wood burning stoves 2.0*
The moose likes Servlets and the fly likes Best way to get user login from Operating System Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Best way to get user login from Operating System" Watch "Best way to get user login from Operating System" New topic
Author

Best way to get user login from Operating System

steve Barf
Greenhorn

Joined: Oct 15, 2004
Posts: 26
http://www.jguru.com/faq/view.jsp?EID=1045412

This link shows a technique for getting the users Windows login + domain. But it uses hardcoded offsets. Is there a cleaner way of doing it ?
Jack Wiesenthaler
Ranch Hand

Joined: Jul 26, 2001
Posts: 75
The code just parses the NTLM Challenge response. I don't think there is a "cleaner" way?
Jack Wiesenthaler
Ranch Hand

Joined: Jul 26, 2001
Posts: 75
It's been a while since I worked with Win32 stuff but I dug this out of my old MSDN docs, these are the structs that define the auth messages:

NTLM Challenge:

struct {
byte protocol[8]; // 'N', 'T', 'L', 'M', 'S', 'S', 'P', '\0'
byte type; // 0x02
byte zero[7];
short msg_len; // 0x28
byte zero[2];
short flags; // 0x8201
byte zero[2];

byte nonce[8]; // nonce
byte zero[8];
} type-2-message

NTLM Response:

struct {
byte protocol[8]; // 'N', 'T', 'L', 'M', 'S', 'S', 'P', '\0'
byte type; // 0x03
byte zero[3];

short lm_resp_len; // LanManager response length (always 0x18)
short lm_resp_len; // LanManager response length (always 0x18)
short lm_resp_off; // LanManager response offset
byte zero[2];

short nt_resp_len; // NT response length (always 0x18)
short nt_resp_len; // NT response length (always 0x18)
short nt_resp_off; // NT response offset
byte zero[2];

short dom_len; // domain string length
short dom_len; // domain string length
short dom_off; // domain string offset (always 0x40)
byte zero[2];

short user_len; // username string length
short user_len; // username string length
short user_off; // username string offset
byte zero[2];

short host_len; // host string length
short host_len; // host string length
short host_off; // host string offset
byte zero[6];

short msg_len; // message length
byte zero[2];

short flags; // 0x8201
byte zero[2];

byte dom[*]; // domain string (unicode UTF-16LE)
byte user[*]; // username string (unicode UTF-16LE)
byte host[*]; // host string (unicode UTF-16LE)
byte lm_resp[*]; // LanManager response
byte nt_resp[*]; // NT response
} type-3-message
steve Barf
Greenhorn

Joined: Oct 15, 2004
Posts: 26
Kevin,
Thanks for your replies - I was wondering if there was a completely different technique. I've seen code using Principals but I'm not clear how it works or if the client needs something on their workstation first. I feel sure other Java users must have been faced with this problem and resisted using IIS.
<BR/><BR/>
My fear with NTLM is :
  • what happens if the offsets were to change
  • do all browsers use it
  • there can be problems if the user sets the security level to high
  • <BR/><BR/>
    Are you familiar with any non NTLM techniques ?
    Steve
     
    I agree. Here's the link: http://aspose.com/file-tools
     
    subject: Best way to get user login from Operating System
     
    Similar Threads
    How to make dynamic radio button checked
    NTLM Authentication for Single sign on
    Exception and its subclass
    Windows User Name
    <security-constraint> in web.xml