You can try http://jcifs.samba.org/ for NTLM authentication, i have used it in the past and it just works.
jchappelle wrote: > > Bryan, > > We have an NTLMPage that we redirect the browser to. If there is no > authorization header this is what we do. > > String auth = request.getHeader("Authorization"); > if (auth == null) > { > setRedirect(false); > response.setHeader("WWW-Authenticate", "NTLM"); > throw new AbortWithHttpStatusException(401, false); > > } > > I hope this helps. > > Thanks, > > Josh > > -----Original Message----- > From: Bryan Montgomery [mailto:mo...@english.net] > Sent: Friday, March 19, 2010 3:36 PM > To: users@wicket.apache.org > Subject: Help with integrating NTLM in wicket application > > Hello, > I have two applications, one a stand alone web app and one wicket based. > Currently they both use form authentication however I am trying to add > NTLM > authentication for SSO from our windows intranet. > > Leveraging jcifs, I've been able to do this pretty easily with the stand > alone web app. However I've been struggling over the last couple of days > with the wicket app. > > I'll preface this with the caveat that I have only done some very simple > stuff with wicket to date. > > The flow is that the user makes a request and the program flow is > redirected > to LoginPage, and in turn to LoginPanel. In LoginPanel the first thing it > does is check if there is an authentication header, if not which is the > case, it sets the status to SC_UNAUTHORIZED and adds a header of > "WWW-Authenticate: NTLM". I then started with flushing the response and > not > adding anything else. > > In theory this response should tell the browser to resubmit the same > request > with the authentication information. However, from our log files I can see > that the request second time around only has the Login in the request > cycle, > compared to the startup page being in the request cycle initally. > > After looking on the web I've tried various combinations including trying > continueToOriginalDestination in the onBeforeRender method. > > One thing I've noticed is that it seems that setting the status and header > on the > ((WebResponse)response).getHttpServletResponse() only takes effect when I > do > not call flushBuffer() on it. This subseqently throws an exception in the > wicket processing because the response has already been closed. > > I feel that I am so close - but can't quite get it right! > > I was hoping to integrate this with minimal changes to the code but am > thinking that maybe I should start from scratch? I've found a few posts > online of similar situations but I haven't been able to put all the pieces > together yet. > > Appreciate the help in getting this sorted out. > > Thanks, > Bryan. > > http://markmail.org/message/cjy4o4ndtigius55#query:+page:1+mid:t3foamferfh2t > wwj+state:results > http://old.nabble.com/Wicket-NTLM-Single-sign-on-integration-Question-td1786 > 8669.html > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org > For additional commands, e-mail: users-h...@wicket.apache.org > > > -- View this message in context: http://old.nabble.com/Help-with-integrating-NTLM-in-wicket-application-tp27963924p27987318.html Sent from the Wicket - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org