[jcifs] Ntlm authentication prompts 2nd user - Win 2003
AARON WILT
AARONWILT at afninet.com
Thu Jul 7 19:12:11 GMT 2005
Hello all-
I'm brand new to JCIFS. I've downloaded jcifs-1.2.1 and read through
some old messages to this listserv dealing with this issue of login
prompting and nothing I have tried works so far. We're using Windows
2003 for our domain controller.
I read on http://jcifs.samba.org/src/docs/ntlmhttpauth.html#signing the
author mentions my exact problem when using: The first user to connect
is
validated perfectly. The second user gets prompted. I followed the
suggestion and added these init params to web.xml :
jcifs.smb.client.{domain,username,password} for "preauthentication", but
the same behavior persists.
I'm using the out of the box NtlmHttpAuthExample.java that comes with
jcifs-1.2.1 and running locally in WSSD 5.1.2 against a Tomcat 4.1
server accessing a Windows 2003 domain controller.
Here's my web.xml:
<web-app id="WebApp">
<display-name>jcifs</display-name>
<filter>
<filter-name>NtlmHttpFilter</filter-name>
<display-name>NtlmHttpFilter</display-name>
<filter-class>jcifs.http.NtlmHttpFilter</filter-class>
<init-param>
<param-name>jcifs.http.domainController</param-name>
<param-value>xx.xx.xx.xx</param-value>
</init-param>
<init-param>
<param-name>jcifs.smb.client.username</param-name>
<param-value>myUsername</param-value>
</init-param>
<init-param>
<param-name>jcifs.smb.client.password</param-name>
<param-value>myPassword</param-value>
</init-param>
<init-param>
<param-name>jcifs.smb.client.domain</param-name>
<param-value>myDomain</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>NtlmHttpFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>ntauth</servlet-name>
<display-name>ntauth</display-name>
<servlet-class>net.mycompany.servlet.NtlmHttpAuthExample</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>ntauth</servlet-name>
<url-pattern>/ntauth</url-pattern>
</servlet-mapping>
</web-app>
I also tried adding an <init-param> for jcifs.smb.client.ssnLimit and
setting that value to 1, however, that caused me to be prompted every
time, including the first accessor.
Is there a setting in Windows 2003 that allows it to not have these
signing problems? If so, what do I need to tell our server guys in
order to convince them it's not harmful :-)
Thanks in advance for any insights you might have!
Aaron.
-------------- next part --------------
HTML attachment scrubbed and removed
More information about the jcifs
mailing list