[security-dev 01584]: Re: Request for comment: spec: NTLM as a SASL mech
Max (Weijun) Wang
Weijun.Wang at Sun.COM
Wed Feb 3 02:57:27 UTC 2010
On Feb 3, 2010, at 2:44 AM, Bill Shannon wrote:
> Max (Weijun) Wang wrote on 02/ 1/10 10:49 PM:
>> Hi All
>> Please take a review on this draft before I send it for CCC:
>> http://cr.openjdk.java.net/~weijun/spec/NTLMSASL.0.1
>> The spec includes a raw NTLM API defined in com.sun.* namespace and describes the newly added SASL mech.
>
> Are you planning to expose the com.sun.security.ntlm APIs as a public
> interface?
Yes, I want it be an API.
>
> The javadocs for the Client constructor mention a param "version" but
> the parameter is actually named "type".
>
> In Server.type2(), how many bytes must be in the nonce?
>
> In Server.getPassword(), "overrided" -> "overridden".
All above fixed.
>
> Rather than the system property "ntlm.debug", why don't you use
> java.util.logging?
I'll look into it.
Thanks
Max
More information about the security-dev
mailing list