Trace: • NTLM Authentication
Configure the NTLM authenticator com.sibvisions.apps.auth.NtlmAuthenticator as described here.
Be sure that you use com.sibvisions.rad.server.security.NtlmDBSecurityManager as security manager. The configuration is described here.
Add additional parameters to your config.xml
<ntlm> <init-param> <param-name>jcifs.http.domainController</param-name> <param-value>domain.sibvisions.net</param-value> </init-param> <init-param> <param-name>jcifs.smb.client.domain</param-name> <param-value>DOMAIN.SIBVISIONS.NET</param-value> </init-param> <init-param> <param-name>jcifs.smb.client.responseTimeout</param-name> <param-value>4000</param-value> </init-param> <init-param> <param-name>jcifs.smb.client.soTimeout</param-name> <param-value>4000</param-value> </init-param> <init-param> <param-name>jcifs.util.loglevel</param-name> <param-value>4</param-value> </init-param> </ntlm>
All JCIFS parameters are allowed.
If you start your application in a browser, be sure to map:
<servlet> <servlet-name>NtlmHandler</servlet-name> <display-name>Servlet based ntlm authentication</display-name> <servlet-class>com.sibvisions.apps.server.http.NtlmHandler</servlet-class> </servlet> <servlet-mapping> <servlet-name>NtlmHandler</servlet-name> <url-pattern>/auth/Ntlm</url-pattern> </servlet-mapping>
in your web.xml.
The authentication was successfully tested with WinXP, Vista, Win7, Win8 - Java5, 6, 7. It's not needed to change your local security policies because NTLMv1 and NTLMv2 work.