[jcifs] Timeout problem with jcifs NTLM HTTP authentication

Fri Nov 19 15:00:24 GMT 2004

Hi Mike,

thank You for the fast response.

> What the getChallengeForDomain() code does is roughly as follows:
>
>   if (list_expiration expired) {
>      dc_list = lookup all domain controllers again
>       // cachePolicy set to 10min by filter
>      list_expiration = now() + jcifs.netbios.cachePolicy
>   }
>   for each dc in dc_list {
>      try {
>         communicate w/ dc
>         return dc.challenge
>      } catch {
>         dc_list[i] = null // dc no good
>      }
>   }
>   throw Exception

The bad dc was offline for some days.
Since our WINS manages a static list, the list still contained the bad dc.
I restarted the application server before each test and 
tried to authenticate with my web app and jcifs:

- sometimes, authentication succeeded; 
  in this case, I saw in the network trace, 
  that a "good" dc was returned from WINS as first entry in the list.

- sometimes, the web app didn't respond and after several minutes,
  a timeout exception was thrown; 
  in this case, I saw in the network trace,
  that the "bad" dc was returned from WINS as first entry in the list.
  jcifs tried to reach the bad dc several times; 
  I didn't see, that any other dc's were choosen and 
  contacted from the list (for each loop ?).

Is this really the expected behaviour when encountering a bad dc ? 
That means, that the application is not usable for about 10 minutes 
until the timeout occurs ?

Best Regards,
Paul Holaj
-------------- next part --------------
HTML attachment scrubbed and removed