Alternatives for JCIFS NTLM library?

Waffle waffle.codeplex.com Has filters, authenticators, supports spring-security, etc. Windows-only, but doesn't require native DLLs.

Waffle - waffle.codeplex.com Has filters, authenticators, supports spring-security, etc. Windows-only, but doesn't require native DLLs.

Interesting project! – Thorbjørn Ravn Andersen Aug 12 '10 at 11:50.

I think NTLM is being deprecated in favor of Kerberos/SPNEGO. Take a look at the SPNEGO HTTP Servlet Filter project to see if it might fit your needs.

Java Opensource Single Sign On (JOSSO) is at josso.org/ They have a page on NTLM, although I'm not sure how well it works.

If you don't mind a commercially packaged product then take a look at: Quest Single Sign On for Java which provides support for SPNEGO/Kerberos (including sites and S4U protocols) as well as NTLM.

Jespa ioplex.com is the only one I've come across. Never used it though.

To be honest, you should not look for one. For your SSO needs you should use proper kerberos / SPNEGO instead of the legacy NTLM. For that stuff you need no special libraries as JVMs are already enabled for doing that automatically.

All you have to do is to configure your application and JVM security policies properly. The official documentation from Sun should give you all the details you need, just browse the "security APIs" section.

1 NTLM is not a "legacy" mechanism. NTLM is required if the client cannot get a Kerberos ticket which unfortunately happens all too easily. In fact, Kerberos is rather fragile and difficult to use by comparison.

And NTLMv2 is just as secure (128 bit RC4 vs. 256 bit AES really doesn't matter much). If you need to do client-side NTLM, JCIFS is fully functional (albeit it is not fully documented - ask on the mailing list). If you need server-side NTLM such as for HTTP SSO, Jespa is the way to go.

– user8134 Oct 10 '09 at 1:31 Note that Jespa is not free software. – Thorbjørn Ravn Andersen Jul 21 '10 at 14:34.

For your SSO needs you should use proper kerberos / SPNEGO instead of the legacy NTLM. For that stuff you need no special libraries as JVMs are already enabled for doing that automatically. All you have to do is to configure your application and JVM security policies properly.

I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.

Related Questions