Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

jcifs.http
Class NtlmHttpFilter

java.lang.Object
  extended byjcifs.http.NtlmHttpFilter
All Implemented Interfaces:
javax.servlet.Filter
public class NtlmHttpFilter
extends java.lang.Object
implements javax.servlet.Filter

This servlet Filter can be used to negotiate password hashes with MSIE clients using NTLM SSP. This is similar to Authentication: BASIC but weakly encrypted and without requiring the user to re-supply authentication credentials.

Read jCIFS NTLM HTTP Authentication and the Network Explorer Servlet for complete details.

Constructor Summary
NtlmHttpFilter()
           
 
Method Summary
 void destroy()
           
 void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)
          This method simply calls negotiate( req, resp, false ) and then chain.doFilter.
 javax.servlet.FilterConfig getFilterConfig()
           
 void init(javax.servlet.FilterConfig filterConfig)
           
protected  NtlmPasswordAuthentication negotiate(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp, boolean skipAuthentication)
          Negotiate password hashes with MSIE clients using NTLM SSP
 void setFilterConfig(javax.servlet.FilterConfig f)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

NtlmHttpFilter

public NtlmHttpFilter()
Method Detail

init

public void init(javax.servlet.FilterConfig filterConfig)
          throws javax.servlet.ServletException
Specified by:
init in interface javax.servlet.Filter
Throws:
javax.servlet.ServletException

destroy

public void destroy()
Specified by:
destroy in interface javax.servlet.Filter

doFilter

public void doFilter(javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response,
                     javax.servlet.FilterChain chain)
              throws java.io.IOException,
                     javax.servlet.ServletException
This method simply calls negotiate( req, resp, false ) and then chain.doFilter. You can override and call negotiate manually to achive a variety of different behavior.

Specified by:
doFilter in interface javax.servlet.Filter
Throws:
java.io.IOException
javax.servlet.ServletException

negotiate

protected NtlmPasswordAuthentication negotiate(javax.servlet.http.HttpServletRequest req,
                                               javax.servlet.http.HttpServletResponse resp,
                                               boolean skipAuthentication)
                                        throws java.io.IOException,
                                               javax.servlet.ServletException
Negotiate password hashes with MSIE clients using NTLM SSP

Parameters:
req - The servlet request
resp - The servlet response
skipAuthentication - If true the negotiation is only done if it is initiated by the client (MSIE post requests after successful NTLM SSP authentication). If false and the user has not been authenticated yet the client will be forced to send an authentication (server sends HttpServletResponse.SC_UNAUTHORIZED).
Returns:
True if the negotiation is complete, otherwise false
Throws:
java.io.IOException
javax.servlet.ServletException

setFilterConfig

public void setFilterConfig(javax.servlet.FilterConfig f)

getFilterConfig

public javax.servlet.FilterConfig getFilterConfig()
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD