[jcifs] NtlmHttpFilter: GUEST sometimes replaces username
specifiedin web.xml due to session deserialization
Morten.Hattesen at tietoenator.com
Morten.Hattesen at tietoenator.com
Thu Jul 7 12:49:24 GMT 2005
To avoid signature problems on restart of the Tomcat, you can disable
attribute serialization.
See this postiong for details:
http://lists.samba.org/archive/jcifs/2005-March/004807.html
Regards,
Morten Hattesen
> -----Original Message-----
> From:
> jcifs-bounces+morten.hattesen=tietoenator.com at lists.samba.org
> [mailto:jcifs-bounces+morten.hattesen=tietoenator.com at lists.sa
> mba.org] On Behalf Of Peter McKenzie
> Sent: 7. juli 2005 13:16
> To: jcifs at lists.samba.org
> Subject: [jcifs] NtlmHttpFilter: GUEST sometimes replaces
> username specifiedin web.xml due to session deserialization
>
> We have been having a problem under tomcat that when we
> restart the server we sometimes cannot get it to work against
> Windows 2003 DCs. The problem turns out to be caused by
> Tomcat session deserialization. This problem started after we
> put in account details
> (jcifs.smb.client.{username,password,domain}) to handle SMB
> signatures.
>
> Workaround:
>
> One workaround is to clear out the session information in the
> tomcat work directory called SESSIONS.ser (assuming you have
> no other use for it).
> Alternatively if the session information is older than your
> session timeout by the time the tomcat server is restarted
> there will be no problem. For example, in our case, waiting
> 30 minutes solved the problem too but did not make anyone happy.
>
> Details:
>
> Problem tested under Tomcat 4.1.30 with jdk 1.5.0 (01 and 02)
> on RH 3.0 and Windows XP using jcifs 1.2.1 and 1.1.11.
>
> The class NtlmPasswordAuthentication is part of the tomcat
> session as it is put in as part of the NTLM negotiation:
>
> NtlmHttpFilter (1.2.1):
> req.getSession().setAttribute( "NtlmHttpAuth", ntlm );
>
> On our fairly default Tomcat 4.1.30 setup the session is
> being saved on server shutdown if an active session still
> exists. At startup I see that Tomcat reinitializes the the
> static fields in the class. The problem with this is that
> this results in the fields DEFAULT_USERNAME, DEFAULT_PASSWORD
> and DEFAULT_DOMAIN being set to default values in
> NtlmPasswordAuthentication. Eg, DEFAULT_USERNAME becomes 'GUEST':
>
> private static final String DEFAULT_USERNAME =
> Config.getProperty("jcifs.smb.client.username", "GUEST");
>
>
> This is because the config Config has not yet had any
> properties set as the filter init has not yet been called.
>
>
> Here is a stack trace from inside NtlmPasswordAuthentication
> constructor which shows the call from Tomcat on startup
> (ignore line numbers as I had some additional debugging in jcifs):
>
>
> jcifs.smb.NtlmPasswordAuthentication.<init>(NtlmPasswordAuthen
> tication.java:207)
> at
> jcifs.smb.NtlmPasswordAuthentication.<clinit>
>
> (NtlmPasswordAuthentication.java:164)
> at java.io.ObjectStreamClass.hasStaticInitializer(Native Method)
> at
> java.io.ObjectStreamClass.computeDefaultSUID(ObjectStreamClass
> .java:1641)
> at
> java.io.ObjectStreamClass.access$100(ObjectStreamClass.java:47)
> at java.io.ObjectStreamClass$1.run(ObjectStreamClass.java:175)
> at java.security.AccessController.doPrivileged(Native Method)
> at
> java.io.ObjectStreamClass.getSerialVersionUID(ObjectStreamClas
> s.java:172)
> at
> java.io.ObjectStreamClass.initNonProxy(ObjectStreamClass.java:515)
> at
> java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.j
> ava:1546)
> at
> java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1460)
> at
> java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream
> .java:1693)
> at
> java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1299)
> at
> java.io.ObjectInputStream.readObject(ObjectInputStream.java:339)
> at
> org.apache.catalina.session.StandardSession.readObject
>
> (StandardSession.java:1371)
> at
> org.apache.catalina.session.StandardSession.readObjectData
>
> (StandardSession.java:863)
> at
> org.apache.catalina.session.StandardManager.load(StandardManag
> er.java:440)
> at
> org.apache.catalina.session.StandardManager.start(StandardMana
> ger.java:655)
> at
> org.apache.catalina.core.StandardContext.start(StandardContext
> .java:3590)
> ...
>
> - Peter
>
>
>
More information about the jcifs
mailing list