[jcifs] NTLMSSP over HTTP and signing.

Michael B Allen mba2000 at ioplex.com
Fri Feb 4 21:42:58 GMT 2005 

On Fri, 4 Feb 2005 12:25:38 -0600
"Christopher R. Hertel" <crh at ubiqx.mn.org> wrote:

> Hey, all...
> 
> I saw the message below but haven't seen a response.  I'm curious about 
> the signing support added to 1.1.7.  From Mike's posting on the website:
> 
>   "A simple fix has been applied that premits SMB signatures to work 
>   without specifying preauthentication credentials."
> 
> I'd love to now how this works,

Signatures are apparently not actually checked in SmbComSessionSetupAndX
requests. This was true of NT and someone recently reported that it
was also possible to authenticate against W2K3 without actually using
signatures. However with 1.1.0 I introduced a flaw that could result in
trying to use GUEST as the credentials to use signing. See Dean Povey's
post on Jan 4.

> and whether it has any relevance to the 
> query below.

Donno. It might. I'd really need packet captures and the whole 9 yards to
figure out what's going on but I don't really have the time to walk through
the whole process with every user these days.

I should really write a trouble-shooting document specifically for the
filter so that user's can provide all of the necessary information upfront.

> ----- Forwarded message from Chris <chris at dewrell.com> -----
> 
> I'm using jcifs to allow domain users to logon to an intranet site without
> 
> having to type their passwords.  The JCIFS software communicates with the 
> domain server to verify the users.
> 
> I just upgraded my version from 1.1.6 to 1.1.7 and am now getting the 
> following error in my log files.  The error occurs once every couple
> logons, with no real pattern.  Does anyone have an idea of what might
> cause this? 
> 
> Thanks,
> Chris
> 
> <snip>
> 
> ----- End forwarded message -----
> 
> Chris -)-----
> 
> -- 
> "Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
> Samba Team -- http://www.samba.org/     -)-----   Christopher R. Hertel
> jCIFS Team -- http://jcifs.samba.org/   -)-----   ubiqx development,
> uninq. ubiqx Team -- http://www.ubiqx.org/     -)-----   crh at ubiqx.mn.org
> OnLineBook -- http://ubiqx.org/cifs/    -)-----   crh at ubiqx.org
> 


-- 
IRC - where men are men, women are men, and the boys are FBI agents.

More information about the jcifs mailing list