Milky Joe
07-29-2009, 06:07 PM
Guys,
I've been tearing my hair out for a month with this problem - any help would be most gratefully appreciated!
I need to get a flex app working with single-signon on the windows platform.
I want to grab the windows username and domain from the browser without having users enter by hand.
I will then authenticate against my own repository tables accessed via remote objects (blazeds + spring flex + spring + hibernate)
I have a servlet that uses NTLM authentication challenge response. The servlet works on its own returning usename and domain.
See below for servlet code*
HOWEVER - no matter how i call the servlet from flex it seems to totally screw up blazeds. No further remote object calls are possible.
The same remote call works before but not after the servlet has been called. Its driving me insane!!!
I suspect the problem is related to how the single initial call to the servlet from Flex results in a further two executions of the servlet.
I assume Internet Explorer is initiating further calls.
I've tried calling it in the following ways...
*- HTTPServce with URL
*- HTTPServive with blaze destination
*- From within actionscript
*- From MXML*
*- From a flex module
*- from the javascript wrapper using XMLHttpRequest and flashvars
*- With one trouser leg rolled up and my finger in my ear
Every single time it stops any further remote object calls from working they get as far as*
[BlazeDS][DEBUG] FlexSession created with id 'ADF15BED993AD562EEA9249EE6B33CED' for an Http-based client connection.
[BlazeDS][DEBUG] Deserializing AMF/HTTP request
but know further.
Clever people please help - before i blow my brains out!! ;-)
Thanks in advance
Gary
public class NTLMUsername extends HttpServlet {
private static final long serialVersionUID = 1L;
public NTLMUsername() {
super();
}
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
response.setContentType("text/html; charset=UTF-8");
PrintWriter out = response.getWriter();
// Variables to hold out put data
String domainName;
String userName;
out.println("<ntlminfo>");
String auth = request.getHeader("Authorization");
if (auth == null) {
response.setStatus(response.SC_UNAUTHORIZED);
response.setHeader("WWW-Authenticate", "NTLM");
return;
}
if (auth.startsWith("NTLM ")) {
byte[] msg = new sun.misc.BASE64Decoder().decodeBuffer(auth.substri ng(5));
int off = 0, length, offset;
if (msg[8] == 1) {
off = 18;
byte z = 0;
byte[] msg1 = { (byte) 'N', (byte) 'T', (byte) 'L', (byte) 'M',
(byte) 'S', (byte) 'S', (byte) 'P', z, (byte) 2, z, z,
z, z, z, z, z, (byte) 40, z, z, z, (byte) 1,
(byte) 130, z, z, z, (byte) 2, (byte) 2, (byte) 2, z,
z, z, z, //
z, z, z, z, z, z, z, z };
//
response.setContentLength(0);
response.setStatus(response.SC_UNAUTHORIZED);
response.setHeader("WWW-Authenticate", "NTLM "
+ new sun.misc.BASE64Encoder().encodeBuffer(msg1).trim() );
response.flushBuffer();
return;
} else if (msg[8] == 3) {
off = 30;
length = msg[off + 17] * 256 + msg[off + 16];
offset = msg[off + 19] * 256 + msg[off + 18];
domainName = new String(msg, offset, length);
} else {
return;
}
length = msg[off + 1] * 256 + msg[off];
offset = msg[off + 3] * 256 + msg[off + 2];
domainName = new String(msg, offset, length);
length = msg[off + 9] * 256 + msg[off + 8];
offset = msg[off + 11] * 256 + msg[off + 10];
userName = new String(msg, offset, length);
// Output the Windows User name and domain
out.print(" <domain>");
// Process the raw strings to remove every 2nd character
for(int i=0; i < domainName.length(); i++) {
if( i%2 == 0) {
out.print(domainName.charAt(i));
}
}
out.println("</domain>");
out.print(" <username>");
// Process the raw strings to remove every 2nd character
for(int i=0; i < userName.length(); i++) {
if( i%2 == 0) {
out.print(userName.charAt(i));
}
}
out.println("</username>");
}
out.println("</ntlminfo>");
out.close();
}
}
I've been tearing my hair out for a month with this problem - any help would be most gratefully appreciated!
