jcifs.http
Class NtlmHttpFilter
java.lang.Object
jcifs.http.NtlmHttpFilter
- All Implemented Interfaces:
- javax.servlet.Filter
- public class NtlmHttpFilter
- extends java.lang.Object
- implements javax.servlet.Filter
This servlet Filter can be used to negotiate password hashes with
MSIE clients using NTLM SSP. This is similar to Authentication:
BASIC but weakly encrypted and without requiring the user to re-supply
authentication credentials.
Read jCIFS NTLM HTTP Authentication and the Network Explorer Servlet for complete details.
Method Summary |
void |
destroy()
|
void |
doFilter(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain chain)
This method simply calls negotiate( req, resp, false )
and then chain.doFilter. |
javax.servlet.FilterConfig |
getFilterConfig()
|
void |
init(javax.servlet.FilterConfig filterConfig)
|
protected NtlmPasswordAuthentication |
negotiate(javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse resp,
boolean skipAuthentication)
Negotiate password hashes with MSIE clients using NTLM SSP |
void |
setFilterConfig(javax.servlet.FilterConfig f)
|
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
NtlmHttpFilter
public NtlmHttpFilter()
init
public void init(javax.servlet.FilterConfig filterConfig)
throws javax.servlet.ServletException
- Specified by:
init
in interface javax.servlet.Filter
- Throws:
javax.servlet.ServletException
destroy
public void destroy()
- Specified by:
destroy
in interface javax.servlet.Filter
doFilter
public void doFilter(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain chain)
throws java.io.IOException,
javax.servlet.ServletException
- This method simply calls negotiate( req, resp, false )
and then chain.doFilter. You can override and call
negotiate manually to achive a variety of different behavior.
- Specified by:
doFilter
in interface javax.servlet.Filter
- Throws:
java.io.IOException
javax.servlet.ServletException
negotiate
protected NtlmPasswordAuthentication negotiate(javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse resp,
boolean skipAuthentication)
throws java.io.IOException,
javax.servlet.ServletException
- Negotiate password hashes with MSIE clients using NTLM SSP
- Parameters:
req
- The servlet requestresp
- The servlet responseskipAuthentication
- If true the negotiation is only done if it is
initiated by the client (MSIE post requests after successful NTLM SSP
authentication). If false and the user has not been authenticated yet
the client will be forced to send an authentication (server sends
HttpServletResponse.SC_UNAUTHORIZED).
- Returns:
- True if the negotiation is complete, otherwise false
- Throws:
java.io.IOException
javax.servlet.ServletException
setFilterConfig
public void setFilterConfig(javax.servlet.FilterConfig f)
getFilterConfig
public javax.servlet.FilterConfig getFilterConfig()