In a Windows-centric environment, you may wish to use NTLM authentication rather than a
login dialog box. Each user will be "pre-authenticated" and identified based on their
workstation login.

This works for IE and for Firefox, but Firefox users must manually turn on NTLM support.

To use NTLM you just need to change JspWiki's web.xml to specify its at least a version 2.3 servlet
(Tomcat 4+) and then add a servlet filter to set the response's remote user.

Its easy to do that, just change the second line of web.xml from the 2.2 DTD to 2.3
{{{<!DOCTYPE web-app
     PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"

Obviously this will only work if your servlet container supports 2.3 or above, such as
Tomcat 4 or above.

Then add the filter specification before the first {{<servlet>}} tag. Order matters to Tomcat.




In the above, replace YOURDOMAINNAME with your NTLM domain name and replace with the ip address of your WINS server. Use {{ipconfig /all}} to find out
the ip numbers of your WINS server.

And of course, you need to add the [JCIFS jar file|] to WEB-INF/lib.

For more information on how this works, see the
[JCIFS|] site.



Anyone had any luck using this in JSPWiki v2.4+?  This worked exactly as advertised in v2.2, however I'm having a little bit of an issue getting this to work with the new v2.4 security options (in, jspwiki.policy, jspwiki.jaas, web.xml, etc.)  Now, it's "authenticating" all the time, without querying WINS at all. Rather, the user is authenticated as the default user w/ just their IP address as the username.  I'm sure I just have to turn something "off" that was added in v2.4 to get this to work again....

--msn, 17-Jul-2006