I need to get a flex app working with single-signon on the windows platform.
I want to grab the windows username and domain from the browser without having users enter by hand.
I will then authenticate against my own repository tables accessed via remote objects (blazeds + spring flex + spring + hibernate)
I have a servlet that uses NTLM authentication challenge response. The servlet works on its own returning usename and domain.
See below for servlet code*
HOWEVER - no matter how i call the servlet from flex it seems to totally screw up blazeds. No further remote object calls are possible.
The same remote call works before but not after the servlet has been called. Its driving me insane!!!
I suspect the problem is related to how the single initial call to the servlet from Flex results in a further two executions of the servlet.
I assume Internet Explorer is initiating further calls.
I've tried calling it in the following ways...
*- HTTPServce with URL
*- HTTPServive with blaze destination
*- From within actionscript
*- From MXML*
*- From a flex module
*- from the javascript wrapper using XMLHttpRequest and flashvars
*- With one trouser leg rolled up and my finger in my ear
Every single time it stops any further remote object calls from working they get as far as*
[BlazeDS][DEBUG] FlexSession created with id 'ADF15BED993AD562EEA9249EE6B33CED' for an Http-based client connection.
[BlazeDS][DEBUG] Deserializing AMF/HTTP request
but know further.
Clever people please help - before i blow my brains out!! ;-)
Thanks in advance
Gary
public class NTLMUsername extends HttpServlet {
private static final long serialVersionUID = 1L;
public NTLMUsername() {
super();
}
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
response.setContentType("text/html; charset=UTF-8");
PrintWriter out = response.getWriter();
// Variables to hold out put data
String domainName;
String userName;
out.println("<ntlminfo>");
String auth = request.getHeader("Authorization");
if (auth == null) {
response.setStatus(response.SC_UNAUTHORIZED);
response.setHeader("WWW-Authenticate", "NTLM");
return;
}
if (auth.startsWith("NTLM ")) {
byte[] msg = new sun.misc.BASE64Decoder().decodeBuffer(auth.substri ng(5));
int off = 0, length, offset;
if (msg[8] == 1) {
off = 18;
byte z = 0;
byte[] msg1 = { (byte) 'N', (byte) 'T', (byte) 'L', (byte) 'M',
(byte) 'S', (byte) 'S', (byte) 'P', z, (byte) 2, z, z,
z, z, z, z, z, (byte) 40, z, z, z, (byte) 1,
(byte) 130, z, z, z, (byte) 2, (byte) 2, (byte) 2, z,
z, z, z, //
z, z, z, z, z, z, z, z };
//
response.setContentLength(0);
response.setStatus(response.SC_UNAUTHORIZED);
response.setHeader("WWW-Authenticate", "NTLM "
+ new sun.misc.BASE64Encoder().encodeBuffer(msg1).trim() );
response.flushBuffer();
return;
} else if (msg[8] == 3) {
off = 30;
length = msg[off + 17] * 256 + msg[off + 16];
offset = msg[off + 19] * 256 + msg[off + 18];
domainName = new String(msg, offset, length);
} else {
return;
}
length = msg[off + 1] * 256 + msg[off];
offset = msg[off + 3] * 256 + msg[off + 2];
domainName = new String(msg, offset, length);
length = msg[off + 9] * 256 + msg[off + 8];
offset = msg[off + 11] * 256 + msg[off + 10];
userName = new String(msg, offset, length);
// Output the Windows User name and domain
out.print(" <domain>");
// Process the raw strings to remove every 2nd character
for(int i=0; i < domainName.length(); i++) {
if( i%2 == 0) {
out.print(domainName.charAt(i));
}
}
out.println("</domain>");
out.print(" <username>");
// Process the raw strings to remove every 2nd character
for(int i=0; i < userName.length(); i++) {
if( i%2 == 0) {
out.print(userName.charAt(i));
}
}
out.println("</username>");
}
out.println("</ntlminfo>");
out.close();
}
}