[jcifs] Dealing with simultaneous users in a Win2k3 environment

Michael B Allen mba2000 at ioplex.com
Fri Mar 19 20:42:00 GMT 2004

Michael Kerley said:
> Hi,
> I'm having a problem with user authentication in a Win2k3 environment.
> The
> test environment is just one Win2k3 server (primary domain controller
> running active directory, etc.  Just a simple installation with all the
> defaults) and a WinXP Pro machine which is a member of the domain.
> Here is the test I've been running:
> 1. new SmbFile("smb://").listFiles()  --> Fails (expected because no
> authentication was given)

Actually I don't recall ever seeing this fail. All systems that I work
with use null credentials to get the list of domains. Maybe Win2k3 changed
that. Donno. What was the error?

> 2. new SmbFile("smb://user:pass@/").listFiles()  --> Gives the list of
> domains (expected)
> 3. new SmbFile("smb://").listFiles()  --> Gives the list of domains (bad;
> this is a security risk)

JCIFS does not reuse security contexts but it does reuse TCP transport. I
have a feeling this is actually something going on on the windows server
(master browser). Meaning once a user has successfully authenticated the
NetServerEnum is suddenly available without credentials. Yet another quirk
in Windows' implementation.


More information about the jcifs mailing list