From 6b0196e20088046fd0f3f248a1e68cb69912d944 Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Wed, 7 Jun 2006 01:43:57 +0000 Subject: - Disable NTLM via servlet and Jetty java authenticators (a custom one which provides connection id info is needed). --- java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java | 4 +++- .../src/com/memberwebs/httpauth/servlet/ServletHttpAuthenticator.java | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) (limited to 'java') diff --git a/java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java b/java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java index bcca142..1b89436 100644 --- a/java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java +++ b/java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java @@ -102,7 +102,9 @@ public class JettyHttpAuthenticator try { - user = authenticateRequest(request, response, "XXX", request.getMethod(), + // Connection ID is random. This prevents NTLM from working :( + String connid = "" + Math.random(); + user = authenticateRequest(request, response, connid, request.getMethod(), request.getURI().toString(), authtypes); } catch(HttpAuthException e) diff --git a/java/src/com/memberwebs/httpauth/servlet/ServletHttpAuthenticator.java b/java/src/com/memberwebs/httpauth/servlet/ServletHttpAuthenticator.java index be4902f..da1edee 100644 --- a/java/src/com/memberwebs/httpauth/servlet/ServletHttpAuthenticator.java +++ b/java/src/com/memberwebs/httpauth/servlet/ServletHttpAuthenticator.java @@ -114,7 +114,9 @@ public class ServletHttpAuthenticator try { - return authenticateRequest(req, resp, "XXX", method, uri, authtypes); + // Connection ID is random. This prevents NTLM from working :( + String connid = "" + Math.random(); + return authenticateRequest(req, resp, connid, method, uri, authtypes); } catch(HttpAuthException e) { -- cgit v1.2.3