[jcifs] Http NTLM authenticating everyone

Michael B. Allen miallen at eskimo.com
Fri Jan 24 21:47:31 EST 2003


On Fri, 24 Jan 2003 13:27:38 +0530
"Rupesh Kumar" <rupesh.kumar at blr.techspan.com> wrote:

> Hi Mike,
> I think the filter is working because it correctly displays my NT-domain
> username. As far as I know, the filter sets up a challenge response with
> MSIE and gets the domain, username and a password hash from it. After which
> it calls SmbSession.logon(). I think there is something wrong with the logon
> part because even when I enter a dummy username the filter lets the user
> into the system.

Is it possible then that you are entering a correct domain\username
and password and *then* enter a bogus password? The smb client caches
sessions for the jcifs.smb.client.soTimeout period. Once you enter good
creds futher calls to logon() with a bogus password are no-ops.

Otherwise I'm not sure what the problem is. You would have to get a
packet trace, show us your filter config, and tell us about your
authentication scheme (e.g. NT clients w/ PDC?).

This feature is somewhat new so it's possible there is a flaw somewhere
but I'm pretty certain that people have managed to get it to work
properly.

Mike

-- 
A  program should be written to model the concepts of the task it
performs rather than the physical world or a process because this
maximizes  the  potential  for it to be applied to tasks that are
conceptually  similar and, more important, to tasks that have not
yet been conceived. 



More information about the jcifs mailing list