[jcifs] Re: jcifs-0.9.4 released

Alexander Langer al at s-3.de
Wed Jun 30 09:00:02 GMT 2004

 <eglass1 <at> comcast.net> writes:

> What client platform are you on?  Note that on Windows, Sun's JDK supports
> NTLM authentication natively, and will do the handshake before our
> implementation even sees anything.  Basically, we wrap underlying "standard"
> HttpURLConnections to perform the handshake and simulate a single connection
> to the caller.  On Windows, the Sun HttpURLConnection does this silently,
> and we don't even see that authentication was required at all.

So much for theory. Using Sun JDK/JRE 1.4.2 on Windows on the client side, I 
wouldn't have to bother with this if we and our customers wouldn't have any 
problems. If Sun's JRE would support this natively I would expect it to work. 
But as you can see.. :-(

> One (kind of kludgy) way to force our implementation to be used is:
> 1)  On the IIS server, go to c:\InetPub\AdminScripts (or wherever adsutil.vbs 
> 2)  Run:
>     cscript adsutil.vbs set w3svc/NTAuthenticationProviders "Negotiate"
> This will tell IIS to only offer "Negotiate" as an authentication method.  
> implementation won't do the handshake if NTLM isn't offered, whereas we will
> do the raw NTLM Negotiate handshake.

Ran the script but still it does not work. The response HTTP header now looks 
like this:

HTTP/1.1 401 Access Denied
Server: Microsoft-IIS/5.0
Date: Wed, 30 Jun 2004 08:57:31 GMT
WWW-Authenticate: Negotiate
Content-Length: 4609
Content-Type: text/html

More information about the jcifs mailing list