[jcifs] Problem with guest user access

Michael B Allen mba2000 at ioplex.com
Fri Jan 7 19:59:28 GMT 2005

Please send all messages to the jcifs mailing list.

On Fri, 7 Jan 2005 11:47:02 +0000
Eric Rotick <pc.greenus at gmail.com> wrote:
> > With NTLM and plaintext authentication if the credentials are not valid
> > the server may still accept the session if "guest" access is allowed.
> > This is not congruent with the expected behavior of our NTLM HTTP
> > Authentication Filter and in general I feel it is not desirable to
> > support the feature now or ever.
> > 
> > I suggest you use the modified version of jcifs. That will work
> > precisely as you want.
> > 
> > Mike
> > 
> I've thought about this and I think that only change that would be
> necessary would be the ability to allow a configuration option to
> specify the name of the guest user. As it stands now this is hardcoded

The name of the guest user? If there should be an option like
jcifs.smb.client.permitGuest that defaults to false that when set to true
enables the guest logon to succeed. However currently I do not want to do
this because there is no way to indicate to the user that they were logged
in as guest. That would be a source of considerable confusion I think.

> to be guest. Since such an option already exists in the Samba domain
> surely the two are consistent.

No, that option just specifys what local unix account maps to the "GUEST"
user. The username "GUEST" is hard coded into the CIFS protocol.


Greedo shoots first? Not in my Star Wars.

More information about the jcifs mailing list