Remote User from jcifs with Struts?

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Remote User from jcifs with Struts?

Rathore, Raghvendra Singh
[jcifs] Remote User from jcifs with Struts?

Hi Aliaster,

My requirements are very similar to what you have stated.
I want to achieve the similar flow with Struts + NTLM as you have stated.
initial request -->
  struts controller -->
    ntlm auth to get remote user -->
      store user value in session -->
        do handler stuff
          return view


any other request including POSTs -->
  struts controller -->
    user got from session, do not need NTLM anymore
      do handler stuff
        return view


Facing the similar problem with posts.
Have you got any soln
Can anybody suggest the soln.

Thanks in advance.

Raghu!!
[hidden email]

-----Original Message-----
From: Allistair Crossley
Sent: 03 December 2003 10:15
To: jcifs at lists.samba.org
Subject: [jcifs] Remote User from jcifs with Struts?


Hi,

We are currently developing a new version of our intranet using Jakarta Struts and a Content Management System. The current intranet prompts a user for username and password before logging in. This is to be eliminated.

Instead, we wish to detect from the user Windows 2000 login who they are as this login username will be used to tie up with other databases.

I don't know if you know about Struts but essentially all requests from the front end web application are mapped to a Controller Servlet provided by Struts (or in our case a subclass of).

Anyways, for every request, we have that request routed to a handler class called an Action, and each Action extends our base SecuredAction handler class.

I found an algorithm a short while ago that performs NTLM authentication. I have built this into the SecuredAction so that if no session user object exists, it redirects with the WWW-Authenitcate stuff for NTLM and within a few moments I am able to detect the remote username, domain and their workstation id.

This has been working very nicely until yesterday when I discovered to my dismay that I cannot post forms. It seems this will be to do with the NTLM authentication.

The only other thing I have found out about is JCIFS. I have managed to find the jcifgs.http package and have seen the filter installation.

Question:

I am not sure if I can use jcifs just as a means to identifying the remote user which is all I want and just once, and then have POSTs working.

I want to keep my SecuredAction base. It does not have to have the NTLM in it if there is another way.

All requests must go through the Struts Controller. I do not know if this has implications for the jcfis filter since that seems to say I need to map all requests /* to this.

Here are 2 little sequences that depict how I want things to work :)

initial request -->
  struts controller -->
    ntlm auth to get remote user -->
      store user value in session -->
        do handler stuff
          return view


any other request including POSTs -->
  struts controller -->
    user got from session, do not need NTLM anymore
      do handler stuff
        return view


Reply | Threaded
Open this post in threaded view
|

RE: Remote User from jcifs with Struts?

Smyth, Jim
Raghu,

the filter will get applied before the struts action  (remember you need servlet 2.3 to support filters).

So if you map the filter to all requests, then you can be sure that by the time the action class gets executed, the user has gone through NTLM authentication.

I needed users to be automatically logged in to my portal based on NT credentials and I did this like:

A sample simple filter:
        if (user is NOT logged in to my application) { {
                log.debug("User not yet authenticated");
                NTLMauth;  // do NTLM auth based on original NTLMHttpFilter
                log user into my application;  //if we get this far in to the code then the user credentials are no available
        } else {
                log.debug("Bypassing filter execution because our user is logged in");
        }
        chain.doFilter(...); //continue processing any further filters, then start action class processing

rgds
jim

Date: Wed, 23 Nov 2005 00:03:47 -0500
From: "Rathore, Raghvendra Singh" <[hidden email]>
Subject: [jcifs] Remote User from jcifs with Struts?
To: <[hidden email]>
Message-ID:
        <[hidden email]>
Content-Type: text/plain; charset="us-ascii"

Hi Aliaster,

My requirements are very similar to what you have stated.
I want to achieve the similar flow with Struts + NTLM as you have
stated.
initial request -->
  struts controller -->
    ntlm auth to get remote user -->
      store user value in session -->
        do handler stuff
          return view


any other request including POSTs -->
  struts controller -->
    user got from session, do not need NTLM anymore
      do handler stuff
        return view


Facing the similar problem with posts.
Have you got any soln
Can anybody suggest the soln.

Thanks in advance.

Raghu!!
[hidden email]

-----Original Message-----
From: Allistair Crossley
Sent: 03 December 2003 10:15
To: jcifs at lists.samba.org
Subject: [jcifs] Remote User from jcifs with Struts?


Hi,

We are currently developing a new version of our intranet using Jakarta
Struts and a Content Management System. The current intranet prompts a
user for username and password before logging in. This is to be
eliminated.

Instead, we wish to detect from the user Windows 2000 login who they are
as this login username will be used to tie up with other databases.

I don't know if you know about Struts but essentially all requests from
the front end web application are mapped to a Controller Servlet
provided by Struts (or in our case a subclass of).

Anyways, for every request, we have that request routed to a handler
class called an Action, and each Action extends our base SecuredAction
handler class.

I found an algorithm a short while ago that performs NTLM
authentication. I have built this into the SecuredAction so that if no
session user object exists, it redirects with the WWW-Authenitcate stuff
for NTLM and within a few moments I am able to detect the remote
username, domain and their workstation id.

This has been working very nicely until yesterday when I discovered to
my dismay that I cannot post forms. It seems this will be to do with the
NTLM authentication.

The only other thing I have found out about is JCIFS. I have managed to
find the jcifgs.http package and have seen the filter installation.

Question:

I am not sure if I can use jcifs just as a means to identifying the
remote user which is all I want and just once, and then have POSTs
working.

I want to keep my SecuredAction base. It does not have to have the NTLM
in it if there is another way.

All requests must go through the Struts Controller. I do not know if
this has implications for the jcfis filter since that seems to say I
need to map all requests /* to this.

Here are 2 little sequences that depict how I want things to work :)

initial request -->
  struts controller -->
    ntlm auth to get remote user -->
      store user value in session -->
        do handler stuff
          return view


any other request including POSTs -->
  struts controller -->
    user got from session, do not need NTLM anymore
      do handler stuff
        return view

Reply | Threaded
Open this post in threaded view
|

RE: Remote User from jcifs with Struts?

Tapperson Kevin
In reply to this post by Rathore, Raghvendra Singh
[jcifs] Remote User from jcifs with Struts?
I previously posted a filter that I created to handle the POST issue with NTLM.  See http://article.gmane.org/gmane.network.samba.java/3708/match=ntlmpostfilter
 
This should take care of the problem that you're having.


From: jcifs-bounces+kevin.tapperson=[hidden email] [mailto:jcifs-bounces+kevin.tapperson=[hidden email]] On Behalf Of Rathore, Raghvendra Singh
Sent: Tuesday, November 22, 2005 11:04 PM
To: [hidden email]
Subject: [jcifs] Remote User from jcifs with Struts?

Hi Aliaster,

My requirements are very similar to what you have stated.
I want to achieve the similar flow with Struts + NTLM as you have stated.
initial request -->
  struts controller -->
    ntlm auth to get remote user -->
      store user value in session -->
        do handler stuff
          return view


any other request including POSTs -->
  struts controller -->
    user got from session, do not need NTLM anymore
      do handler stuff
        return view


Facing the similar problem with posts.
Have you got any soln
Can anybody suggest the soln.

Thanks in advance.

Raghu!!
[hidden email]

-----Original Message-----
From: Allistair Crossley
Sent: 03 December 2003 10:15
To: jcifs at lists.samba.org
Subject: [jcifs] Remote User from jcifs with Struts?


Hi,

We are currently developing a new version of our intranet using Jakarta Struts and a Content Management System. The current intranet prompts a user for username and password before logging in. This is to be eliminated.

Instead, we wish to detect from the user Windows 2000 login who they are as this login username will be used to tie up with other databases.

I don't know if you know about Struts but essentially all requests from the front end web application are mapped to a Controller Servlet provided by Struts (or in our case a subclass of).

Anyways, for every request, we have that request routed to a handler class called an Action, and each Action extends our base SecuredAction handler class.

I found an algorithm a short while ago that performs NTLM authentication. I have built this into the SecuredAction so that if no session user object exists, it redirects with the WWW-Authenitcate stuff for NTLM and within a few moments I am able to detect the remote username, domain and their workstation id.

This has been working very nicely until yesterday when I discovered to my dismay that I cannot post forms. It seems this will be to do with the NTLM authentication.

The only other thing I have found out about is JCIFS. I have managed to find the jcifgs.http package and have seen the filter installation.

Question:

I am not sure if I can use jcifs just as a means to identifying the remote user which is all I want and just once, and then have POSTs working.

I want to keep my SecuredAction base. It does not have to have the NTLM in it if there is another way.

All requests must go through the Struts Controller. I do not know if this has implications for the jcfis filter since that seems to say I need to map all requests /* to this.

Here are 2 little sequences that depict how I want things to work :)

initial request -->
  struts controller -->
    ntlm auth to get remote user -->
      store user value in session -->
        do handler stuff
          return view


any other request including POSTs -->
  struts controller -->
    user got from session, do not need NTLM anymore
      do handler stuff
        return view