[jcifs] NTLM HTTP Authentication and SMB Signing
Paul.Holaj at dekabank.de
Paul.Holaj at dekabank.de
Thu Apr 8 09:34:51 GMT 2004
Hi Eric, hi Mike,
thank you very much for your fast response !
>> I can think of a couple fixes for this (if this is indeed what is
>> occurring), neither of which are really all that great:
>>
>> 1) Don't reuse the SMB connection (i.e., do one-to-one with sessions
and
>> connections to the DC). This would allow each incoming HTTP
connection
>> to set up a new connection with the DC, each of which would get a new
>> challenge and set up signing fresh. I think there's a config option
for
>> that; Mike might know off the top of his head. I'd test this first,
and
>> see if it remediates the issue.
>
>It's currently not an option but it's on the list for the next release.
>I'll look at that next.
This sounds VERY interesting ! I tried connecting with multiple users
with
option 'jcifs.smb.client.soTimeout' set to 1000 (1 second) and it
worked.
As far as I understand JCIFS, this simulates creating a new SMB
connection
for every session request, if there is at most one connecting user per
second.
I send the packet capture with annotations directly to your mail
accounts.
Regards, Paul
-------------- next part --------------
A non-text attachment was scrubbed...
Name: BDY.RTF
Type: application/rtf
Size: 1342 bytes
Desc: not available
Url : http://lists.samba.org/archive/jcifs/attachments/20040408/8ae49324/BDY.rtf
More information about the jcifs
mailing list