[jcifs] Using jcifs to validate users against NT

Michael B.Allen mballen at erols.com
Sat Mar 30 07:34:30 EST 2002


On Fri, 29 Mar 2002 08:24:48 -0800
Tolman-Kevin <Tolman-Kevin at vikingfreight.com> wrote:

> 
> Hello,
> 
> I need to validate user id and password against their NT log in's from
a servlet application running on linux/tomcat. I have tried usig jcifs
to connect to an NT server using the supplied user id and password and
then doing  a SmbFile[] files = file.listFiles();. If a list of files is
returned the > userid/password is a valid NT log in and if an exception
is thrown I determine that the userid/password  is not a valid NT log in.

listFiles is a pretty heavy operation to do that. Set up a file somewhere
and try to just open it with new SmbFileInputStream(). That will throw
an Exception if the user is not valid. You can also tweek the ACL list
on that "peer" file to get a little better access control for groups of
users but I've never tried that so I don't know how well it would work
in practice. The real way to authenticate user is with the NETLOGON
DCE/RPC call but we don't support DCE/RPC at this time.

> 
> This works except that after three invalid attempts I am locked
out. Any subsequent attempts will always fail until a certian time out
period passes. I am afraid that if I try this from a servlet app that
one user failing to log on will lock up the app for all users. Is this
the case? Is there a way > around this? Has anyone else been able to
validate a user against NT using jcifs?  > > I have tried changing all
of the properties in the jcifs.prp file but that has not helped.

This has nothing to do with jCIFS. That policy is set on the domain
controller but I don't see a problem anyway. If the user enters the wrong
password three times they're locked out. That's the policy so they just
shouldn't enter the wrong password three times in a row.

Mike

-- 
May The Source be with you.





More information about the jcifs mailing list