Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8202782

Provide option to disable transparent NTLM authentication

XMLWordPrintable

    • x86_64
    • windows_7

      A DESCRIPTION OF THE PROBLEM :
      An application that allows different users to call an NTLM enabled web service can only work properly if the authentication caching and transparent (silent) authentication is disabled.

      To disable the NTLM cache we can already set the property "jdk.ntlm.cache" to false. This property was introduced in java 1.8.

      To disable transparent authentication we could use the following code in java 1.8:

      import sun.net.www.protocol.http.ntlm.NTLMAuthenticationCallback;
      NTLMAuthenticationCallback.setNTLMAuthenticationCallback(new NTLMAuthenticationCallback() {
      @Override
      public boolean isTrustedSite(URL url) {
      return false;
      }
      });

      Of course we don't want to use internal sun classes and it is even not possible with java 9/10/11. My request is to have a new property to disable transparent NTLM authentication.


            chegar Chris Hegarty
            webbuggrp Webbug Group
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: