Package jcifs.smb1.http
Class NtlmHttpFilter
- java.lang.Object
-
- jcifs.smb1.http.NtlmHttpFilter
-
- All Implemented Interfaces:
javax.servlet.Filter
public class NtlmHttpFilter extends Object implements javax.servlet.Filter
This servlet Filter can be used to negotiate password hashes with MSIE clients using NTLM SSP. This is similar to Authentication: BASIC but weakly encrypted and without requiring the user to re-supply authentication credentials.Read jCIFS NTLM HTTP Authentication and the Network Explorer Servlet for complete details.
-
-
Constructor Summary
Constructors Constructor Description NtlmHttpFilter()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
destroy()
void
doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)
This method simply calls negotiate( req, resp, false ) and then chain.doFilter.javax.servlet.FilterConfig
getFilterConfig()
void
init(javax.servlet.FilterConfig filterConfig)
protected NtlmPasswordAuthentication
negotiate(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp, boolean skipAuthentication)
Negotiate password hashes with MSIE clients using NTLM SSPvoid
setFilterConfig(javax.servlet.FilterConfig f)
-
-
-
Method Detail
-
init
public void init(javax.servlet.FilterConfig filterConfig) throws javax.servlet.ServletException
- Specified by:
init
in interfacejavax.servlet.Filter
- Throws:
javax.servlet.ServletException
-
destroy
public void destroy()
- Specified by:
destroy
in interfacejavax.servlet.Filter
-
doFilter
public void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain) throws IOException, javax.servlet.ServletException
This method simply calls negotiate( req, resp, false ) and then chain.doFilter. You can override and call negotiate manually to achive a variety of different behavior.- Specified by:
doFilter
in interfacejavax.servlet.Filter
- Throws:
IOException
javax.servlet.ServletException
-
negotiate
protected NtlmPasswordAuthentication negotiate(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp, boolean skipAuthentication) throws IOException, javax.servlet.ServletException
Negotiate password hashes with MSIE clients using NTLM SSP- Parameters:
req
- The servlet requestresp
- The servlet responseskipAuthentication
- If true the negotiation is only done if it is initiated by the client (MSIE post requests after successful NTLM SSP authentication). If false and the user has not been authenticated yet the client will be forced to send an authentication (server sends HttpServletResponse.SC_UNAUTHORIZED).- Returns:
- True if the negotiation is complete, otherwise false
- Throws:
IOException
javax.servlet.ServletException
-
setFilterConfig
public void setFilterConfig(javax.servlet.FilterConfig f)
-
getFilterConfig
public javax.servlet.FilterConfig getFilterConfig()
-
-