[jcifs] HTTP Authentication failing
Scrumpy Jak
paul.pree at bmssolutions.com
Tue Jun 7 03:52:41 GMT 2005
Hi all
We have a setup where http auth was working fine, then stopped overnight - never
to work again. The environment is (Note: we have updated Tomcat and jCIFS since
the issue started). We are not aware of any environmental changes, but assume a
Microsoft Patch must had been applied. The DC referenced below was shut down for
other reasons and on restart this problem surfaced. :
Windows 2003 based Active Directory
Tomcat 4.1.30 Webserver
jCIFS 1.2.0 (Have tried many)
servlet containing the following simple filter:
<init-param>
<param-name>jcifs.smb.client.domain</param-name>
<param-value>xyzdomain</param-value>
</init-param>
The first user to connect to the website connects fine, subsequent attempts by
other users will fail. Swapping users confirms it is always the first. In
addition, periodically authentication will fail for all and againstart working
for the first user some time later.
Have tried setting:
jcifs.smb.client.{domain,username,password}
jcifs.smb.client.ssnLimit to 1
Have tried many versions of jCIFS and Tomcat
Etehereal capture show:
SMB Command: Session Setup AndX (0x73)
NT Status: STATUS_ACCESS_DENIED (0xc0000022)
for the second connection (This is to the webserver from the DC)
Browser shows:
jcifs.smb.SmbException: Connection refused: connect
at jcifs.smb.SmbTransport.send(SmbTransport.java:476)
at jcifs.smb.SmbTransport.negotiate(SmbTransport.java:664)
This is way out of my league so I'm hopeful someone might have some useful tips.
jCIFS 1.2.0 was my last hope - under some testing we get slightly different
results, but still no success. Additionally, we no longer get errors in browser
or logs and just end up with a blank page (The exception error above was from an
earlier version of jCIFS).
Does anyone know of any good tools or testing tips that might narrow this issue
down?
It seems to me that the initial connection is made from the Webserver to the DC
using the first user's credentials. Any subsequent connection is being refused
because the credentials don't match. How can I retain autologon functionality
yet have authentication succeed?
Thanks in advance!!!!!
Cheers
Paul
More information about the jcifs
mailing list