André Warnier wrote:
[...]
As complementary information to my own question, I have already read the
document located here :
http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/NTLM_SUPPORT.txt
However, that does not seem to fit the bill, in the sense that the
method outlined there (using the jCIFS library) requires finally a call
like this :
httpclient.getCredentialsProvider().setCredentials(
new AuthScope("myserver", -1),
new NTCredentials("username", "password", "MYSERVER", "MYDOMAIN"));
which implies seemingly that I would have to present an authentication
dialog to the user and ask them to enter their user-id and password,
then submit these to the NTCredentials constructor.
This is marketing-wise impossible, since the user (via his IE browser)
is already authenticated in his own Windows/NTLM domain, and furthermore
he is so transparently. It would thus be impossible for me to "sell"
the idea that they need to re-enter their credentials just to use this
facet of the application.
(I am also not quite sure how I would get the "DOMAIN" information from
within my applet.)
(It is also quite impossible to sell to the security people, that I
would, in my applet, be able to get hold of the user's password for
their domain account).
What I would like is some method by which the Java applet can pick up
this information from the browser it is running inside of, since that
browser /is/ already authenticated.
If that is impossible, I am afraid that instead of using the Java applet
to do both the local file selection and the POST submission to the
server, I'll have to merely do the file selection, pass the list back to
some javascript function back in the html page, and do the POST
submission via an XMLHttpRequest at that level (supposing of course that
this object, at least under IE, allows for NTLM authentication).
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
