Remote User from jcifs with Struts?

Hi Aliaster,

My requirements are very similar to what you have stated.
I want to achieve the similar flow with Struts + NTLM as you have stated.
initial request -->
  struts controller -->
    ntlm auth to get remote user -->
      store user value in session -->
        do handler stuff
          return view

any other request including POSTs -->
  struts controller -->
    user got from session, do not need NTLM anymore
      do handler stuff
        return view

Facing the similar problem with posts.
Have you got any soln
Can anybody suggest the soln.

Thanks in advance.

Raghu!!
raghvendra.rathore@xxxxxxxxxxxxxx

-----Original Message-----
From: Allistair Crossley
Sent: 03 December 2003 10:15
To: jcifs at lists.samba.org
Subject: [jcifs] Remote User from jcifs with Struts?

Hi,

We are currently developing a new version of our intranet using Jakarta Struts and a Content Management System. The current intranet prompts a user for username and password before logging in. This is to be eliminated.

Instead, we wish to detect from the user Windows 2000 login who they are as this login username will be used to tie up with other databases.

I don't know if you know about Struts but essentially all requests from the front end web application are mapped to a Controller Servlet provided by Struts (or in our case a subclass of).

Anyways, for every request, we have that request routed to a handler class called an Action, and each Action extends our base SecuredAction handler class.

I found an algorithm a short while ago that performs NTLM authentication. I have built this into the SecuredAction so that if no session user object exists, it redirects with the WWW-Authenitcate stuff for NTLM and within a few moments I am able to detect the remote username, domain and their workstation id.

This has been working very nicely until yesterday when I discovered to my dismay that I cannot post forms. It seems this will be to do with the NTLM authentication.

The only other thing I have found out about is JCIFS. I have managed to find the jcifgs.http package and have seen the filter installation.

Question:

I am not sure if I can use jcifs just as a means to identifying the remote user which is all I want and just once, and then have POSTs working.

I want to keep my SecuredAction base. It does not have to have the NTLM in it if there is another way.

All requests must go through the Struts Controller. I do not know if this has implications for the jcfis filter since that seems to say I need to map all requests /* to this.

Here are 2 little sequences that depict how I want things to work :)

initial request -->
  struts controller -->
    ntlm auth to get remote user -->
      store user value in session -->
        do handler stuff
          return view

any other request including POSTs -->
  struts controller -->
    user got from session, do not need NTLM anymore
      do handler stuff
        return view