Discussions

General J2EE: NTLM Issue:retrieving username from active directory

  1. Hi, I am trying to retrieve user name using NTLM from active directory service for single sign-on web app.The code works in Firefox,retrieves correctly the logged in username.But in IE instead of giving username, it outputs the system name.Is there any problem with NTLM as firefox still uses NTLM but IE uses NTLMv2.Please help.I am using the following code: <% try { String auth = request.getHeader("Authorization"); if (auth == null) { response.setStatus(response.SC_UNAUTHORIZED); response.setHeader("WWW-Authenticate", "NTLM"); return; } if (auth.startsWith("NTLM ")) { System.out.println(auth.substring(5)); byte[] msg = new sun.misc.BASE64Decoder().decodeBuffer(auth.substring(5)); System.out.println(msg[8]); int off = 0, length = 0, offset; String userName; if (msg[8] == 1) { off = 18; byte z = 0; byte[] msg1 = {(byte)'N', (byte)'T', (byte)'L', (byte)'M', (byte)'S', (byte)'S', (byte)'P', z, (byte)2, z, z, z, z, z, z, z, (byte)40, z, z, z, (byte)1, (byte)130, z, z, z, (byte)2, (byte)2, (byte)2, z, z, z, z, // z, z, z, z, z, z, z, z}; response.setStatus(response.SC_UNAUTHORIZED); response.setHeader("WWW-Authenticate", "NTLM " + new sun.misc.BASE64Encoder().encodeBuffer(msg1).trim()); // return; } else if (msg[8] == 3) { off = 30; length = msg[off+9]*256 + msg[off+8]; offset = msg[off+11]*256 + msg[off+10]; //length = msg[off+17]*256 + msg[off+16]; //offset = msg[off+19]*256 + msg[off+18]; userName = new String(msg, offset, length); } else return; length = msg[off+1]*256 + msg[off]; offset = msg[off+3]*256 + msg[off+2]; userName = new String(msg, offset, length); length = msg[off+9]*256 + msg[off+8]; offset = msg[off+11]*256 + msg[off+10]; userName = new String(msg, offset, length); Pattern pat = Pattern.compile("[a-z,A-Z,0-9]+"); Matcher mat = pat.matcher(userName); String s1 = ""; while(mat.find()) { System.out.println("Got name: "+mat.group()); s1 = s1+mat.group(); } System.out.println("Got name: "+s1); userName.replaceAll("[.]",""); System.out.println("Got name again: "+userName); out.println(userName); out.println("Hello "); out.println(userName + ""); out.println("

    "+userName+""); } } catch(Exception ex) { System.out.println("uu"); ex.printStackTrace(); } %>
  2. Have you got "Enable Integrated Windows Authentication" check box selected ? Tools/InternetOptions/Advanced/Secuirty <<--