NTLM Authentication, Part Server / Domain Controller

[Guest Michel777]

Dear members,

 

in the document http://msdn.microsoft.com/en-us/library/aa378749.aspx# is

described how the NTLM authentication

 

works. We have our own client (written in java) and a server with api for

autehtication. The server has all the

 

necessary data for authentication (see below).

 

The question: how to send

 

User name

Challenge sent to the client

Response received from the client

 

to the domain controller ? Is there any libraries (perhaps in java) or is

there a description how to build the

 

request (http ?).

 

Thanks in advance,

 

Michel

[Guest S. Pidgorny]

Can you please describe what the server application and the client are?

Some context would help. Without additional info I'd say that JVM will

prompt for credentials.

 

--

Svyatoslav Pidgorny, MCSE, RHCE

-= F1 is the key =-

 

http://sl.mvps.org http://msmvps.com/blogs/sp

 

Michel777 wrote:<span style="color:blue">

> Dear members,

>

> in the document http://msdn.microsoft.com/en-us/library/aa378749.aspx# is

> described how the NTLM authentication

>

> works. We have our own client (written in java) and a server with api for

> autehtication. The server has all the

>

> necessary data for authentication (see below).

>

> The question: how to send

>

> User name

> Challenge sent to the client

> Response received from the client

>

> to the domain controller ? Is there any libraries (perhaps in java) or is

> there a description how to build the

>

> request (http ?).

>

> Thanks in advance,

>

> Michel</span>

[Guest Michel777]

Client: Java application (self developed) running on Windows XP

Server: Sybase Mobilink Server with Java API for Authentication

 

Scenario:

 

(1) User logs on Windows XP and authenticates againts NT-Domain

(2) User starts a Java application

(3) from that Java application will be started the Sybase Mobilink Client

(DB-Synch)

(4) The MobiLink client communicates with the Sybase MobiLink Server via

HTTP(S) and it is possible to send our own data (e.g. username, NT hash

password,...)

(5) Sybase Mobilink Server is a standalone Java Application and has an API

for the Authentication. Th Server is running either on Windows or Linux

Server (not decided yet, but most probably on Linux)

(6) in this API the user have to be authenticated againts the Domain.

 

There is technically no problem to authenticate the user via LDAP againts

the Domain. BUT: LDAP requires password in cleartext. And it is MUST

requirement toauthenticate WITHOUT requireing password.

 

Second sceanrio:

 

(1) user logs on Windows XP locally (because the Xp box is not connected to

the company Network "directly").

(1a) user connects to the company Network via VPN

(2) the same....

 

The solution should be work in that scenario too.

 

I hope that helps. Please don't hesitate to ask me for further detail.

 

Thank you in advance for your support !

 

Michel

 

 

 

 

 

"S. Pidgorny" wrote:

<span style="color:blue">

> Can you please describe what the server application and the client are?

> Some context would help. Without additional info I'd say that JVM will

> prompt for credentials.

>

> --

> Svyatoslav Pidgorny, MCSE, RHCE

> -= F1 is the key =-

>

> http://sl.mvps.org http://msmvps.com/blogs/sp

>

> Michel777 wrote:<span style="color:green">

> > Dear members,

> >

> > in the document http://msdn.microsoft.com/en-us/library/aa378749.aspx# is

> > described how the NTLM authentication

> >

> > works. We have our own client (written in java) and a server with api for

> > autehtication. The server has all the

> >

> > necessary data for authentication (see below).

> >

> > The question: how to send

> >

> > User name

> > Challenge sent to the client

> > Response received from the client

> >

> > to the domain controller ? Is there any libraries (perhaps in java) or is

> > there a description how to build the

> >

> > request (http ?).

> >

> > Thanks in advance,

> >

> > Michel</span>

> </span>