jakarta-cactus-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Lenz <cml...@gmx.de>
Subject Re: NTLMAuthentication
Date Fri, 16 Apr 2004 09:35:56 GMT
I would have suggested HttpServletRequestWrapper#setRemoteUser, but  
that won't work for code that uses getUserPrincipal() :-(

We probably should return a simulated user principal object when the  
remote user name is simulated? But we aren't doing that currently.

However, you probably are expecting a specific subtype of Principal in  
your code, right?

In that case you'd be right that you'd need to create a  
NTLMAuthentication class and plug it into Cactus. Note that the  
underlying Commons-HttpClient library does actually support NTLM, but  
the HttpClient-API isn't directly exposed in Cactus so accessing the  
NTLM functionality might require a hack or some refactoring of Cactus  
that is actually on the TODO plan.

Cheers,
Chris

Am 16.04.2004 um 10:40 schrieb Vincent Massol:
> Hi Mike,
>
> But you can get this by using any authentication mechanism (for ex by
> using the BASIC authentication)? From the application's point of view  
> it
> would be exactly the same.
>
> -Vincent
>
>> -----Original Message-----
>> From: mike.raath@barclayscapital.com
>> [mailto:mike.raath@barclayscapital.com]
>> Sent: 16 April 2004 09:29
>> To: cactus-user@jakarta.apache.org
>> Subject: RE: NTLMAuthentication
>>
>> Because the application needs to know the identity of the user -
> something
>> that jCIFS provides via its extended HttpServletRequest class's
>> implementation of getUserPrincipal().
>>
>> There is validation in the application to ensure that only valid users
>> view
>> the resources (ie users in an LDAP group).
>>
>> -----Original Message-----
>> From: Vincent Massol [mailto:vmassol@pivolis.com]
>> Sent: 15 April 2004 22:01
>> To: 'Cactus Users List'
>> Subject: RE: NTLMAuthentication
>>
>>
>> Hi Mike,
>>
>> I have personally no knowledge of NTLM. I can only suggest disabling
> the
>> filter.
>>
>> Could you please elaborate on the reasons why you will not be able to
> full
>> test your application?
>>
>> Thanks
>> -Vincent
>>
>>> -----Original Message-----
>>> From: mike.raath@barclayscapital.com
>>> [mailto:mike.raath@barclayscapital.com]
>>> Sent: 15 April 2004 10:17
>>> To: cactus-user@jakarta.apache.org
>>> Subject: NTLMAuthentication
>>>
>>> Has anyone managed to write an NTLMAuthentication class extending
>>> AbstractAuthentication? I'm using jCIFS on a corporate intranet (so
> we
>>> have single sign-on) but when running the unit tests authentication
>>> fails because
>>> of the jCIFS filter. I can obviously disable the filter, but then I
>> can't
>>> fully test other aspects of the application.
>>>
>>> Alternatively, can anyone suggest to me a better alternative?
>>>
>>> Mike
>>>
>>>
>>>
>>
> ----------------------------------------------------------------------- 
> -
>>> For more information about Barclays Capital, please
>>> visit our web site at http://www.barcap.com.
>>>
>>>
>>> Internet communications are not secure and therefore the Barclays
>>> Group does not accept legal responsibility for the contents of this
>>> message.  Although the Barclays Group operates anti-virus
> programmes,
>>> it does not accept responsibility for any damage whatsoever that is
>>> caused by viruses being passed.  Any views or opinions presented are
>>> solely those of the author and do not necessarily represent those of
>> the
>>> Barclays Group.  Replies to this email may be monitored by the
>> Barclays
>>> Group for operational or business reasons.
>>>
>>>
>>
> ----------------------------------------------------------------------- 
> -
>>>
>>>
>>>
> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: cactus-user-unsubscribe@jakarta.apache.org
>>> For additional commands, e-mail: cactus-user-help@jakarta.apache.org
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: cactus-user-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail: cactus-user-help@jakarta.apache.org
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: cactus-user-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail: cactus-user-help@jakarta.apache.org
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: cactus-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: cactus-user-help@jakarta.apache.org
>
>
--
Christopher Lenz
/=/ cmlenz at gmx.de


Mime
View raw message