[jcifs] Multiple domains problem

Michael B Allen mba2000 at ioplex.com
Wed Sep 22 23:01:31 GMT 2004

John Varghese said:
> Hi All,
>    I am developing a web-application in which user has to select a
> network path.
>   For this I have to present him initially with list of all domains.
>   On clicking on a particular domain name, he his shown all the server
> names in it.
>    Finally on clicking on a server name, he will be shown all shared
> folders in it
> My question is do I have to maintain a valid login id/password for each
> domain and depending on
>  user selection set the jcifs.smb.client.domain,
> jcifs.smb.client.username,
> and    jcifs.smb.client.password accordingly

If jcifs.smb.client.{domain,username,password} is valid for the resource
addressed by the SMB URL used then it should work. More specifically, if
the target server is a member of a domain different from the domain of the
user then that server must have a trust relationship with the domain of
the user or those credentials will not be valid for that server. Clearly
users without valid credentials cannot be granted access. If the user has
different accounts across multiple domains then yes, you will have to
contruct an NtlmPasswordAuthentication object with appropriate credentials
for the target server. Once you do however, all SMB URLs derived from the
one created with the NPA will also use those credentials.


PS: Please note that if you intend to use NTLM HTTP Authentication to
obtain the user's credentials you cannot also use the NtlmHttpFilter as
that would perform redundant authentication which I don't think would
would very well. You must do something like what
jcifs.http.NetworkExplorer does. In fact you might want to just start with
that as it handles some important details like DFS redirects.

More information about the jcifs mailing list