[jcifs] redux: authentication only?

Allen, Michael B (RSCH) Michael_B_Allen at ml.com
Fri May 10 08:51:08 EST 2002

> >This will find a domain controller and open a session authenticating
> >the user in the process. Except, the jCIFS client caches SmbTransports
> >and for each SmbTransport it caches SmbSessions so if you have 5 domain
> >controllers and getByName returns one of the 5 at random, you may not
> >be taking advantage of that caching until you have more than 4 or 5
> >users connected (at work we have like 15 domain controllers for my
> >domain). You might cache the NbtAddresses returned by getByName and
> >try to reuse them so you reuse the same SmbTransport (to a limit of
> >course). But this would probably not make a big difference unless you
> >something like a hundred users.
> >
> If I go ahead and logoff where you've commented that out, does
> that nullify the transport and session caching?
	Calling logoff() would close the SmbSession. The SmbTransport (Socket) will remain
	open and could be used by another caller if the server and port requested match.

>  I'm thinking perhaps
> my app shouldn't gobble resources of the NT systems against which
> I'm authenticating. I have to be a good (unobtrusive) neighbor of
> the NT systems, or their admins will freak out.
	Actually Windows machines that use the NETLOGIN operation keep the session open
	for as long as their logged in which is quite obnoxious. So you want to allow
	SmbTransports to be cached because it ensures that you will only ever have one
	socket open for a given domain controller and you won't be opening and closing
	sockets all the time. And after 10 minutes the socket closes if there is no activity. So
	this is quite polite. It's optimal actually. However, now that I think about it you
	probably do want the SmbSession to logoff() rather than being cached because you
	want each request to hit the DC again in case their password expires or the the user
	falls outside the prescribed hours of operation etc. That is unless a particular user will
	be authenticating frequently.


More information about the jcifs mailing list