File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Servlets and the fly likes NTLM Authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "NTLM Authentication" Watch "NTLM Authentication" New topic

NTLM Authentication

Pankaj Bagul

Joined: Dec 27, 2007
Posts: 7

I have to authenticate a windows user with his windows XP loginId and to log him directly in my application which is running in a local intranet.
so that the user need not make a seperate loginId/password. Instead, he can use the same windows loginId.

i tried with the following code:

String auth = httpRequest.getHeader("Authorization");

if (auth == null)
httpResponse.setHeader("WWW-Authenticate", "NTLM");

if (auth.startsWith("NTLM "))
byte[] msg = new sun.misc.BASE64Decoder().decodeBuffer(auth.substring(5));
int off = 0, length, offset;
if (msg[8] == 1)
byte z = 0;
byte[] msg1 = {(byte)'N', (byte)'T', (byte)'L', (byte)'M', (byte)'S', (byte)'S', (byte)'P',
z,(byte)2, z, z, z, z, z, z, z,(byte)40, z, z, z,
(byte)1, (byte)130, z, z,z, (byte)2, (byte)2,
(byte)2, z, z, z, z, z, z, z, z, z, z, z, z};
httpResponse.setHeader("WWW-Authenticate", "NTLM " +
new sun.misc.BASE64Encoder().encodeBuffer(msg1));

else if (msg[8] == 3)
off = 30;

length = msg[off+17]*256 + msg[off+16];
offset = msg[off+19]*256 + msg[off+18];
String remoteHost = new String(msg, offset, length);

length = msg[off+1]*256 + msg[off];
offset = msg[off+3]*256 + msg[off+2];
String domain = new String(msg, offset, length);

length = msg[off+9]*256 + msg[off+8];
offset = msg[off+11]*256 + msg[off+10];
String username = new String(msg, offset, length);


What happens is that it takes the windows loginId but it doesnot authenticates it.

when i run my application it popups a login window in which i enter my windows loginId/password.

What is wrong here is, if i enter a wrong loginId/password still it logs him which should not happen.
It should authenticate only valid users.

If anybody knows the solution please help me out or still i need to do some more configuration settings or should i use some different code?

Please help me out solving this problem.I am really strucked.

Any help would be highly appreciated.
thanks in advance

Jashan preet

Joined: Sep 02, 2015
Posts: 1
The thing is that you need to fetch the variables like username and authenticate them with something like an active directory or you can use the jcifs smb session to authenticate the user
Tim Cooke

Joined: Mar 28, 2008
Posts: 2358

Hello Jashan, welcome to the Ranch!

I would expect that after 7 years since the OP asked this question they have either figured it out themselves or are long past caring about it.

Tim Driven Development
I agree. Here's the link:
subject: NTLM Authentication
It's not a secret anymore!