[jcifs] Dealing with simultaneous users in a Win2k3 environment
Michael Kerley
michael at enkoo.com
Fri Mar 19 18:51:16 GMT 2004
Hi,
I'm having a problem with user authentication in a Win2k3 environment. The
test environment is just one Win2k3 server (primary domain controller
running active directory, etc. Just a simple installation with all the
defaults) and a WinXP Pro machine which is a member of the domain.
Here is the test I've been running:
1. new SmbFile("smb://").listFiles() --> Fails (expected because no
authentication was given)
2. new SmbFile("smb://user:pass@/").listFiles() --> Gives the list of
domains (expected)
3. new SmbFile("smb://").listFiles() --> Gives the list of domains (bad;
this is a security risk)
It seems that the socket opened in step 2 is reused in step 3, so it's able
to get the results. This is a problem in my application because there will
be one jCIFS client for multiple human users coming from different
locations, and I don't want one user's authentication to be reused by other
users.
Is there some option I can set to fix this problem? If not, can someone
point me to a place in the jCIFS code where I should be looking to make a
change? I've been tracing through some of it without much luck. All that
I've found so far is that the socket never seems to be closed by jCIFS
manually; instead, it gets closed as a result of a connection reset (by the
machine that answered the domain listing request).
Thanks,
Michael
_____
Michael Kerley
Senior Software Engineer
enKoo, Inc.
-------------- next part --------------
HTML attachment scrubbed and removed
More information about the jcifs
mailing list