No problem Bryan. Glad I can help. Let me know if you hit a problem. Josh
-----Original Message----- From: Bryan Montgomery [mailto:mo...@english.net] Sent: Wednesday, March 24, 2010 8:22 PM To: users@wicket.apache.org Subject: Re: Help with integrating NTLM in wicket application oops, sorry Josh. I appreciate your hlelp. I _meant_ to say pointed me in the RIGHT direction. Brain and fingers weren't connecting as I was trying to finish sending before leaving the office! Though this looks like it will be cleaner than what I currently have, thanks again. On Wed, Mar 24, 2010 at 8:49 PM, Josh Chappelle <jchappe...@4redi.com>wrote: > Bryan, > > Sorry for pointing you in the wrong direction. Below is the NTLMPage that > we > use. Notice that it redirects the user to the login page if it can't log > them in through NTLM. I hope this helps. > > import java.io.IOException; > > import javax.servlet.http.*; > > import jcifs.ntlmssp.Type3Message; > import jcifs.util.Base64; > > import org.apache.wicket.RestartResponseAtInterceptPageException; > import org.apache.wicket.markup.html.WebPage; > import org.apache.wicket.protocol.http.WebRequest; > import > org.apache.wicket.protocol.http.servlet.AbortWithHttpStatusException; > > > public class NTLMPage extends WebPage > { > public NTLMPage() > { > HttpServletRequest request = > ((WebRequest)getRequest()).getHttpServletRequest(); > HttpServletResponse response = > getWebRequestCycle().getWebResponse().getHttpServletResponse(); > String auth = request.getHeader("Authorization"); > MySession session = MySession.get(); > setStatelessHint(true); > > if (auth == null) > { > setRedirect(false); > response.setHeader("WWW-Authenticate", "NTLM"); > throw new AbortWithHttpStatusException(401, false); > > } > if (auth.startsWith("NTLM ")) > { > byte[] msg; > try > { > msg = new > sun.misc.BASE64Decoder().decodeBuffer(auth.substring(5)); > > if (msg[8] == 1) > { > byte z = 0; > byte[] msg1 = > {(byte)'N', (byte)'T', (byte)'L', > (byte)'M', (byte)'S', > (byte)'S', > (byte)'P', z, > (byte)2, z, z, z, z, > z, z, z, > (byte)40, z, z, z, > (byte)1, (byte)2, (byte)8, z, > z, (byte)2, (byte)2, > (byte)2, z, z, z, z, > z, z, z, z, z, z, z, > z}; > setRedirect(false); > > response.setHeader("WWW-Authenticate", "NTLM " + new > sun.misc.BASE64Encoder().encodeBuffer(msg1).trim()); > throw new > AbortWithHttpStatusException(401, false); > > } > else if (msg[8] == 3) > { > getSession().bind(); > final Type3Message type3msg = new > Type3Message(Base64.decode(auth.substring(5))); > if(type3msg.getUser() != null) > { > User user = new UserImpl(); > > user.setUserName(type3msg.getUser()); > > session.setDomain(type3msg.getDomain()); > > session.setHostname(type3msg.getWorkstation()); > session.setUser(user); > } > } > } > catch (IOException e) > { > e.printStackTrace(); > } > > } > if(session.getUser() == null) > { > setResponsePage(LoginPage.class); > } > else > { > setRedirect(false); > throw new > RestartResponseAtInterceptPageException(HomePage.class); > } > } > > @Override > public boolean isVersioned() > { > return false; > } > } > -----Original Message----- > From: Bryan Montgomery [mailto:mo...@english.net] > Sent: Wednesday, March 24, 2010 3:31 PM > To: users@wicket.apache.org > Subject: Re: Help with integrating NTLM in wicket application > > Thanks, this pointed me in the wrong direction. I then ended up calling > this > from within the onBeforeRender method to get it to handle the redirect > correctly on login. Another issue was that I was calling another part of > the > code and should have been calling AuthenticatedWebSession.get().signIn > > So, what I was now trying is to have the login process handle the situation > when a windows / ntlm userid is not found and fall back to the 'legacy' > form > based log in. > > I am able to display the form, however, the form post never seems to work. > Checking the source code of the html sent to the browser, the form is > defined there, and if I construct a url with the form fields it works, and > the fields are available inside the wicket code. But they're not there when > I post the form. > > If I set a property to ignore the ntlm process and start with a new > browser, > the login form works fine. > > Any thoughts? I guess I'll try and compare the html generated to see if > there is any difference. I'll also double check the program flow if the > ntlm > is called but the authentication fails. > > Thanks - Bryan. > > On Sun, Mar 21, 2010 at 9:17 PM, Josh Chappelle <jchappe...@4redi.com > >wrote: > > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org