Reputation: 935
IE7 form authentication after ntlm authentication failed
I have a problem with authentication:
- Users that have valid domain credentials are logined using NTLM authentication (i send "WWW-Authenticate: NTLM " header and 401 status in my jsp filter. Then IE authenticate user using NTLM and everything is fine.
I have other users (connected to lan with their own computers) and they can't logged using NTLM. I created a form where they can enter their credentials and log in.
I want to create mixed-authentication. I add code then redirects user to form login page when his NTLM authentication fails. But when user enter credentials in form redirected after NTLM-auth check, the post data from form doesn't send to jsp page. Instead of post data i see header "Authorization NTLM bla-bla-bla".
Any proposals how I can create mixed-authentication?
Upvotes: 0
Views: 808
Answers (2)
Reputation: 935
I have my own Authentication filter, so my config are not similar to config above. I already solve my problem: i create a special link, that don't create ntlm-like-garbage in headers and provide login after user enter credentials. So i have 2 entrance point in my application. Not perfect but it works.
Upvotes: 1
Reputation: 1564
In case you haven't solved your problem, can you provide your web.xml?
The security constraints should look like this:
<security-constraint>
<display-name>Application Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Everyone</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<display-name>Login Page</display-name>
<web-resource-collection>
<web-resource-name>Unprotected Login Page</web-resource-name>
<url-pattern>/login.jsp</url-pattern>
</web-resource-collection>
</security-constraint>
<security-role>
<role-name>Everyone</role-name>
</security-role>
Upvotes: 0
Related Questions
- "Defective token detected" error (NTLM not Kerberos) with Kerberos/Spring Security/IE/Active Directory
- FormsAuthentication working in every browser except for IE
- Tomcat internet explorer kerberos authentication 401 un authorized
- windows authentication not working in ie7
- Mixing NTLM with Forms Authentication in IE (Empty POST issue)
- IE/IIS integrated authentication problem
- Java: How to access Window credential from IE browser
- Forms Authentication fails for IE only in IIS 7.5 classic mode
- NTLM Authentication fails ONLY with IE against 2k8 App server behind 2k8 IIS7 Reverse Proxy
- NTLM Window Authentication