M
Marcia
We have a little in house application that uses NTLM Authorization. I
didn't write it, but it looks as though the code was taken from
directly from this discussion:
http://www.jguru.com/faq/viewquestion.jsp?EID=393110
This code works for most users of Internet Explorer (IE 6). But it
doesn't work on some newer machines that are operating off a different
installation image than older machines. I have two machines and
verified they have the exact same version of internet explorer
(6.0.2900.2180.xpsp_sp2_gdr.070227-2254). On the older one, the
application using the above mentioned code comes up just fine. On the
newer one, the user gets a "Page cannot be found" error.
I've traced the issue down to this section of the above mentioned
code:
if (auth.startsWith("NTLM "))
{
byte[] msg = new
sun.misc.BASE64Decoder().decodeBuffer(auth.substring(5));
int off = 0, length, offset;
if (msg[8] == 1)
{
byte z = 0;
byte[] msg1 = {(byte)'N', (byte)'T', (byte)'L', (byte)'M',
(byte)'S', (byte)'S', (byte)'P', z,(byte)2, z, z, z, z, z, z, z,
(byte)40, z, z, z, (byte)1, (byte)130, z, z,z, (byte)2, (byte)2,
(byte)2, z, z, z, z, z, z, z, z, z, z, z, z};
response.setHeader("WWW-Authenticate", "NTLM " + new
sun.misc.BASE64Encoder().encodeBuffer(msg1));
response.sendError(response.SC_UNAUTHORIZED);
return;
}
Specifically, it is when the
response.sendError(response.SC_UNAUTHORIZED); is sent back.
I searched Microsoft's web site and found this:
http://support.microsoft.com/?kbid=821814
But it looks like that issue was fixed in 2003 and we show a dll much
more recent than the one shown to have fixed the bug. And again, two
machines with the same version and patches for IE, one works, one
doesn't.
Does anybody have any thoughts or suggestions as to what we could do
to get this to work on all workstations with IE 6? Or if there is
something else on the machine or IE configuration that could affect
this behavior? I also painfully verified all the IE settings were the
same.
BTW, it works in Firefox on the affected machines, although the user
is prompted for a login, but this is not considered an acceptable
workaround as this newer image starts to become more prevalent.
Thanks!
didn't write it, but it looks as though the code was taken from
directly from this discussion:
http://www.jguru.com/faq/viewquestion.jsp?EID=393110
This code works for most users of Internet Explorer (IE 6). But it
doesn't work on some newer machines that are operating off a different
installation image than older machines. I have two machines and
verified they have the exact same version of internet explorer
(6.0.2900.2180.xpsp_sp2_gdr.070227-2254). On the older one, the
application using the above mentioned code comes up just fine. On the
newer one, the user gets a "Page cannot be found" error.
I've traced the issue down to this section of the above mentioned
code:
if (auth.startsWith("NTLM "))
{
byte[] msg = new
sun.misc.BASE64Decoder().decodeBuffer(auth.substring(5));
int off = 0, length, offset;
if (msg[8] == 1)
{
byte z = 0;
byte[] msg1 = {(byte)'N', (byte)'T', (byte)'L', (byte)'M',
(byte)'S', (byte)'S', (byte)'P', z,(byte)2, z, z, z, z, z, z, z,
(byte)40, z, z, z, (byte)1, (byte)130, z, z,z, (byte)2, (byte)2,
(byte)2, z, z, z, z, z, z, z, z, z, z, z, z};
response.setHeader("WWW-Authenticate", "NTLM " + new
sun.misc.BASE64Encoder().encodeBuffer(msg1));
response.sendError(response.SC_UNAUTHORIZED);
return;
}
Specifically, it is when the
response.sendError(response.SC_UNAUTHORIZED); is sent back.
I searched Microsoft's web site and found this:
http://support.microsoft.com/?kbid=821814
But it looks like that issue was fixed in 2003 and we show a dll much
more recent than the one shown to have fixed the bug. And again, two
machines with the same version and patches for IE, one works, one
doesn't.
Does anybody have any thoughts or suggestions as to what we could do
to get this to work on all workstations with IE 6? Or if there is
something else on the machine or IE configuration that could affect
this behavior? I also painfully verified all the IE settings were the
same.
BTW, it works in Firefox on the affected machines, although the user
is prompted for a login, but this is not considered an acceptable
workaround as this newer image starts to become more prevalent.
Thanks!