[jcifs] MAC Signing and NTLMSSP over HTTP.
Michael B Allen
mba2000 at ioplex.com
Mon Feb 14 04:22:47 GMT 2005
Christopher R. Hertel said:
>> so that the additional SessionSetups
>> created
>> with NTLMSSP info are okay.
>
> Okay... the "default creds"... If I understand what I've read so far in
> the docs, you add a username/password pair to a file on the
> web-server-side. Are those the credentials used to create the signatures?
Right. Well the creds are used to created the digest after the first
successfull SessionSetup and the digest is used to generate the signatures
for individual SMBs from then on.
> What happens if you're doing things like accessing files (sort of like
> Davenport does)? In that case, you'd need the preauthentication, yes?
I don't think Davenport supports signatures. It supports Basic
authentication though so in that case it will work because you have the
password. But yes, preauthentication is absolutely necessary if you're
doing NTLMSSP because you don't have the plain text equivalent password
hash.
Mike
Mike
More information about the jcifs
mailing list