[jcifs] jcifs and java.io.File authentication

[Michael B Allen]

On Fri, 25 Feb 2005 12:19:58 +0000 (UTC)
Francis <francisdobi at users.sourceforge.net> wrote:

> I would like to know why jcifs needs user credentials
> and why jdk (java.io.File) does not need any authentication information.

Unless you're only going to be using 'GUEST' or 'null' credentials you
will always need credentials to be entered regardless of what type of
application you're using wheather it be Java, .NET, or whatever. It's
just a matter of *when* you supply the credentials. Windows is nice
because you can enter the credentials, establish a logon session, and
delegate those credentials to other threads and servers. So once you
enter your creds they're inherited by children and can be deligated to
other servers that that process logs into.

So the java.io.File class simply calls the underlying file system
operations which use whatever credentials are associated with the current
process. Those credentials need to be entered at some point (e.g. when
the user logs in).

Note that that has a severe disadvantage that the process must run under
the credentials required to access the network resource.

> Is it possible to configure jcifs, so that it does not need any user name
> and password?

No, jCIFS does not have the ability to interact with the current processes
security context. That would be platform specific. On Windows for example
that would require JNI to call the GSSAPI functions when logging into
a remote server. We don't support that and probably never will.

In 2.0 we will support Kerberos such that renewable tickets can be
used. This is consistent with generally accepted best practices on all
platforms that support Kerberos (including Windows).

Mike

-- 
IRC - where men are men, women are men, and the boys are FBI agents.