[jcifs] NTLM HTTP and Windows 2003 Problems

Ajay Dhuria ADhuria at capitalsource.com
Wed Apr 20 15:05:04 GMT 2005 

I'm having trouble getting jcifs to perform NTLM HTTP authentication
against a Windows 2003 domain.

If I configure the web.xml to not perform preauthentication by only
setting "jcifs.smb.client.domain" parameter, everything works fine for a
single user, but a second user connecting to the site will usually get
an "Unverifiable signature" failure.  

I read the note in the documentation that suggested performing
preauthentication by setting the "jcifs.smb.client.username" and
"jcifs.smb.client.password" properties.  However, in this configuration,
the client browser just hangs and an error is thrown in the server log.

Any suggestions?  Thanks in advance.

Here's the error in the log file:

INFO: Starting Coyote HTTP/1.1 on port 8080
session established ok with MYDOMAIN<1C>/X.X.X.X
byteCount=48 but readBytesWireFormat returned 34
java.net.SocketTimeoutException: Receive timed out
        at java.net.PlainDatagramSocketImpl.receive(Native Method)
        at java.net.DatagramSocket.receive(DatagramSocket.java:711)
        at
jcifs.netbios.NameServiceClient.run(NameServiceClient.java:184)
        at java.lang.Thread.run(Thread.java:534)


Also, here's the relevant jcifs section from my web.xml file:

  <filter>
    <filter-name>NtlmHttpFilter</filter-name>
    <filter-class>jcifs.http.NtlmHttpFilter</filter-class>
    <init-param>
        <param-name>jcifs.smb.client.domain</param-name>
        <param-value>MYDOMAIN</param-value>
    </init-param>
    <init-param>
        <param-name>jcifs.smb.client.username</param-name>
        <param-value>myusername</param-value>
    </init-param>
    <init-param>
        <param-name>jcifs.smb.client.password</param-name>
        <param-value>mypassword</param-value>
    </init-param>
    <init-param>
        <param-name>jcifs.util.loglevel</param-name>
        <param-value>3</param-value>
    </init-param>
  </filter>
  <filter-mapping>
    <filter-name>NtlmHttpFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

My environment:
Web Server:  Red Hat Linux ES v3, Apache Tomcat 4.1.29 using mod_jk2
Client: MS IE 6




IMPORTANT: The information contained in this e-mail message is confidential and is intended only for the named addressee(s). If the reader of this e-mail message is not an intended recipient (or the individual responsible for the delivery of this e-mail message to an intended recipient), please be advised that any re-use, dissemination, distribution or copying of this e-mail message is prohibited. If you have received this e-mail message in error, please reply to the sender that you have received the message in error and then delete it. This e-mail and all other electronic (including voice) communications from CapitalSource and its representatives are for informational purposes only. No such communication is intended by the sender to constitute either an electronic record or an electronic signature, or to constitute any agreement by the sender to conduct a transaction by electronic means. Any such intention or agreement is hereby expressly disclaimed unless otherwise explicitly indicated. 
-------------- next part --------------
HTML attachment scrubbed and removed

More information about the jcifs mailing list