code, not in a config
file:
NtlmMechanismHandler ntlmMechanismHandler = new NtlmMechanismHandler();
ntlmMechanismHandler.setNtlmProvider(new JcifsNtlmProvider());
ldapServer.removeSaslMechanismHandler(SupportedSaslMechanisms.NTLM);
ldapServer.addSaslMechanismHandler(SupportedSaslMechanisms.NTLM,
ntlmMechanismHandler);
ldapServer.removeSaslMechanismHandler(SupportedSaslMechanisms.GSS_SPNEGO);
ldapServer.addSaslMechanismHandler(SupportedSaslMechanisms.GSS_SPNEGO,
ntlmMechanismHandler);
Then in generateChallenge we created a Type2Message message from the type1
bytes using JCIFS
Getting the serverNonce from code like
http://www.jarvana.com/jarvana/view/com/liferay/portal/portal-impl/6.0.3/portal-impl-6.0.3-sources.jar!/com/liferay/portal/security/ntlm/NetlogonConnection.java?format=ok
Then authenticate uses code similar the logon function in
http://www.jarvana.com/jarvana/view/com/liferay/portal/portal-impl/6.0.2/portal-impl-6.0.2-sources.jar!/com/liferay/portal/security/ntlm/Netlogon.java?format=ok
-----Original Message-----
From: Antoine Levy-Lambert [mailto:[email protected]]
Sent: Friday, November 12, 2010 6:17 AM
To: [email protected]
Subject: Re: Passthrough authentication with Apache Directory Server
Hi,
I would also be interested to see (and reuse) this code.
Regards,
Antoine
On 11/12/2010 4:44 AM, Kiran Ayyagari wrote:
> hi Steven,
>
> On Fri, Nov 12, 2010 at 10:24 AM, Hammond, Steven
> <[email protected]> wrote:
>> It is kindof implemented. We are using it with 1.5.3, but we had to write
>> our own JcifsNtlmInterceptor
> Is there any chance that you (with your organization) would consider
> to contribute this code to ApacheDS?
>
> Kiran Ayyagari
