[jcifs] NTLM HTTP Filter Authenticates All Users Regardless ofJCIFSACL Permissions

Michael B Allen mba2000 at ioplex.com
Wed Oct 27 03:08:26 GMT 2004


John Fletcher said:
> Mike,
>
> Thanks for the information, saves me more time troubleshooting my
> configuration.

<snip>
> Yeah, the logonShare thing doesn't work. I don't think it ever did.
>
> I'll have to look at it.
>
> Mike

I just fixed this. It actually surprised me a little to learn how feable
ACL access control on Windows shares is. With Windows NT 4.0 at least you
can mount a share as any authenticated user regardless of how the ACL is
set. Now that wouldn't be that bad if you could not access anything
withing it but you can query the existance and attributes of a file or
directory if you know it's path regardless of how the ACL is set! I had to
resort to trying to *listing* the contents of the share. That causes
Access Denied if the user is not listed in the ACL.

Humph!

The fix will be in the next release RSN.

Mike



More information about the jcifs mailing list