Results 1 to 5 of 5

Thread: Spring Security 3 and NTLM

  1. Oct 17th, 2012, 06:10 AM #1
    MmarcoM
    MmarcoM is offline Senior Member
    Join Date
    Sep 2004
    Location
    London
    Posts
    311

    Default Spring Security 3 and NTLM

    Hello all
    i am moving my app to Spring Security 3 and, as our current code uses an ntlm Filter, i have checked this website

    http://aloiscochard.blogspot.com/201...ty-ntlm-3.html

    I have dowloaded the filter and plugged the jar into my existing app (where all classes have been migrated to Spring sec 3) but it appears the filter is not working as keep on getting access denied..

    I know Spring Sec 3 does not support NTLM, but i was wondering if anyone is using that filter successfully

    I am using Spring 3.0.7
    Spring Security 3.1.2
    spring-security-ntlm 3.0.2.SNAPSHOT

    could anyone assist?

    w/kindest regards
    marco
    Reply With Quote Reply With Quote
  2. Oct 17th, 2012, 07:47 AM #2
    Marten Deinum
    Marten Deinum is offline Senior Member
    Join Date
    Jun 2006
    Location
    The Netherlands
    Posts
    13,625

    Default

    The filter is for spring security 3.0 not 3.1... So I would check with an older version first.
    Marten Deinum
    Java Consultant / Pragmatist / Open Source Enthousiast / Author

    Pro Spring MVC: With Web Flow
    Conspect

    Have you read the reference guide.
    Use the [ code ] tags, young padawan
    Reply With Quote Reply With Quote
  3. Oct 17th, 2012, 07:55 AM #3
    MmarcoM
    MmarcoM is offline Senior Member
    Join Date
    Sep 2004
    Location
    London
    Posts
    311

    Default

    thanks a lot Martin!
    Reply With Quote Reply With Quote
  4. Oct 17th, 2012, 09:07 AM #4
    MmarcoM
    MmarcoM is offline Senior Member
    Join Date
    Sep 2004
    Location
    London
    Posts
    311

    Default

    Hello
    ok i am now using spring 3.0.7 release plus spring-security-3.0.7.
    have this http section configured

    Code:
    <security:http create-session="never" entry-point-ref="authSchemePreferenceEntryPoint" access-decision-manager-ref="accessDecisionManager">
    <security:request-cache ref="nullRequestCacheAwareFilter"/>
    <security:intercept-url ..........  />
    <security:custom-filter position="SWITCH_USER_FILTER" ref="sessionManagementFilter" />
    <security:custom-filter position="BASIC_AUTH_FILTER" ref="ntlmFilter" />
    <security:anonymous enabled="false"/>
  </security:http>
    but i am getting this

    Code:
    org.springframework.security.ui.ntlm.NtlmBeginHandshakeException: NTLM
	at org.springframework.security.ui.ntlm.NtlmAuthenticationFilter.doFilter(NtlmAuthenticationFilter.java:215)
    i was wondering what am i missing?

    regarsd
    marco



    a similar post http://forum.springsource.org/showth...ication-Errors seems to suggest that
    the problem is the UserDetailService......
    but my userDetailsService(custom implementation) hasn't changed while migrating to Spring Security 3
    Reply With Quote Reply With Quote
  5. Oct 17th, 2012, 11:49 AM #5
    MmarcoM
    MmarcoM is offline Senior Member
    Join Date
    Sep 2004
    Location
    London
    Posts
    311

    Default

    Hell
    ok it was incorrect configuration
    this
    Code:
    <security:custom-filter position="BASIC_AUTH_FILTER" ref="ntlmFilter" />
    should have been
    Code:
    <security:custom-filter after="EXCEPTION_TRANSLATION_FILTER" ref="authSchemePreferenceFilter" />
    as suggested in the article. i amended it originally because i had problems with other filters.

    that is sorted, now i have classpath clashes to sort out, but i guess they had nothing to do with spring or spring-sec

    sorry for noise

    wkr
    marco
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules