[jcifs] NtlmHttpFilter: How to test it

Albrecht Scheidig albrecht.scheidig at hype.de
Wed Apr 13 14:18:45 GMT 2005 

Hello there,

I have to implement SSO through NTAUTH and want to use jcifs (1.1.9).

I have 2 test environments.
First environment is a Windows 2000 Advanced Server running in a VMWare.
Disavantage is that it is slow and I cannot run the debugger on it.

On the serverside I have a tomcat (4.0.6) running configured like so:
  <filter>
    <filter-name>NtlmHttpFilter</filter-name>
    <filter-class>jcifs.http.NtlmHttpFilter</filter-class>
    <init-param>
      <param-name>jcifs.http.domainController</param-name>
      <param-value>192.168.10.151</param-value>
    </init-param>
    <init-param>
      <param-name>jcifs.util.loglevel</param-name>
      <param-value>3</param-value>
    </init-param>
  </filter>
  <filter-mapping>
    <filter-name>NtlmHttpFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

When trying to access via IE with a user being logged in (on the server - it
is client, webserver and domain controller at the same time) a long time
nothing happens and then I get on the server
session established ok with 0.0.0.0<00>/192.168.10.151
requesting negotiation with 0.0.0.0<00>/192.168.10.151
byteCount=42 but readBytesWireFormat returned 16

Then again a long time nothing happens on the client and finally IE says:
"Cannot find server or DNS Error", but thats not true, I think the server
does not send a response, when turning of the filter all is working fine.

The domain controller is the same as the webserver, so I can also use
127.0.0.1 (?) but then I get after a long time:
jcifs.smb.SmbException: Timeout trying to open socket
java.net.ConnectException: Connection refused: connect
	at java.net.PlainSocketImpl.socketConnect(Native Method)
	at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:305)
	at
java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:171)
	at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:158)
	at java.net.Socket.connect(Socket.java:426)
	at java.net.Socket.connect(Socket.java:376)
	at java.net.Socket.<init>(Socket.java:291)
	at java.net.Socket.<init>(Socket.java:199)
	at jcifs.netbios.NbtSocket.<init>(NbtSocket.java:59)
	at jcifs.smb.SmbTransport.run(SmbTransport.java:342)
	at java.lang.Thread.run(Thread.java:536)

	at jcifs.smb.SmbTransport.start(SmbTransport.java:315)
	at jcifs.smb.SmbTransport.negotiate0(SmbTransport.java:865)
	....

What socket is it trying to open? What services on Windows 2000 Advanced
Server must be running to make it work? Why the long timeouts?

The second environment is my development machine. This does not belong to a
domain (but a workgroup). Is it possible to make NTAUTH run on that machine?
What are the prerequisites? All my trials did not work. (Long timeouts,
refused connections). I would prefer to use the development machine for it
is faster and I can debug it.

It is very frustrating to always change a property, restart the server, try
to connect, have a long time waiting and finally see the same errors again
and again. Is there an easy step by step guide for a testing workgroup
scenario as well as one for a productive environment using domains?
http://jcifs.samba.org/src/docs/ntlmhttpauth.html does not work as
described.

TIA,
Albrecht

More information about the jcifs mailing list