• Post Reply Bookmark Topic Watch Topic
  • New Topic

NT Authentication problem  RSS feed

 
Sudheera Liyanage
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have a problem when getting NT logged-in user.
I am using bellow code to get NT user id. When I access the web site using "http://PCNAME..... " or "http://localhost/...", it's working fine.
But if I use IP address, browser prompts Usename/ password dialog box. I can enter any username/password there.(Not authenticate correctly).
(I am using local server for testing)
Please help me on this problem.
private static final boolean authenticateUser(HttpServletRequest request, HttpServletResponse response)
throws Exception{
System.out.println("Inside authenticateUser()....................");
try {
String auth = request.getHeader("Authorization");
if (auth == null) {
response.setContentLength(0);
response.setStatus(response.SC_UNAUTHORIZED);
response.setHeader("WWW-Authenticate", "NTLM");
return false;
}
if (!auth.startsWith("NTLM ")) {
throw new Exception("authenticateUser:Cannot authenticate user");
}
byte[] msg = new sun.misc.BASE64Decoder().decodeBuffer(auth.substring(5));
// Step 1: Negotiation message received
if (msg[8] == 1) {
// Send challenge message (Step 2)
response.setContentLength(2);
response.setStatus(response.SC_UNAUTHORIZED);
response.setHeader("WWW-Authenticate", "NTLM " + new sun.misc.BASE64Encoder().encodeBuffer(CHALLENGE_MESSAGE));
return false;
}
// Step 3: Authentication message received
if (msg[8] == 3) {
int off = 30;
int length, offset;
length = (msg[off+1]<<8) + msg[off];
offset = (msg[off+3]<<8) + msg[off+2];
String domain = removeBlanks(new String(msg, offset, length));
length = (msg[off+9]<<8) + msg[off+8];
offset = (msg[off+11]<<8) + msg[off+10];
String user = removeBlanks(new String(msg, offset, length));
length = (msg[off+17]<<8) + msg[off+16];
offset = (msg[off+19]<<8) + msg[off+18];
String ws = removeBlanks(new String(msg, offset, length));
System.out.println("Domain: " + domain + "<br>");
System.out.println("Username: " + user + "<br>");
System.out.println("Workstation: " + ws + "<br>");
request.getSession().setAttribute("user", user);
return true;
}
else {
throw new Exception("authenticateUser:Cannot authenticate user");
}
}
catch (Throwable ex){
throw new Exception("authenticateUser:" + ex.getMessage());
}
}//aut
Sudheera
[ March 08, 2003: Message edited by: Sudheera Liyanage ]
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!