1

I'm using NTLMv1 and its working fine. The only disdavantage is once if I logged in then its hitting LDAP server for 3 to 4 times.

So I don't want that. Can any one please explain me how this process is in NTLMv2?

below is the code for NTLMv2 

          <filter>
            <filter-name>ntlmv2-auth</filter-name>
            <filter-class>org.ntlmv2.filter.NtlmFilter</filter-class>
            <init-param>
                    <!-- Windows domain name -->
                    <param-name>ntlm-domain</param-name>
                    <param-value>ACME.CORP</param-value>
            </init-param>
            <init-param>
                    <!-- IP-address of domain controller -->
                    <param-name>ntlm-dc</param-name>
                    <param-value>dcone.acme.com</param-value>
            </init-param>
            <init-param>
                    <!-- Simple (non-FQDN) hostname of DC host -->
                    <param-name>ntlm-dc-name</param-name>
                    <param-value>dcone</param-value>
            </init-param>
            <init-param>
                    <!-- Computer account for connection to DC -->
                    <param-name>ntlm-account</param-name>
                    <param-value>TECHUSER$@ACME.CORP</param-value>
            </init-param>
            <init-param>
                    <!-- Password of computer account -->
                    <param-name>ntlm-password</param-name>
                    <param-value>test1234</param-value>
            </init-param>
    </filter>

    <filter-mapping>
            <filter-name>NTLMv2</filter-name>
            <url-pattern>/*</url-pattern>
    </filter-mapping>
Radim Köhler
  • 122,561
  • 47
  • 239
  • 335
user3182542
  • 11
  • 2

1 Answers1

0

The answer is that you cannot avoid the repeated LDAP connection, as the NTLM protocol is designed to do this exactly. You can find more information on the Microsoft Page defining the NTLM Protocol

guerda
  • 23,388
  • 27
  • 97
  • 146