[jcifs] Problem with NTLM HTTP filter, upgrading: 0.7.15 to 1.1.0

Michael B Allen mba2000 at ioplex.com
Tue Oct 26 02:24:04 GMT 2004


Parke Jeff said:
> Mike,
>
> I'm using Oracle JDeveloper 10g (9.0.5.2) with embedded OC4J app server
> and IE 6 to hit against http://localhost:8988/spectrum/index.jsp.  I've
> attached three files: HTTP headers (as reported by ieHTTPHeaders), jCIFS
> log messages, and a packet capture file.

This capture doesn't have the HTTP traffic. Windows is known to not
support capturing packaets on the localhost interface. You'll need to use
a client from a host not on the local machine. I believe there have also
been reports of users having problems with the localhost. Also, this
embedded OC4J thing sounds shady. I would not be surprised at all to find
it doesn't support the Filter (e.g. doesn't support keep-alives).

If you look at a good capture of the jCIFS Filter the first time you
authenticate it looks like this:

C->W: GET /foo
W->C: 401 WWW-Authenticate: NTLM
C->W: GET /foo Authorization: NTLM base64-encoded-type-1-message
W->S: session request
S->W: session response
W->S: negotiate request
S->W: negotiate response
S->W: ssx/treecon request w/ jcifs.smb.client.{domain,username,password}
W->S: ssx/treecon response
W->C: 401 WWW-Authenticate: NTLM base64-encoded-type-2-message
C->W: GET /foo Authorization: NTLM base64-encoded-type-3-message
S->W: ssx/treecon request w/ IE client domain,username,password
W->S: ssx/treecon response
W->C: 200 OK

[C - client, W - web server, S - domain controller]

Subsequent authentications skip messages 4 through 9.

The pcap you sent me looks like:

W->S: session request
S->W: session response
W->S: negotiate request
S->W: negotiate response

This is clearly JCIFS initiating the connection to the domain controller
but of course all http traffic is not included because you're trying to
capture packets on the localhost on a Windows XP machine.

Actually there is an HTTP request with what looks like a proxy which could
also be the source of problems.

I seriously doubt jcifs-0.7.15 would work in this environment either. Does
it?

Mike





More information about the jcifs mailing list