[jcifs] HTTP Authentication failing

Michael B Allen mba2000 at ioplex.com
Tue Jun 7 07:23:19 GMT 2005


When something is working fine and then suddenly stops working it is NOT a good idea to simply start changing parameters, containers, lib versions, etc. You should have isolated the source of failure when the problem first appeared.

Use jcifs-1.1.11.jar and set jcifs.http.domainController and jcifs.smb.client.{domain,username,password} to a known acct in that domain. Set NOTHING else. Restart the container and try it again.

We get about 1500 downloads a month and most people are using the filter so I think there's something fundamentally wrong with your setup (firewall?). Trying different versions of jcifs isn't going to help.


On Tue, 7 Jun 2005 03:52:41 +0000 (UTC)
Scrumpy Jak <paul.pree at bmssolutions.com> wrote:

> Hi all
> We have a setup where http auth was working fine, then stopped overnight - never
> to work again. The environment is (Note: we have updated Tomcat and jCIFS since
> the issue started). We are not aware of any environmental changes, but assume a
> Microsoft Patch must had been applied. The DC referenced below was shut down for
> other reasons and on restart this problem surfaced. :
> Windows 2003 based Active Directory
> Tomcat 4.1.30 Webserver
> jCIFS 1.2.0 (Have tried many)
> servlet containing the following simple filter:
> <init-param>
> <param-name>jcifs.smb.client.domain</param-name>
> <param-value>xyzdomain</param-value>
> </init-param>
> The first user to connect to the website connects fine, subsequent attempts by
> other users will fail. Swapping users confirms it is always the first. In
> addition, periodically authentication will fail for all and againstart working
> for the first user some time later.
> Have tried setting:
> jcifs.smb.client.{domain,username,password}
> jcifs.smb.client.ssnLimit to 1
> Have tried many versions of jCIFS and Tomcat
> Etehereal capture show:
> SMB Command: Session Setup AndX (0x73)
> NT Status: STATUS_ACCESS_DENIED (0xc0000022)
> for the second connection (This is to the webserver from the DC)
> Browser shows:
> jcifs.smb.SmbException: Connection refused: connect
> 	at jcifs.smb.SmbTransport.send(SmbTransport.java:476)
> 	at jcifs.smb.SmbTransport.negotiate(SmbTransport.java:664)
> This is way out of my league so I'm hopeful someone might have some useful tips.
> jCIFS 1.2.0 was my last hope - under some testing we get slightly different
> results, but still no success. Additionally, we no longer get errors in browser
> or logs and just end up with a blank page (The exception error above was from an
> earlier version of jCIFS).
> Does anyone know of any good tools or testing tips that might narrow this issue
> down? 
> It seems to me that the initial connection is made from the Webserver to the DC
> using the first user's credentials. Any subsequent connection is being refused
> because the credentials don't match. How can I retain autologon functionality
> yet have authentication succeed?
> Thanks in advance!!!!!
> Cheers
> Paul

More information about the jcifs mailing list