Databases
StackOverflow2013
Postsdbo
PO
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    primarykey
    data
    text
    <p>I've looked for the same thing you are asking. So far, I haven't found a way on the JDK to do that.</p> <p>There is a request for enhancement on Java Bug Database. Take a look at the <a href="http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7133281" rel="noreferrer">report</a> to find out if that gets a response from Sun (vote up the report so that hopefully that gets fixed soon).</p> <p>What I ended up doing, was override <code>sun.net.www.protocol.http.NTLMAuthentication</code> class. By looking at <code>sun.net.www.protocol.http.HttpURLAuthentication</code>, I found that the only thing you need to modify is the result of:</p> <pre><code>NTLMAuthentication.supportsTransparentAuth() </code></pre> <p>That method has a hardcoded return value, <code>true</code> on Windows platforms and <code>false</code> otherwise. This code is extracted from a JDK installed on Windows 7:</p> <pre><code>static boolean supportsTransparentAuth() { return true; } </code></pre> <p>What that method tells is if Windows credentials should be used by default. If set to <code>true</code>, <strong>your custom Authenticator code won't be called</strong>. See this fragment of <code>HttpURLConnection</code> class:</p> <pre><code>//Declared as a member variable of HttpURLConnection private boolean tryTransparentNTLMServer = NTLMAuthentication.supportsTransparentAuth(); //Inside of getServerAuthentication method. PasswordAuthentication a = null; if (!tryTransparentNTLMServer) { //If set to false, this will call Authenticator.requestPasswordAuthentication(). a = privilegedRequestPasswordAuthentication(url.getHost(), addr, port, url.getProtocol(), "", scheme, url, RequestorType.SERVER); } /* If we are not trying transparent authentication then * we need to have a PasswordAuthentication instance. For * transparent authentication (Windows only) the username * and password will be picked up from the current logged * on users credentials. */ if (tryTransparentNTLMServer || (!tryTransparentNTLMServer &amp;&amp; a != null)) { //If set to true or if Authenticator did not return any credentials, use Windows credentials. //NTLMAuthentication constructor, if receives a == null will fetch current looged user credentials. ret = new NTLMAuthentication(false, url1, a); } </code></pre> <p>To get <code>NTLMAuthentication</code> source code, I used <a href="http://java.decompiler.free.fr/?q=jdgui" rel="noreferrer">this Java decompiler</a>. Opened rt.jar located on the JDK installation folder and copied the desired class code.</p> <p>Then, I simply changed <code>supportsTransparentAuth</code> to return false. However, it would be highly desirable if this method checked first a system property and then return true or false based on that.</p> <p>To compile it, I just placed the java file under sun/net/www/protocol/http folder structure and run:</p> <pre><code>javac NTLMAuthentication.java </code></pre> <p>Then run my application using:</p> <pre><code>java -Xbootclasspath:"path/to/your/sun/net/www/protocol/http/classes;normal/JDK/boot/directories" </code></pre> <p>That will tell the JVM to load our implementation of <code>NTLMAuthentication</code> before the one in rt.jar. You have to be careful to don't miss any default class loading paths with <code>-Xbootclasspath</code>, or there will be <code>ClassNotFound</code> errors.</p> <p>After that, everything worked just fine.</p> <p>This approach has important drawbacks that you should be aware of. </p> <ul> <li>There are security risks. Anyone could drop a different .class file on your boot folder and steal the user credentials or other important information.</li> <li>Code from Sun packages can change without notice and thus be incompatible with your changes.</li> <li>If you deploy this code, you will be contravening the Sun code license. From the <a href="http://docs.oracle.com/javase/1.5.0/docs/tooldocs/windows/java.html" rel="noreferrer">documentation</a>: </li> </ul> <blockquote> <p>-Xbootclasspath:bootclasspath Specify a semicolon-separated list of directories, JAR archives, and ZIP archives to search for boot class files. These are used in place of the boot class files included in the Java 2 SDK. Note: Applications that use this option for the purpose of overriding a class in rt.jar should not be deployed as doing so would contravene the Java 2 Runtime Environment binary code license.</p> </blockquote> <p>So, this is definitely not suitable for production environments.</p> <p>Finally, this is an excellent source about boot class path option and Java class loaders: <a href="http://www.google.co.cr/url?sa=t&amp;rct=j&amp;q=%22-xbootclasspath%22%20java&amp;source=web&amp;cd=5&amp;ved=0CEYQFjAE&amp;url=http://www.tedneward.com/files/Papers/BootClasspath/BootClasspath.pdf&amp;ei=ALIhT9eDNJTbtwfhqsWiCw&amp;usg=AFQjCNEVUemmKJzZflzNHLBfV3iwxXxHJA&amp;sig2=lMOwz_2n74T4gueS6tju5Q" rel="noreferrer">PDF</a></p> <p>Hope this helps.</p>
    singulars
    1. This table or related slice is empty.
    1. POCan Java's 'single sign-on' (use credentials from 'Credential Manager') on Windows be disabled?
      singulars
      1. PTQuestion
    1. PTAnswer
    1. This table or related slice is empty.
    1. USjmend
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. POCan Java's 'single sign-on' (use credentials from 'Credential Manager') on Windows be disabled?
      singulars
      1. PTQuestion
    1. This table or related slice is empty.
    1. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTAcceptedByOriginator
    2. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    3. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    1. COThanks. I've accepted this answer, and this agrees with my own earlier analysis (also by Sun JRE code decompilation) that there is no way to avoid this with Sun's standard code. Thanks for figuring out a way to work around this design flaw (as I see it)-- but this was intended for production use, and I definitely am not going to (tell colleagues to) use this. I'll vote for this Bug ID 7133281 instead.
      singulars
      1. PO
      1. USMarnix Klooster
    2. COYes, for production use this should be definitely avoided. Luckily, I just needed it for a demo so it worked for me.
      singulars
      1. PO
      1. USjmend
    3. COIf anyone comes to this, there is a much simpler approach which consists on using [Apache HTTP Client 4](http://hc.apache.org/httpcomponents-client-ga/) instead of Java underlying [HTTP API](http://docs.oracle.com/javase/6/docs/api/java/net/HttpURLConnection.html). In my particular case, I ended up using a combination of [Apache HTTP Client](http://hc.apache.org/httpcomponents-client-ga/) and [JCIFs NTLM](http://jcifs.samba.org/src/docs/ntlmhttpauth.html) implementation to solve all NTLM related issues in Java.
      singulars
      1. PO
      1. USjmend
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload