I'm using NTLMv1 and its working fine. The only disdavantage is once if I logged in then its hitting LDAP server for 3 to 4 times.
So I don't want that. Can any one please explain me how this process is in NTLMv2?
below is the code for NTLMv2
<filter>
<filter-name>ntlmv2-auth</filter-name>
<filter-class>org.ntlmv2.filter.NtlmFilter</filter-class>
<init-param>
<!-- Windows domain name -->
<param-name>ntlm-domain</param-name>
<param-value>ACME.CORP</param-value>
</init-param>
<init-param>
<!-- IP-address of domain controller -->
<param-name>ntlm-dc</param-name>
<param-value>dcone.acme.com</param-value>
</init-param>
<init-param>
<!-- Simple (non-FQDN) hostname of DC host -->
<param-name>ntlm-dc-name</param-name>
<param-value>dcone</param-value>
</init-param>
<init-param>
<!-- Computer account for connection to DC -->
<param-name>ntlm-account</param-name>
<param-value>[email protected]</param-value>
</init-param>
<init-param>
<!-- Password of computer account -->
<param-name>ntlm-password</param-name>
<param-value>test1234</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>NTLMv2</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
The answer is that you cannot avoid the repeated LDAP connection, as the NTLM protocol is designed to do this exactly. You can find more information on the Microsoft Page defining the NTLM Protocol