Re: Struts 2 Weblogic and NTLM
Ok i found out what was going wrong. I used the sun package to encode "new sun.misc.BASE64Encoder().encodeBuffer(msg1)" I replaced it with a class I got from http://iharder.net/base64 and it works fine now. I did not know sun.* apis are not supposed to be used dgv123 wrote: > > I am attaching a WAR file which uses code to obtain the user id via NTLM. > This code works fine on Tomcat and Weblogic 9.2 on unix (if i do not use > in the Home.jsp - I do not know why that breaks > http://www.nabble.com/file/p16032835/NTLM1.war NTLM1.war ) > > This WAR does not work on Weblogic 9.2 Windows 2000 as i get the following > error > Header:WWW-Authenticate Cannot contain CRLF Charcters > > Here is the code in the Action class. > *** > package com.dgv.actions; > > import java.util.Map; > > import javax.servlet.http.HttpServletRequest; > import javax.servlet.http.HttpServletResponse; > > import org.apache.struts2.interceptor.ServletRequestAware; > import org.apache.struts2.interceptor.ServletResponseAware; > import org.apache.struts2.interceptor.SessionAware; > > import com.dgv.security.NTLMLogin; > import com.dgv.util.Util; > import com.opensymphony.xwork2.ActionSupport; > import com.opensymphony.xwork2.Preparable; > > public class BaseAction extends ActionSupport > implements SessionAware, ServletRequestAware, ServletResponseAware, > Preparable{ > >private Map session; >private HttpServletRequest request; >private HttpServletResponse response; > > public void setSession(Map arg0) { > this.session = arg0; > } > > > > public void setServletRequest(HttpServletRequest arg0) { > // TODO Auto-generated method stub > this.request = arg0; > } > public HttpServletRequest getServletRequest() { > // TODO Auto-generated method stub > return request; > } > > > > public void prepare() throws Exception { > > System.out.println("Entered Prepare Method"); > String auth = request.getHeader("Authorization"); > if (auth == null) { > System.out.println("Inside Null"); > response.setStatus(response.SC_UNAUTHORIZED); > response.setHeader("WWW-Authenticate", "NTLM"); > return; > } > System.out.println("outside Null"); > if (auth.startsWith("NTLM ")) { > byte[] msg = new > sun.misc.BASE64Decoder().decodeBuffer(auth.substring(5)); > int off = 30, length=0, offset; > String s; > > if (msg[8] == 1) { // first step of authentication > off = 18; > > // this part is for full hand-shaking, just tested, didn't care > about > result passwords > byte z = 0; > byte[] msg1 = {(byte)'N', (byte)'T', (byte)'L', (byte)'M', > (byte)'S', > (byte)'S', (byte)'P', z, > (byte)2, z, z, z, z, z, z, z, > (byte)40, z, z, z, (byte)1, (byte)130, z, z, > z, (byte)2, (byte)2, (byte)2, z, z, z, z, // this line is > 'nonce' > z, z, z, z, z, z, z, z}; > // remove next lines if you want see the result of first step > response.setStatus(response.SC_UNAUTHORIZED); > System.out.println("Before Setting Header"); > response.setHeader("WWW-Authenticate", "NTLM " + new > sun.misc.BASE64Encoder().encodeBuffer(msg1)); > System.out.println("Header:"+ > request.getHeader("WWW-Authenticate")); > return; > > > } else > //return; > > > length = msg[off+9]*256 + msg[off+8]; > offset = msg[off+11]*256 + msg[off+10]; > s = new String(msg, offset, length); > System.out.println("**USER "+s + ""); > } > > } > public void setServletResponse(HttpServletResponse arg0) { > this.response = arg0; > > } > > > > public HttpServletResponse getServletResponse() { > return response; > } > > } > > > > ** > Any help would be greatly appreciated. > -- View this message in context: http://www.nabble.com/Struts-2-Weblogic-and-NTLM-tp16032835p16037640.html Sent from the Struts - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Problem with submitting while using NTLM authentication
