From 8135e62aa423f7ae08b2cbfcccf4a634ae0cb122 Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Tue, 3 Oct 2006 11:05:14 +0000 Subject: - In the Jetty authenticator generate a unique authentication identifier which facilitates NTLM authentication --- .../httpauth/jetty/JettyHttpAuthenticator.java | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) (limited to 'java/src/com/memberwebs') diff --git a/java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java b/java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java index 1b89436..0bf826d 100644 --- a/java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java +++ b/java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java @@ -100,11 +100,25 @@ public class JettyHttpAuthenticator String user = null; + // Build a unique and consistent Connection ID so that NTLM works + Object obj = request.getHttpConnection().getObject(); + if(obj == null) + { + obj = "" + Math.random(); + request.getHttpConnection().setObject(obj); + } + + StringBuffer connid = new StringBuffer(32); + connid.append(obj.toString()); + connid.append(":"); + connid.append(obj.hashCode()); + connid.append(":"); + connid.append(request.getHttpConnection().hashCode()); + try { - // Connection ID is random. This prevents NTLM from working :( - String connid = "" + Math.random(); - user = authenticateRequest(request, response, connid, request.getMethod(), + // Send off to httpauth for authentication + user = authenticateRequest(request, response, connid.toString(), request.getMethod(), request.getURI().toString(), authtypes); } catch(HttpAuthException e) -- cgit v1.2.3