[jcifs] NTLMv2 / Alternative?

nospam.rwp at dsl.pipex.com nospam.rwp at dsl.pipex.com
Wed Jan 5 22:38:51 GMT 2005

Errrm, this argument maybe partially redundant now, by the looks of it recent versions 
may have some NTLMv2 support, however the docs aren't clear how much, so I'll 
reserve judgement until I find time to test it.  

One thing that does disturb me though, is that jCIFS properties are still global properties, 
therefore it would appear to be impossible to reliably support different server 
configurations and associated connections at the same time.  IMHO it would be better if 
this was the case:

1. the Config class was fleshed out with all the properties and bean setters and getters 
and given a getInstance() method, to get a copy of the global properties.

2. the connection classes SmbFile, SmbFileInputStream, SmbFileOutputStream, 
SmbNamedPipe and SmbRandomAccessFile gained extra constructors which accepted 
a Config object, so that each connection could use a different client behaviour.

If these features were implemented I could open a connection to a local LAN server, then 
open a different connection to a remote modem connected LAN server * and talk to each 
from a different IP binding e.g. I could use a machine as file copying bridge between the 
two networks for remote control support applications.

* I could hunt for the modem IP binding address for just the modem jCIFS connection(s), 
but use a different local IP binding address for all the local LAN connections.

Just a few ideas.

On 5 Jan 2005 at 21:19, jcifs at lists.samba.org wrote:

> This is quite typical for Win2K3 server, I've seen network connection problem with some 
> older Windows boxes at work, however I can well understand why the admins refused 
> legacy NTLM support.
> Win2K3 is the standard windows server OS now, WinNT is effectively dead and Win2K 
> has too short a support life.  A large number of organisations running NT servers are 
> probably worried about no support for NT, so the migration is going to be relatively quick.  
> jCIFS needs to support NTLMv2 soon otherwise it'll become a major headache and get 
> replaced by .Net code, I doubt the jCIFS team want this!.
> One of my employers clients will soon be upgrading lots of servers to Win2K3 server (I 
> assume because of the lack of support for NT), it'd be a pain if I had to switch back to 
> clunky "net use" batch files because jCIFS was stuck in the past.
> On 5 Jan 2005 at 14:29, David Pease wrote:
> > 
> > Hi. I'm looking for some advice on the following:
> > 
> > I've used jCIFS for NTLM authentication on a Java web app and it's worked a
> > treat, up until it's been deployed on a customer's network (Win2k3, AD) which is
> > configured to only accept NTLMv2 (lmcompatibility=5?). Apparently, the customer
> > refuses to change this.
> > 
> > So, I can't currently use jCIFS, but I'd like to know of any alternatives around
> > which could be used instead. Does anyone have a rough idea of when jCIFS will be
> > supporting NTLMv2?
> > 
> > Could Kerberos be used in this situation? If so, any info would be gratefully
> > received, as I know nothing about Kerberos so far (e.g. how does the
> > DOMAIN\USERNAME format map to the USER at REALM Kerberos format?). Can I use
> > Kerberos to automatically log users into the web app using IE?
> > 
> > Many thanks in advance,
> > 
> > Dave
> > 
> > 
> > ______________________________
> > This email has been scanned for all viruses by the MessageLabs SkyScan
> > service. For more information on a proactive anti-virus service working
> > around the clock, around the globe, visit http://www.messagelabs.com
> > 

Richard Perrott

     \  /
     /  \

More information about the jcifs mailing list