Check if works. I had the same issue with this on a UNIX environment(struts 2). When i replaced the tag with the regular tag...it worked fine Tarun Reddy wrote: > > Hi all, > I'm using NTLM authentication to let the user in. After the user gets into > the application, he'll be shown a jsp page, which typically contains an > . After user enters his inputs and submits the > form, the values are not submitted as part of the HTTP Request. If I > modify > the form as, , then everything > works > fine i.e the values are being passed to the action class. If I remove the > NTLM authentication in the first login jsp page, then works > fine > with POST method. So, I feel that this is some issue pertaining to the use > of in conjunction with NTLM authentication. Did any one of you > had experienced this problem? Why the input values entered by user are not > passed as part of HTTP request? I can see the Content-Type of the request > as, application/x-www-form-urlencoded. Everything looks fine. That's what > baffling me. I'm in urgent need of it. I would really appreciate your > help. > > Thanks, > Tarun. > > -- View this message in context: http://www.nabble.com/Problem-with-submitting-%3Chtml%3Aform%3E-while-using-NTLM-authentication-tp3868393p16032992.html Sent from the Struts - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Struts 2 Weblogic and NTLM
I am attaching a WAR file which uses code to obtain the user id via NTLM. This code works fine on Tomcat and Weblogic 9.2 on unix (if i do not use in the Home.jsp - I do not know why that breaks http://www.nabble.com/file/p16032835/NTLM1.war NTLM1.war ) This WAR does not work on Weblogic 9.2 Windows 2000 as i get the following error Header:WWW-Authenticate Cannot contain CRLF Charcters Here is the code in the Action class. *** package com.dgv.actions; import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.struts2.interceptor.ServletRequestAware; import org.apache.struts2.interceptor.ServletResponseAware; import org.apache.struts2.interceptor.SessionAware; import com.dgv.security.NTLMLogin; import com.dgv.util.Util; import com.opensymphony.xwork2.ActionSupport; import com.opensymphony.xwork2.Preparable; public class BaseAction extends ActionSupport implements SessionAware, ServletRequestAware, ServletResponseAware, Preparable{ private Map session; private HttpServletRequest request; private HttpServletResponse response; public void setSession(Map arg0) { this.session = arg0; } public void setServletRequest(HttpServletRequest arg0) { // TODO Auto-generated method stub this.request = arg0; } public HttpServletRequest getServletRequest() { // TODO Auto-generated method stub return request; } public void prepare() throws Exception { System.out.println("Entered Prepare Method"); String auth = request.getHeader("Authorization"); if (auth == null) { System.out.println("Inside Null"); response.setStatus(response.SC_UNAUTHORIZED); response.setHeader("WWW-Authenticate", "NTLM"); return; } System.out.println("outside Null"); if (auth.startsWith("NTLM ")) { byte[] msg = new sun.misc.BASE64Decoder().decodeBuffer(auth.substring(5)); int off = 30, length=0, offset; String s; if (msg[8] == 1) { // first step of authentication off = 18; // this part is for full hand-shaking, just tested, didn't care about result passwords byte z = 0; byte[] msg1 = {(byte)'N', (byte)'T', (byte)'L', (byte)'M', (byte)'S', (byte)'S', (byte)'P', z, (byte)2, z, z, z, z, z, z, z, (byte)40, z, z, z, (byte)1, (byte)130, z, z, z, (byte)2, (byte)2, (byte)2, z, z, z, z, // this line is 'nonce' z, z, z, z, z, z, z, z}; // remove next lines if you want see the result of first step response.setStatus(response.SC_UNAUTHORIZED); System.out.println("Before Setting Header"); response.setHeader("WWW-Authenticate", "NTLM " + new sun.misc.BASE64Encoder().encodeBuffer(msg1)); System.out.println("Header:"+ request.getHeader("WWW-Authenticate")); return; } else //return; length = msg[off+9]*256 + msg[off+8]; offset = msg[off+11]*256 + msg[off+10]; s = new String(msg, offset, length); System.out.println("**USER "+s + ""); } } public void setServletResponse(HttpServletResponse arg0) { this.response = arg0; } public HttpServletResponse getServletResponse() { return response; } } ** Any help would be greatly appreciated. -- View this message in context: http://www.nabble.com/Struts-2-Weblogic-and-NTLM-tp16032835p16032835.html Sent from the Struts - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]