[jcifs] Using port 445 instead of 139 with NtlmHttpFilter
Eric Glass
eric.glass at gmail.com
Tue Jul 27 16:28:30 GMT 2004
>
> 1. How long can it take to make jCifs work with 445 port. I'm asking because I consider making it myself and I would like to estimate how difficult it is. I expect it is no easy to estimate, but is it a matter of hours, days, weeks, or months ? How do you think ?
>
A quick hack that should make it work with 0.9.6:
In jcifs.http.NtlmHttpFilter, change:
byte[] challenge = SmbSession.getChallenge(dc);
to:
byte[] challenge = SmbSession.getChallenge(dc, 445);
Also in NtlmHttpFilter, change:
SmbSession.logon(dc, ntlm);
to:
SmbSession.logon(dc, 445, ntlm);
Replace jcifs.netbios.NbtSocket with the attached. In web.xml, you'll
probably need to add:
<init-param>
<param-name>jcifs.resolveOrder</param-name>
<param-value>DNS</param-value>
</init-param>
<init-param>
<param-name>jcifs.http.domainController</param-name>
<param-value>10.10.2.20</param-value>
</init-param>
i.e. use a DNS name/IP address rather than a NetBIOS name. This
should get it working over port 445 (and *only* port 445). Note that
this is a quick and ugly shoehorn; your results may vary.
> 2. Do you know any other product or library which I can use to autenticate IE users against NT Domain using NTLM with Java. I know solutions with IIS or Apache as supporting servers, but maybe there is an easier way to do that ?
>
There are a couple of products out there to do SPNEGO/Kerberos
authentication, but I think we may be it for NTLM in Java. You'll
find a couple of NTLM "authenticators" posted in various places which
extract the user identity from the NTLM messages, but they don't
really authenticate the user (they just trust that the client is
providing valid credentials rather than checking them against a domain
controller, which is a bad idea).
Eric
-------------- next part --------------
A non-text attachment was scrubbed...
Name: NbtSocket.java
Type: text/java
Size: 2612 bytes
Desc: not available
Url : http://lists.samba.org/archive/jcifs/attachments/20040727/d9d2994e/NbtSocket.bin
More information about the jcifs
mailing list