[jcifs] Dealing with simultaneous users in a Win2k3 environment

Michael Kerley michael at enkoo.com
Fri Mar 19 18:51:16 GMT 2004


Hi,

 

I'm having a problem with user authentication in a Win2k3 environment.  The
test environment is just one Win2k3 server (primary domain controller
running active directory, etc.  Just a simple installation with all the
defaults) and a WinXP Pro machine which is a member of the domain.

 

Here is the test I've been running:

1. new SmbFile("smb://").listFiles()  --> Fails (expected because no
authentication was given)

2. new SmbFile("smb://user:pass@/").listFiles()  --> Gives the list of
domains (expected)

3. new SmbFile("smb://").listFiles()  --> Gives the list of domains (bad;
this is a security risk)

 

It seems that the socket opened in step 2 is reused in step 3, so it's able
to get the results.  This is a problem in my application because there will
be one jCIFS client for multiple human users coming from different
locations, and I don't want one user's authentication to be reused by other
users.

 

Is there some option I can set to fix this problem?  If not, can someone
point me to a place in the jCIFS code where I should be looking to make a
change?  I've been tracing through some of it without much luck.  All that
I've found so far is that the socket never seems to be closed by jCIFS
manually; instead, it gets closed as a result of a connection reset (by the
machine that answered the domain listing request).

 

Thanks,

Michael

 

  _____  

Michael Kerley
Senior Software Engineer
enKoo, Inc. 

 

-------------- next part --------------
HTML attachment scrubbed and removed


More information about the jcifs mailing list