From 8135e62aa423f7ae08b2cbfcccf4a634ae0cb122 Mon Sep 17 00:00:00 2001
From: Stef Walter <stef@memberwebs.com>
Date: Tue, 3 Oct 2006 11:05:14 +0000
Subject:   - In the Jetty authenticator generate a unique authentication
 identifier     which facilitates NTLM authentication

---
 .../httpauth/jetty/JettyHttpAuthenticator.java       | 20 +++++++++++++++++---
 1 file changed, 17 insertions(+), 3 deletions(-)

(limited to 'java/src')

diff --git a/java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java b/java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java
index 1b89436..0bf826d 100644
--- a/java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java
+++ b/java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java
@@ -100,11 +100,25 @@ public class JettyHttpAuthenticator
 
         String user = null;
 
+        // Build a unique and consistent Connection ID so that NTLM works
+        Object obj = request.getHttpConnection().getObject();
+        if(obj == null)
+        {
+        	obj = "" + Math.random();
+        	request.getHttpConnection().setObject(obj);
+        }
+
+        StringBuffer connid = new StringBuffer(32);
+        connid.append(obj.toString());
+        connid.append(":");
+        connid.append(obj.hashCode());
+        connid.append(":");
+        connid.append(request.getHttpConnection().hashCode());
+
         try
         {
-            // Connection ID is random. This prevents NTLM from working :(
-            String connid = "" + Math.random();
-            user = authenticateRequest(request, response, connid, request.getMethod(),
+        	// Send off to httpauth for authentication
+            user = authenticateRequest(request, response, connid.toString(), request.getMethod(),
                                        request.getURI().toString(), authtypes);
         }
         catch(HttpAuthException e)
-- 
cgit v1.2.3