Have you ever experienced problem with login to your web application that uses JCIFS NtlmHttpFilter ? Does the problem occurs on new Windows platforms (Windows 7 or Vista) and all is fine on Windows Xp ? Finally, why some user with theoretically same system have this problem while other do not report any difficulties ? Technically the answer to your problem is
here. But does it practically means that you will have to rebuild whole authentication process and start using NTLMv2 ? The answer is: it would be a good thing to do ! But if your application is pretty old, problem is selective and only handful of users report authentication problem and finally there is no time and money on the horizon… well I suppose we can think of small workaround. First solution is pure client side workaround. Force client Windows to use old NTLMv1 with below registry change: HKLM\SYSTEM\CurrentControlSet\Control\Lsa Set LmCompatibilityLevel (DWORD) to “1” Second solution. Small application change. Modify your NtlmHttpFilter config (web.xml):
jcifs.smb.lmCompatibility
1
Although first solution is bullet proof and 100% working it is not very convenient client OS modification. Use it only if second solution fails.
