Announcement Announcement Module
Collapse
No announcement yet.
Spring Security 3 and NTLM Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring Security 3 and NTLM

    Hello all
    i am moving my app to Spring Security 3 and, as our current code uses an ntlm Filter, i have checked this website

    http://aloiscochard.blogspot.com/201...ty-ntlm-3.html

    I have dowloaded the filter and plugged the jar into my existing app (where all classes have been migrated to Spring sec 3) but it appears the filter is not working as keep on getting access denied..

    I know Spring Sec 3 does not support NTLM, but i was wondering if anyone is using that filter successfully

    I am using Spring 3.0.7
    Spring Security 3.1.2
    spring-security-ntlm 3.0.2.SNAPSHOT

    could anyone assist?

    w/kindest regards
    marco

  • #2
    The filter is for spring security 3.0 not 3.1... So I would check with an older version first.

    Comment


    • #3
      thanks a lot Martin!

      Comment


      • #4
        Hello
        ok i am now using spring 3.0.7 release plus spring-security-3.0.7.
        have this http section configured

        Code:
        <security:http create-session="never" entry-point-ref="authSchemePreferenceEntryPoint" access-decision-manager-ref="accessDecisionManager">
            <security:request-cache ref="nullRequestCacheAwareFilter"/>
            <security:intercept-url ..........  />
            <security:custom-filter position="SWITCH_USER_FILTER" ref="sessionManagementFilter" />
            <security:custom-filter position="BASIC_AUTH_FILTER" ref="ntlmFilter" />
            <security:anonymous enabled="false"/>
          </security:http>
        but i am getting this

        Code:
        org.springframework.security.ui.ntlm.NtlmBeginHandshakeException: NTLM
        	at org.springframework.security.ui.ntlm.NtlmAuthenticationFilter.doFilter(NtlmAuthenticationFilter.java:215)
        i was wondering what am i missing?

        regarsd
        marco



        a similar post http://forum.springsource.org/showth...ication-Errors seems to suggest that
        the problem is the UserDetailService......
        but my userDetailsService(custom implementation) hasn't changed while migrating to Spring Security 3

        Comment


        • #5
          Hell
          ok it was incorrect configuration
          this
          Code:
          <security:custom-filter position="BASIC_AUTH_FILTER" ref="ntlmFilter" />
          should have been
          Code:
          <security:custom-filter after="EXCEPTION_TRANSLATION_FILTER" ref="authSchemePreferenceFilter" />
          as suggested in the article. i amended it originally because i had problems with other filters.

          that is sorted, now i have classpath clashes to sort out, but i guess they had nothing to do with spring or spring-sec

          sorry for noise

          wkr
          marco

          Comment

          Working...
          X