[jcifs] SPNEGO NTLM
Michael B Allen
mba2000 at ioplex.com
Sun Jun 27 03:12:00 GMT 2004
On Wed, 23 Jun 2004 16:46:36 +0000 (UTC)
Jeffrey Winter <jeffreywinter at gmail.com> wrote:
> The call to:
>
> SmbSession.logon(dc, (NtlmPasswordAuthentication) principal);
>
> in AuthenticationFilter, fails with an NT_STATUS_ACCESS_VIOLATION
> SmbAuthException.
I don't know Eric's code well enough to provide a solution but I can
add a small fact. The NT_STATUS_ACCESS_VIOLATION status code has special
meaning for jCIFS. With vanilla jCIFS it is never supposed to occur. There
is a check in the SmbComSessionSetupAndX constructor that reads:
if( auth.hashesExternal && auth.challenge !=
session.transport.server.encryptionKey ) {
throw new SmbAuthException( SmbException.NT_STATUS_ACCESS_VIOLATION );
}
This means that the challenge supplied in the NPA is no longer valid. The
vanilla NtlmHttpFilter and NetworkExplorer both check for this condition
and renegotiate.
Mike
--
Greedo shoots first? Not in my Star Wars.
More information about the jcifs
mailing list