[jcifs] authentication against workgroup & not domain possible?

Michael B Allen mba2000 at ioplex.com
Thu Sep 2 04:51:55 GMT 2004

On Wed, 1 Sep 2004 11:14:09 -0400
Eric Glass <eric.glass at gmail.com> wrote:

> Please copy the list in replies also.
> > Thanks for your reply Eric. What you said works... somewhat. I'm getting
> > odd behaviour:
> > "stefaan" is a user on my machine and his password is "".
> > 
> > auth = new NtlmPasswordAuthentication("", "stefaan", "");              
> > works auth = new NtlmPasswordAuthentication("", "stefaan", "asdfasdf"); 
> >     throws a SmbAuthException
> > auth = new NtlmPasswordAuthentication("", "asdfasdf", "asdfasfd");     
> > works
> > 
> > The first two seems logical, the last does not. Also other non-existing
> > account details do not throw a SmbAuthException!
> > 
> > Is it maybe defaulting to a guest account? What am I missing?
> > 
> Quite possibly; you could disable the Guest account on the machine in
> question to see (I think you can also set the password on Guest, and
> then any mapped accounts would need to authenticate with that
> password).  What version of jCIFS are you using?  I believe Mike put
> in something to throw an exception when this happens (i.e. disallow
> guest completely).

Actually I can see the guest thing still isn't handled right. If a bogus
username is used (not "guest") and the server demotes the login to GUEST
it will still work. I'll have to look at it again.


Greedo shoots first? Not in my Star Wars.

More information about the jcifs mailing list