Announcement Announcement Module
Collapse
No announcement yet.
Experts Help!! Fiendish BlazeDS / Single Sign-on (NTLM) problem Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Experts Help!! Fiendish BlazeDS / Single Sign-on (NTLM) problem

    Guys,
    I've been tearing my hair out for a month with this problem - any help would be most gratefully appreciated!

    I need to get a flex app working with single-signon on the windows platform.
    I want to grab the windows username and domain from the browser without having users enter by hand.
    I will then authenticate against my own repository tables accessed via remote objects (blazeds + spring flex + spring + hibernate)

    I have a servlet that uses NTLM authentication challenge response. The servlet works on its own returning usename and domain.
    See below for servlet code*

    HOWEVER - no matter how i call the servlet from flex it seems to totally screw up blazeds. No further remote object calls are possible.
    The same remote call works before but not after the servlet has been called. Its driving me insane!!!

    I suspect the problem is related to how the single initial call to the servlet from Flex results in a further two executions of the servlet.
    I assume Internet Explorer is initiating further calls.

    I've tried calling it in the following ways...
    *- HTTPServce with URL
    *- HTTPServive with blaze destination
    *- From within actionscript
    *- From MXML*
    *- From a flex module
    *- from the javascript wrapper using XMLHttpRequest and flashvars
    *- With one trouser leg rolled up and my finger in my ear

    Every single time it stops any further remote object calls from working they get as far as*
    [BlazeDS][DEBUG] FlexSession created with id 'ADF15BED993AD562EEA9249EE6B33CED' for an Http-based client connection.
    [BlazeDS][DEBUG] Deserializing AMF/HTTP request

    but know further.
    Clever people please help - before i blow my brains out!! ;-)

    Thanks in advance
    Gary

    Code:
    public class NTLMUsername extends HttpServlet {
    	
    	private static final long serialVersionUID = 1L;
    
    	public NTLMUsername() {
    		super();
    	}
    
    	protected void doGet(HttpServletRequest request,
    			HttpServletResponse response) throws ServletException, IOException {
    				
    		
    		response.setContentType("text/html; charset=UTF-8");
    		PrintWriter out = response.getWriter();
    		
    		// Variables to hold out put data
    		String domainName;
    		String userName;
    		
    		out.println("<ntlminfo>");
    		
    		String auth = request.getHeader("Authorization");
    		if (auth == null) {
    			response.setStatus(response.SC_UNAUTHORIZED);
    			response.setHeader("WWW-Authenticate", "NTLM");
    			return;
    		}
    
    		if (auth.startsWith("NTLM ")) {
    			byte[] msg = new sun.misc.BASE64Decoder().decodeBuffer(auth.substring(5));
    			int off = 0, length, offset;
    
    			if (msg[8] == 1) {			
    				off = 18;
    
    				byte z = 0;
    				byte[] msg1 = { (byte) 'N', (byte) 'T', (byte) 'L', (byte) 'M',
    						(byte) 'S', (byte) 'S', (byte) 'P', z, (byte) 2, z, z,
    						z, z, z, z, z, (byte) 40, z, z, z, (byte) 1,
    						(byte) 130, z, z, z, (byte) 2, (byte) 2, (byte) 2, z,
    						z, z, z, // 
    						z, z, z, z, z, z, z, z };
    				// 
    				response.setContentLength(0);
    				response.setStatus(response.SC_UNAUTHORIZED);
    				response.setHeader("WWW-Authenticate", "NTLM "
    						+ new sun.misc.BASE64Encoder().encodeBuffer(msg1).trim());
    				response.flushBuffer();
    				return;
    			} else if (msg[8] == 3) {
    				off = 30;
    				length = msg[off + 17] * 256 + msg[off + 16];
    				offset = msg[off + 19] * 256 + msg[off + 18];
    				domainName = new String(msg, offset, length);
    			} else {
    				return;
    			}
    
    			length = msg[off + 1] * 256 + msg[off];
    			offset = msg[off + 3] * 256 + msg[off + 2];
    			domainName = new String(msg, offset, length);
    			
    			length = msg[off + 9] * 256 + msg[off + 8];
    			offset = msg[off + 11] * 256 + msg[off + 10];
    			userName = new String(msg, offset, length);
    
    			// Output the Windows User name and domain
    			out.print("  <domain>");
    			
    			// Process the raw strings to remove every 2nd character
    			for(int i=0; i < domainName.length(); i++) {
    				if( i%2 == 0) {
    					out.print(domainName.charAt(i));
    				}
    			}
    			out.println("</domain>");
    			out.print("  <username>");
    
    			// Process the raw strings to remove every 2nd character
    			for(int i=0; i < userName.length(); i++) {
    				if( i%2 == 0) {
    					out.print(userName.charAt(i));
    				}
    			}
    			out.println("</username>");			
    		}
    
    		out.println("</ntlminfo>"); 
    		out.close();
    	
    	}
    }

  • #2
    Please post the solution if you find any

    Dear Milky Jo: Please post the solution if you find any over here which will be helpful for many users like me. Thanks in advance.

    Comment

    Working...
    X