diff options
author | Stef Walter <stef@memberwebs.com> | 2006-06-07 01:43:57 +0000 |
---|---|---|
committer | Stef Walter <stef@memberwebs.com> | 2006-06-07 01:43:57 +0000 |
commit | 6b0196e20088046fd0f3f248a1e68cb69912d944 (patch) | |
tree | 6550e6c1ea6497e936217f437e36a6b898db989d | |
parent | 2345f652530d51eeedcfa83bc637bc3adb5b3fad (diff) |
- Disable NTLM via servlet and Jetty java authenticators (a custom one
which provides connection id info is needed).
-rw-r--r-- | ChangeLog | 2 | ||||
-rw-r--r-- | java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java | 4 | ||||
-rw-r--r-- | java/src/com/memberwebs/httpauth/servlet/ServletHttpAuthenticator.java | 4 |
3 files changed, 8 insertions, 2 deletions
@@ -1,6 +1,8 @@ 0.5.2 - Better messages when keepalives are not used with NTLM - Fix problems in java servlet authenticator [Ross Elliot] + - Disable NTLM via servlet and Jetty java authenticators (a custom one + which provides connection id info is needed). 0.5.1 - Fix problem with NTLM connection caching diff --git a/java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java b/java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java index bcca142..1b89436 100644 --- a/java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java +++ b/java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java @@ -102,7 +102,9 @@ public class JettyHttpAuthenticator try { - user = authenticateRequest(request, response, "XXX", request.getMethod(), + // Connection ID is random. This prevents NTLM from working :( + String connid = "" + Math.random(); + user = authenticateRequest(request, response, connid, request.getMethod(), request.getURI().toString(), authtypes); } catch(HttpAuthException e) diff --git a/java/src/com/memberwebs/httpauth/servlet/ServletHttpAuthenticator.java b/java/src/com/memberwebs/httpauth/servlet/ServletHttpAuthenticator.java index be4902f..da1edee 100644 --- a/java/src/com/memberwebs/httpauth/servlet/ServletHttpAuthenticator.java +++ b/java/src/com/memberwebs/httpauth/servlet/ServletHttpAuthenticator.java @@ -114,7 +114,9 @@ public class ServletHttpAuthenticator try { - return authenticateRequest(req, resp, "XXX", method, uri, authtypes); + // Connection ID is random. This prevents NTLM from working :( + String connid = "" + Math.random(); + return authenticateRequest(req, resp, connid, method, uri, authtypes); } catch(HttpAuthException e) { |