[jcifs] RE: Davenport - Copy Operation Uses Many Ports?

Mike McDonald Mike.McDonald at anywaregroup.com
Thu Jun 10 14:05:05 GMT 2004

It is HTTP traffic between the client and the Davenport Server.  The
attached netstat shows the connections made by simply copying a Folder
containing 8 files from an SMB server to the client via Davenport
running on Windows.  Interestingly enough, if I run Davenport on
Solaris, the connections stay in an ESTABLISHED state.

I took a look through a packet trace and the NTLM authentication
handshake is in fact happening for each operation.  How can I force
Basic Authentication in Davenport?  I set enableBasic=true and
insecureBasic=true, but still get authenticated via NTLM.

Also, I tried the jcifs0.9.2.jar, but Davenport does not appear to work
properly with it (setProperty errors?).  I only looked briefly, so I may
just have a misconfiguration.

FYI:  My client is IE6 on Windows XP (both fully patched).



Active Connections

  Proto  Local Address          Foreign Address        State
  TCP    vm_amsdav:http         anywarenetworks.com:1517  TIME_WAIT
  TCP    vm_amsdav:http         anywarenetworks.com:1518  TIME_WAIT
  TCP    vm_amsdav:http         anywarenetworks.com:1519  TIME_WAIT
  TCP    vm_amsdav:http         anywarenetworks.com:1525  TIME_WAIT
  TCP    vm_amsdav:http         anywarenetworks.com:1526  TIME_WAIT
  TCP    vm_amsdav:http         anywarenetworks.com:1527  TIME_WAIT
  TCP    vm_amsdav:http         anywarenetworks.com:1528  TIME_WAIT
  TCP    vm_amsdav:http         anywarenetworks.com:1529  TIME_WAIT
  TCP    vm_amsdav:http         anywarenetworks.com:1530  TIME_WAIT
  TCP    vm_amsdav:http         anywarenetworks.com:1531  TIME_WAIT
  TCP    vm_amsdav:http         anywarenetworks.com:1532  TIME_WAIT
  TCP    vm_amsdav:http         anywarenetworks.com:1533  TIME_WAIT
  TCP    vm_amsdav:http         anywarenetworks.com:1534  TIME_WAIT
  TCP    vm_amsdav:http         anywarenetworks.com:1535  TIME_WAIT
  TCP    vm_amsdav:http         anywarenetworks.com:1536  FIN_WAIT_2

-----Original Message-----
From: eglass1 at comcast.net [mailto:eglass1 at comcast.net] 
Sent: Wednesday, June 09, 2004 2:33 PM
To: Mike McDonald
Cc: jcifs at lists.samba.org
Subject: Re: Davenport - Copy Operation Uses Many Ports?

> Basically, I have a very simple problem.  If I attempt to copy a
'Deep' or
> 'Wide' directory structure via Davenport, it appears to keep opening
> multiple ports for the copy operations.  For example, I attempted to
copy a
> default Jetty install (jetty.mortbay.org) across the network and
> 800+ connections between my client and the Davenport server.  I am
> if there is a setting somewhere to instruct Davenport to open only x
> of connections, or to reuse open connections?  Is there something else
> may have missed?

Is this HTTP traffic between the client and Davenport?  Or CIFS between
Davenport and the SMB server?  The latter should be happening over ~1
connection.  The former would depend on the sequence of WebDAV
the client chooses to make, and the manner in which it makes them.

Ideally, the client would keep the HTTP connection alive to the
server, and run all the calls over that pipe.  If NTLM authentication is
used, and the client isn't sending the session cookie with the request,
the NTLM handshake will have to be performed with every operation; this
would involve a teardown of the HTTP connection (which might account for
huge number of connections you're seeing).

Technically, I don't know that there's any reason the connection needs
to be
closed by the server before the handshake (with the initial
"WWW-Authenticate: NTLM").  IIS does this, and it may be required for
some/all versions of IE, so we do it too.  IIS/IE use the physical
connection to
track the authenticated session, so that's why they do this; but we
don't have
that dependency (we use the session cookie instead).  If you want to
experiment, you can see what happens if you remove all the:

    response.setHeader("Connection", "close");

Another option would be to disable NTLM in Davenport and enable Basic
authentication; you could see if that affects anything.


More information about the jcifs mailing list