Browser based login via NTLMv2

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Browser based login via NTLMv2

Tom Barber
Hello folks,

I'm trying to get Jasig CAS to play nicely with JCIFS and NTLMv2 and seem to be missing part of the puzzle.

I see the HTTP servlet for NTLM doesn't work in JCIFS with v2 but I don't think that issue affects me directly.

CAS passes off an NTLMv2 Type 3 ticket to JCIFS and from that Smb.login() is called. The ticket has no password just the hashes. But then it lands at 

public static byte[] nTOWFv2(String domain, String username, String password)

when processing the Smb login which then tries to process the password which of course it doesn't have.

I see claims that NTLMv2 works, but is it the case that it works, but not for browsers? Or have I missed something?