[jcifs] Re: NTLM http client

Mon Oct 24 17:14:28 GMT 2005

What I see is that IE does everything pretty much the same (but not
identical) but IE succeeds at the end. The Java client does everything
correctly but at the very end it get's denied for some reason.

I do see a cookie in the IE trace that looks like it's used for
authentication perhaps. It might be that weblogic is setup to do some
another form of authentication that is interfereing.

Whatever the problem it looks like the error is occuring on the filter
end when it receives the Type-3-message. Crank up debugging in the Filter
using the jcifs.util.loglevel property.

Otherwise, try to update the jcifs distribution to the latest if only
temporarily.

Did the NTLM filter come with WebLogic? If so, I think you should ask
IBM to diagnose this for you since from what I can see the NTLM client
is doing what it should.

Finally, you might setup the latest Filter with Resin or Tomcat just to
try it with the Java NTLM client in a separate environment without any
interference with anything else.

Mike

On Mon, 24 Oct 2005 10:07:25 +0200
"Doan, Thi-My-Chi" <thi-my-chi.doan at hp.com> wrote:

> Hi Mike,
> 
> Attached you find the capture when using IE.
> 
> Thanks and regards
> My Chi 
> 
> -----Original Message-----
> From: Michael B Allen [mailto:mba2000 at ioplex.com] 
> Sent: Freitag, 21. Oktober 2005 17:31
> To: Doan, Thi-My-Chi
> Subject: Re: [jcifs] Re: NTLM http client
> 
> The client is making it all the way through the negotiation but WL is
> returning 401 Unauthorized which makes it look like it thinks the
> password is wrong or something.
> 
> Now send me a capture of IE working. Try to keep everything the same
> except instead of running the Java client program run IE. Same URL, same
> workstation, same server, etc.
> 
> Mike
> 
> On Fri, 21 Oct 2005 17:06:37 +0200
> "Doan, Thi-My-Chi" <thi-my-chi.doan at hp.com> wrote:
> 
> > Hi Mike,
> > 
> > Sorry for the delayed response, I've been for some days.
> > 
> > Attached please find the capture result (using Ethereal), I hope it is
> 
> > what you are looking for. If not, please let me know.
> > 
> > In log file I see 2 x failed authentications for each attempt to 
> > access a file without WebLogic authentication.
> > 
> > Again, thanks a lot for your help
> > 
> > Best regards
> > My Chi
> > 
> > 
> > 
> > -----Original Message-----
> > From: Michael B Allen [mailto:mba2000 at ioplex.com]
> > Sent: Dienstag, 18. Oktober 2005 19:04
> > To: Doan, Thi-My-Chi
> > Cc: jcifs at lists.samba.org
> > Subject: Re: [jcifs] Re: NTLM http client
> > 
> > On Tue, 18 Oct 2005 17:18:50 +0200
> > My Chi Doan <thi-my-chi.doan at hp.com> wrote:
> > 
> > > Michael B Allen wrote:
> > > > On Mon, 17 Oct 2005 11:37:23 +0200 My Chi Doan 
> > > > <thi-my-chi.doan at hp.com> wrote:
> > > > 
> > > > 
> > > >>thanks for your response. I tried that, but it still does not
> work. 
> > > >>I'm quite sure that the login and password are correct. Using my 
> > > >>own
> > 
> > > >>NT login & password does not work either.
> > > > 
> > > > 
> > > > Well I see you're testing it against our filter. Does using IE 
> > > > with the filter you're testing against work?
> > > > 
> > > > Mike
> > > > 
> > > Hi Mike,
> > > 
> > > yes, using IE everything works fine. It does not work only with NTLM
> 
> > > http client.
> > > 
> > > It looks like event if a page is unsecured (it means no 
> > > authentication
> > 
> > > for WebLogic server required) the NTLM http client can't access it.
> > > After the user is authenticated by WebLogic, the access is
> > sucessfully.
> > > 
> > > Do have any idea how to grant access to an unsecured page to 
> > > anonymous
> > user?
> > 
> > Can you get a packet capture?
> > 
> >   http://jcifs.samba.org/capture.html
> > 
> > Mike
> > 
> 