I'm installing a server with kerberos, ldap-ad and alfrescoNtlm in the authentication chain.
While the authentication is working there is an annoying problem. When using a web browser that does not have Kerberos setup a basic authentication form is shown before one can reach the actual share login screen.
I have implemented a work around where I have changed response.sendRedirect("page/") to response.sendRedirect("page?pt=login").
That did only partially work. Now a user that already was logged in with Kerberos comes to the graphical login page instead.