[jcifs] Re: JCIFS on a cluster

Abhijeet Sarwate abhijeet.sarwate at gmail.com
Mon Feb 20 21:20:14 GMT 2006


Thanks very much for such a nice analysis. I switched to single server
authentication but users still complain about gettting the network password
dialog box.

This is jboss application server cluster with apache presentation server at
the front. I use JKMod for cluster management


On 2/19/06, Michael B Allen <mba2000 at ioplex.com> wrote:
> On Sun, 19 Feb 2006 21:17:13 +0100
> Oliver Schoett <os at sdm.de> wrote:
> > Michael B Allen wrote:
> > > Your easiest, quickest solution is to switch to Kerberos GSSAPI
> > > HTTP authentication. That will work in a cluster environment
> > > because the credential is sent in a single token.
> > >
> > Sounds nice, but are there free Java implementations of the client and
> > server side?
> The jcifs-ext package on SourceForge. Note that the Kerberos
> authentication part of that package doesn't really have anything to
> do with jcifs. It would be a great project for someone to take the
> Kerberos code from that and the NTLM code from jCIFS and bundle it into
> an OSS Filter for Java that offers Negotiate, NTLM, and Basic/NTLM with
> all the ammenties that people look for with login pages, multi-domain,
> proper fallback etc. You could also extract the PAC from the ticket and
> resolve the SIDs using LDAP to implement isInRole.
> > Most clusters will support "session affinity" in some way, which means
> > that requests from the same client go to the same server if possible.
> > This helps performance, for example, because the session data structures
> > do not need to be reconstructed on another server.
> >
> > Regards,
> >
> > Oliver Schoett
> >
-------------- next part --------------
HTML attachment scrubbed and removed

More information about the jcifs mailing list