Hi, I trying to get SSO work in my LAN. I have a simple servlet which on first request sends response back as 'WWW-Authenticate', the browser responde with a NTLM token, servlet againg sends something as a part of protocol....blah blah...... Finally it takes the token, parses it and extracts the userid, m/c name,domain etc. The servlet works fine in tomcat. When i port it to jboss/server/default/deploy......the communication hangs at a definite point. I also extracted the headers in the communication. Could not identify waht is going wrong exactly.
Down here are the servlet and the header files for the successful and failed comunication ------------------------------------------------------------------------------------- import java.io.*; import java.text.*; import java.util.*; import javax.servlet.*; import javax.servlet.http.*; import org.ietf.jgss.*; import org.apache.xerces.impl.dv.util.*; public class NtlmEmulator extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { String auth = request.getHeader("Authorization"); if (auth == null) { response.setStatus(response.SC_UNAUTHORIZED); response.setHeader("WWW-Authenticate", "NTLM"); System.out.println("#####1st step"); response.flushBuffer(); System.out.println("#####1st step comp"); return; } if (auth.startsWith("NTLM ")) { byte[] msg = new sun.misc.BASE64Decoder().decodeBuffer(auth.substring(5)); int off = 0, length, offset; String s; if (msg[8] == 1) { // first step of authentication off = 18; byte z = 0; byte[] msg1 = {(byte)'N', (byte)'T', (byte)'L', (byte)'M', (byte)'S', (byte)'S', (byte)'P', z, (byte)2, z, z, z, z, z, z, z, (byte)40, z, z, z, (byte)1, (byte)130, z, z, z, (byte)2, (byte)2, (byte)2, z, z, z, z, // this line is 'nonce' z, z, z, z, z, z, z, z}; // remove next lines if you want see the result of first step response.setStatus(response.SC_UNAUTHORIZED); response.setHeader("WWW-Authenticate", "NTLM " + new sun.misc.BASE64Encoder().encodeBuffer(msg1)); System.out.println("#####2nd step"); response.flushBuffer(); System.out.println("#####2nd complete"); return; } else if (msg[8] == 3) { // third step of authentization - takes long time, nod needed if zou care only for loginname off = 30; System.out.println("#####3rd tep step"); length = msg[off+17]*256 + msg[off+16]; offset = msg[off+19]*256 + msg[off+18]; s = new String(msg, offset, length); System.out.println(s); } else{ return; } length = msg[off+1]*256 + msg[off]; offset = msg[off+3]*256 + msg[off+2]; s = new String(msg, offset, length); System.out.println("length is "+s.length()+" "+(int)s.charAt(0)+"$"+(int)s.charAt(1)+"$"+(int)s.charAt(2)+"$"); StringBuffer sbDomain=new StringBuffer(); char c=(char)0; char[] charArr=new char[1]; charArr[0]=c; StringTokenizer st = new StringTokenizer(s,new String(charArr)); while (st.hasMoreTokens()) { // String token=st.nextToken(); // System.out.println("token "+token); sbDomain.append(st.nextToken()); } System.out.println(sbDomain); length = msg[off+9]*256 + msg[off+8]; offset = msg[off+11]*256 + msg[off+10]; s = new String(msg, offset, length); StringBuffer sbUserName=new StringBuffer(); StringTokenizer st1 = new StringTokenizer(s,new String(charArr)); while (st1.hasMoreTokens()) { sbUserName.append(st1.nextToken()); } System.out.println(sbUserName); } }//doget } ------------------------------------------------------------------------------------- SUCCESSFUL COMMUNICATION HEADERS GET /ntlm/ntlmservlet HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */* Accept-Language: en-us Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Host: localhost:8080 Connection: Keep-Alive HTTP/1.1 401 Unauthorized WWW-Authenticate: NTLM Content-Type: text/html;charset=ISO-8859-1 Content-Language: en-US Transfer-Encoding: chunked Date: Tue, 11 May 2004 05:42:09 GMT Server: Apache Coyote/1.0 GET /ntlm/ntlmservlet HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */* Accept-Language: en-us Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Host: localhost:8080 Connection: Keep-Alive Authorization: NTLM TlRMTVNTUAABAAAAB7IIoAYABgAvAAAADwAPACAAAABJTkQtU1BaNERYUDAwNDdNQVNURUs= HTTP/1.1 401 Unauthorized WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAAAAACgAAAABggAAAAICAgAAAAAAAAAAAAAAAA== GET /ntlm/ntlmservlet HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */* Accept-Language: en-us Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Host: localhost:8080 Connection: Keep-Alive Authorization: NTLM TlRMTVNTUAADAAAAGAAYAHoAAAAYABgAkgAAAAwADABAAAAAEAAQAEwAAAAeAB4AXAAAAAAAAACqAAAABYIAAE0AQQBTAFQARQBLAGsAcwBoAGkAdABpAGoAdQBJAE4ARAAtAFMAUABaADQARABYAFAAMAAwADQANwCbmhyFIdpmwOZWt640fv/CyRrW6CyUUhM4L2b6rZrP0U5MnsVusnCubZqH4HrHf6o= GET /ntlm/ntlmservlet HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */* Accept-Language: en-us Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Host: localhost:8080 Connection: Keep-Alive Authorization: NTLM TlRMTVNTUAADAAAAGAAYAHoAAAAYABgAkgAAAAwADABAAAAAEAAQAEwAAAAeAB4AXAAAAAAAAACqAAAABYIAAE0AQQBTAFQARQBLAGsAcwBoAGkAdABpAGoAdQBJAE4ARAAtAFMAUABaADQARABYAFAAMAAwADQANwCbmhyFIdpmwOZWt640fv/CyRrW6CyUUhM4L2b6rZrP0U5MnsVusnCubZqH4HrHf6o= HTTP/1.1 200 OK Content-Type: text/plain Content-Length: 0 Date: Tue, 11 May 2004 05:42:29 GMT Server: Apache Coyote/1.0 GET http://in.update.companion.yahoo.com/slv/v4/2.html?.pc=&.a=0&.ta=cgnone,ccnone,ciin,cv5_1_6,cp&.cv=1&.cs=p,dc2ef32fc4fb2885&t=349482546 HTTP/1.1 Accept: */* Cookie: B=0qqakq909k912&b=2; CP=v=50106&br=i User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Host: in.update.companion.yahoo.com Proxy-Connection: Keep-Alive Pragma: no-cache HTTP/1.1 407 Proxy Authentication Required ( The ISA Server requires authorization to fulfill the request. Access to the Web Proxy service is denied. ) Via:1.1 IND-SPZ7PXY001 Proxy-Authenticate: NTLM Proxy-Authenticate: Basic realm="ind-spz7pxy001.XYZ.com" Proxy-Authenticate: Kerberos Proxy-Authenticate: Negotiate Connection: close Proxy-Connection: close Pragma: no-cache Cache-Control: no-cache Content-Type: text/html Content-Length: 2376 GET http://in.update.companion.yahoo.com/slv/v4/2.html?.pc=&.a=0&.ta=cgnone,ccnone,ciin,cv5_1_6,cp&.cv=1&.cs=p,dc2ef32fc4fb2885&t=349482546 HTTP/1.1 Accept: */* Cookie: B=0qqakq909k912&b=2; CP=v=50106&br=i User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Host: in.update.companion.yahoo.com Proxy-Connection: Keep-Alive Pragma: no-cache Proxy-Authorization: NTLM TlRMTVNTUAABAAAAB7IIoAYABgAvAAAADwAPACAAAABJTkQtU1BaNERYUDAwNDdNQVNURUv= HTTP/1.1 407 Proxy Authentication Required ( Access is denied. ) Via:1.1 IND-SPZ7PXY001 Proxy-Authenticate: NTLM TlRMTVNTUAACAAAADAAMADgAAAAFgomirDHW4jxzDKcAAAAAAAAAAIIAggBEAAAABQCTCAAAAA9NAEEAUwBUAEUASwACAAwATQBBAFMAVABFAEsAAQAcAEkATgBEAC0AUwBQAFoANwBQAFgAWQAwADAAMQAEABQAbQBhAHMAdABlAGsALgBjAG8AbQADADIAaQBuAGQALQBzAHAAegA3AHAAeAB5ADAAMAAxAC4AbQBhAHMAdABlAGsALgBjAG8AbQAAAAAA Pragma: no-cache Cache-Control: no-cache Content-Type: text/html Content-Length: 0 GET http://in.update.companion.yahoo.com/slv/v4/2.html?.pc=&.a=0&.ta=cgnone,ccnone,ciin,cv5_1_6,cp&.cv=1&.cs=p,dc2ef32fc4fb2885&t=349482546 HTTP/1.1 Accept: */* Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAHoAAAAYABgAkgAAAAwADABAAAAAEAAQAEwAAAAeAB4AXAAAAAAAAACqAAAABYKIoG0AYQBzAHQAZQBrAGsAcwBoAGkAdABpAGoAdQBJAE4ARAAtAFMAUABaADQARABYAFAAMAAwADQANwDdaxsGGOW+MQAAAAAAAAAAAAAAAAAAAADzvIrM0li+Ew/iJqtpMB7UFKPF45yl64M= User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Host: in.update.companion.yahoo.com Proxy-Connection: Keep-Alive Pragma: no-cache Cookie: B=0qqakq909k912&b=2; CP=v=50106&br=i HTTP/1.1 200 OK Via: 1.0 IND-SPZ7PXY001 Connection: close Proxy-Connection: close Date: Tue, 11 May 2004 05:41:50 GMT Content-Type: text/html P3P: policyref="http://p3p.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV" Cache-Control: private ------------------------------------------------------------------------------------- FAILED COMMUNICATION HEADERS GET /ntlm/ntlmservlet HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */* Accept-Language: en-us Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Host: localhost:8080 Connection: Keep-Alive HTTP/1.1 401 Unauthorized WWW-Authenticate: NTLM Content-Type: text/html;charset=ISO-8859-1 Content-Language: en-US Transfer-Encoding: chunked Date: Tue, 11 May 2004 05:33:26 GMT Server: Apache Coyote/1.0 GET /ntlm/ntlmservlet HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */* Accept-Language: en-us Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Host: localhost:8080 Connection: Keep-Alive Authorization: NTLM TlRMTVNTUAABAAAAB7IIoAYABgAvAAAADwAPACAAAABJTkQtU1BaNERYUDAwNDdNQVNURUs= HTTP/1.1 401 Unauthorized WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAAAAACgAAAABggAAAAICAgAAAAAAAAAAAAAAAA== ------------------------------------------------------------------------------------- -theone View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3834407#3834407 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3834407 ------------------------------------------------------- This SF.Net email is sponsored by Sleepycat Software Learn developer strategies Cisco, Motorola, Ericsson & Lucent use to deliver higher performing products faster, at low TCO. http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3 _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user