diff options
| -rw-r--r-- | ChangeLog | 2 | ||||
| -rw-r--r-- | java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java | 4 | ||||
| -rw-r--r-- | java/src/com/memberwebs/httpauth/servlet/ServletHttpAuthenticator.java | 4 |
3 files changed, 8 insertions, 2 deletions
@@ -1,6 +1,8 @@ 0.5.2 - Better messages when keepalives are not used with NTLM - Fix problems in java servlet authenticator [Ross Elliot] + - Disable NTLM via servlet and Jetty java authenticators (a custom one + which provides connection id info is needed). 0.5.1 - Fix problem with NTLM connection caching diff --git a/java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java b/java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java index bcca142..1b89436 100644 --- a/java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java +++ b/java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java @@ -102,7 +102,9 @@ public class JettyHttpAuthenticator try { - user = authenticateRequest(request, response, "XXX", request.getMethod(), + // Connection ID is random. This prevents NTLM from working :( + String connid = "" + Math.random(); + user = authenticateRequest(request, response, connid, request.getMethod(), request.getURI().toString(), authtypes); } catch(HttpAuthException e) diff --git a/java/src/com/memberwebs/httpauth/servlet/ServletHttpAuthenticator.java b/java/src/com/memberwebs/httpauth/servlet/ServletHttpAuthenticator.java index be4902f..da1edee 100644 --- a/java/src/com/memberwebs/httpauth/servlet/ServletHttpAuthenticator.java +++ b/java/src/com/memberwebs/httpauth/servlet/ServletHttpAuthenticator.java @@ -114,7 +114,9 @@ public class ServletHttpAuthenticator try { - return authenticateRequest(req, resp, "XXX", method, uri, authtypes); + // Connection ID is random. This prevents NTLM from working :( + String connid = "" + Math.random(); + return authenticateRequest(req, resp, connid, method, uri, authtypes); } catch(HttpAuthException e) { |