[jcifs] filtering the users home share (Was Re: davenport filters)

Fri Dec 17 11:37:42 GMT 2004

Michael B Allen <mba2000 <at> ioplex.com> writes:

> 
> Mike Manley said:
> > Message body follows:
> >
> > Hi,
> >
> > I'm using davenport in a project to give remote access to
> > certain areas of a server and I'm in the process of writing
> > a new filter to allow access to only certain shares on the
> > server. I've copied the code for the server filter and
> > modified it to only allow access to certain shares instead.
> >
> > For the most part this is working fine, however one of the
> > requirements is to allow access to the connecting users home
> > share. i.e. if I'm connecting as mike I want to allow access
> > to the shares listed in the properites of the filter and the
> > share mike. However, I can't see a way to identify that a
> > share is a home share or to get the users name to check if
> > the share name matches. I tried using the jcifs.smb.smbFile
> > toURL method to get the URL thinking that it would be in the
> > form
> > (smb://[[[domain;]username[:password] <at>
]server[:port]/[[share/[dir/]file]]][?[param=value[param2=value2[...]])
> > and I could extract the username out of that but found out
> > that
> > the URL returned doesn't include the username. The only
> > other way I can think of it to modify jcifs.smb.smbFile to
> > add a method that will return the username from the private
> > NtlmPasswordAuthentication.
> >
> > Is there something I'm missing?
> 
> NtlmPasswordAuthentication is not private. Use
> NtlmPasswordAuthentication.getName to get the DOMAIN\username part.
> Although I'm not certain that's the way to go anyway. Davenport ultimately
> constructed the NPA so it knew the username before the NPA did. Find out
> where Davenport constructs the NPA and see if there's a good way to expose
> the username elsewhere. I don't know a whole lot about Davenport internals
> (which is unfortunate considering I'm the maintainer) so you're sort of on
> your own. Davenport questions are always welcome on the jCIFS mailing
> list. There are people there that probably know Davenport better than I
> do.

Thanks for pointing me in the direction of this mailing list. Looking at it
again, I think my question is actually more jCIFS related than davenport
related. As the class I'm trying to do this from inherits from
smbdav.davenportFileFilter which inherits from jcifs.smb.smbFileFilter. All
davenportFileFilter adds is an init method that gives a generic way of
configuring the filter from values held in a xml file. i.e. in this case a list
of shares to allow access to and a flag indicating whether access to the users
home share is allowed. The only other thing I have access to is the
jcifs.smb.smbFile object passed to the accept method. Unfortunatly there doesn't
seem to be a way of indentifying that the share is the users home share or of
accessing the NtlmPasswordAuthentication object within jcifs.smb.smbFile to get
the users name without modifying jcifs.smb.smbFile. 

At the moment, modifying jcifs.smb.smbFile to give access to the information I
want would seem the simplest way of doing this. My only other option would be to
dig deeper into the internal of davenport to see if I can somehow pass the
username through to the file filter as part of the init.

Thanks for any help,

Mike