AW: [jcifs] cifs and rap

Michael B Allen mba2000 at ioplex.com
Thu Aug 12 06:41:51 GMT 2004 

Please send all correspondance to the list.

On Thu, 12 Aug 2004 08:20:33 +0200
"Carsten Dick" <cad at halvotec.de> wrote:

> Hello Michael,
> 
> I have set the following properties in web.xml:
> 
> 	jcifs.smb.client.domain=<DOMAIN_NAME>
> 	jcifs.http.domainController=<IP OF DOMAIN CONTROLLER>
> 
> and by my Servlet I have set that parameters:
> 
> 	jcifs.smb.client.soTimeout=300000
> 	jcifs.netbios.cachePolicy=600
> 	jcifs.http.basicRealm=jCIFS

Drop all of these properties except jcifs.http.domainController.

> I can't install one of the programms to get a network packet dump, 
> because it is installed on the test server of our customer and I don't
> have all privileges there.
> The server challenge for NtlmPasswordAuthentication is on the same
> server as that where I start the request for the credentials.
> The application is running in a Bea Weblogic 6.1 Sp4 container which 
> is runnning as service under Windows 2000. I think running the container 
> as service has no user, which is privileged at the domain controller to 
> request the credentials. Am I right? 
> When it is so, I have to start the request with a user known by the 
> domain controller. Is there a way to do this?

JCIFS operates entirely independantly from the host operating system.

Does the regular (no jcifs-ext) Filter work?

Mike

> 
> Carsten
> 
> -----Ursprüngliche Nachricht-----
> Von: Michael B Allen [mailto:mba2000 at ioplex.com]
> Gesendet: Mittwoch, 11. August 2004 19:48
> An: Carsten Dick
> Cc: jcifs at lists.samba.org
> Betreff: Re: [jcifs] cifs and rap
> 
> 
> On Wed, 11 Aug 2004 13:54:16 +0000 (UTC)
> carsten <cad at halvotec.de> wrote:
> 
> > Hello,
> > 
> > I try to authenticate to a nt domain controller by using jcifs. After 
> > authentication I want to get the groups of authenticated user by using
> > jcifs- ext and the rap extension of it. The domain controller will
> > authenticate the user, but when I try to get the user groups the domain
> > controller will respond with a result of 5, which means that the user
> > has insufficient privilege. Which 
> 
> Actually it doesn't mean "insufficient privilege" exactly. What's the
> full stack-trace? NT_STATUS_ACCESS_VIOLATION has special meaning for
> jCIFS. If the NtlmPasswordAuthentication object was created with a server
> challenge different from a server different from the server with which
> you are trying to use the credentials you will get this error indicating
> that the negotiate credentials are invalid for the target.
> 
> What does your web.xml file look like (what jcifs properties do you
> have set)?
> 
> Mike
> 
> -- 
> Greedo shoots first? Not in my Star Wars.
> 


-- 
Greedo shoots first? Not in my Star Wars.

More information about the jcifs mailing list