Forums Register Login

After adding servlet filter to check NTLM, form POST returns null parameters

+Pie Number of slices to send: Send
After adding in a servlet filter to check NTLM for a username and add to the session, all of my forms that sent via the POST method all return null parameters (retrieved with request.getParameter(paramName);). If I switch the form to use GET and change no other portion of the code, I am able to retrieve the parameters without issue. Also, if I remove the session filter I am also able to retrieve the parameters from either post or get.

I assume the issue is happening in some way because of the handshake required by the NTLM process in the session filter as I have used other session filters without issue in the past, but I'm not sure how to resolve this. Any help is greatly appreciated.

here is my session filter ntlm code (mind you that this does work in capturing the NTLM information and sets it to the session without issue):



Thanks for the help,
Tom
+Pie Number of slices to send: Send
oh yea, and just to mention this example is using Struts 1.3.9 but I have also tried this with just plain jsp and no framework and had the same results.
+Pie Number of slices to send: Send
Ok, I finally figured it out - turns out that IE is a real pain when it comes to NTLM and POST. Basically it wont accept anything in the post after an ntlm transaction unless that same transaction happens every time.. so here's my modified filter that works with ntlm and form post (since there's really no place I've found this elsewhere). mind you that I now understand that this is not the most secure way to do the transaction and its recommended to use ntlmv2, but its educational either way



Then in my web.xml I have to set the filter mapping as:


That way it is processed through every request on every page - ensuring that the ntlm check is performed and allows the page to submit data in the POST.


hope this helps someone.
Get out of my mind! Look! A tiny ad!
a bit of art, as a gift, the permaculture playing cards
https://gardener-gift.com


reply
reply
This thread has been viewed 6551 times.
Similar Threads
Windows Authentication Using Tomcat 5.0
NT user
redirect problem
NTLM Issue:retrieving username from active directory
user name from HttpServletRequest is null
More...

All times above are in ranch (not your local) time.
The current ranch time is
Mar 28, 2024 19:10:25.