> From: André Warnier [mailto:a...@ice-sa.com] > Subject: Windows Domain authentication with Vista (and Tomcat) > > https://issues.apache.org/bugzilla/show_bug.cgi?id=46323 > This would seem to indicate that there is something going on at the > Tomcat level about NTLM/AD authentication.
Not that there /is/ something going on, but the submitter would like something /to be/ going on. I doubt that the above enhancement request would be accepted as is, since it modifies the permitted values for <auth-method> and is therefore out of compliance with the servlet spec. But we'll see... > For a Tomcat application, I use an authentication/SSO > mechanism partly composed of jCIFS (jcifs.samba.org), > partly self-built. Are you using the NTLM HTTP filter that is available with jCIFS? If so, it cannot be used in conjunction with NTLMv2, which the Vista box may well be insisting on. Examine the LmCompatibilityLevel setting in the Vista system registry at HKLM\SYSTEM\CurrentControlSet\Control\Lsa; make sure it's no higher than 3. Even if you're not using the NTLM HTTP filter, we've had trouble with Vista connecting to non-Microsoft SMB servers when the above registry setting is higher than 3; XP works fine when at 5 (the highest setting), so Vista is doing something weird that we haven't figured out yet. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
