[jcifs] REPOST: Problem with Ntlm Http Authentication

Christopher R. Hertel crh at ubiqx.mn.org
Thu Feb 13 19:32:07 EST 2003 

Hmmm...

This is a shot in the dark but it may be related.

As I was digging through the docs, I found an odd field.  In the 
SessionSetupAndX Reply there is a field called Action.  It's a bit field, 
but only one bit is defined.  If set, it indicates that the authentication 
failed but the server accepts Guest logons and has permitted the logon as 
a guest logon.

See http://ubiqx.org/cifs/SMB.html#SMB.7.3

Let me know if that's helpful.

Chris -)-----

On Thu, Feb 13, 2003 at 02:56:43AM -0500, Michael B. Allen wrote:
> Even though you're supplying the "BOGUS" credentials the target
> is returning a successfull SMB_COM_SESSION_SETUP_ANDX anyway. The
> SMB_COM_TREE_CONNECT_ANDX is returning successfully too and indicates
> the user is logged in as 'GUEST'. See the third like here:
> 
> SmbComSessionSetupAndXResponse[command=SMB_COM_SESSION_SETUP_ANDX,received=true,
> errorCode=0x00000000,flags=0x0098,flags2=0x8001,tid=4099,pid=25314,uid=8192,mid=
> 2,wordCount=3,byteCount=85,andxCommand=0x75,andxOffset=126,isLoggedInAsGuest=tru
> e,nativeOs=Windows NT 4.0,nativeLanMan=NT LAN Manager 4.0,primaryDomain=BLR-DOM]
> 
> Not sure what to do about this. I don't suppose we can write it off as
> a server configuration issue. I'll have to investigate further. Keep
> you posted.
> 
> Mike
> 
> 
> > -----Original Message-----
> > From:	Rupesh Kumar [SMTP:rupesh.kumar at blr.techspan.com]
> > Sent:	Thursday, February 13, 2003 12:59 AM
> > To:	'Allen, Michael B (RSCH)'
> > Subject:	RE: [jcifs] REPOST: Problem with Ntlm Http Authentication
> > 
> > Ok, the logs are attached.
> > > 
> > > Case 1.
> > > ======
> > > C:\> java TestAuth 10.100.15.11
> > > username: bogus-dom\bogus
> > > password: sjsjsj
> > > 
> > > true
> > > 
> > > Case 2.
> > > ======
> > > C:\> java TestAuth 10.100.15.148
> > > username: bogus-dom\bogus
> > > password: sjsjsj
> > > 
> > > jcifs.smb.SmbAuthException: Access denied
> > >         at jcifs.smb.SmbTransport.send(SmbTransport.java:494)
> > >         at jcifs.smb.SmbSession.sessionSetup(SmbSession.java:126)
> > >         at jcifs.smb.SmbSession.send(SmbSession.java:102)
> > >         at jcifs.smb.SmbTree.treeConnect(SmbTree.java:132)
> > >         at jcifs.smb.SmbSession.logon(SmbSession.java:56)
> > >         at TestAuth.authenticate(TestAuth.java:16)
> > >         at TestAuth.main(TestAuth.java:62)
> > > false
> 
> -- 
> A  program should be written to model the concepts of the task it
> performs rather than the physical world or a process because this
> maximizes  the  potential  for it to be applied to tasks that are
> conceptually  similar and, more important, to tasks that have not
> yet been conceived. 

-- 
Samba Team -- http://www.samba.org/     -)-----   Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/   -)-----   ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/     -)-----   crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/    -)-----   crh at ubiqx.org

More information about the jcifs mailing list