[jcifs] Problem with transparent autentication using the NtlmHttpFilter

João Mota jmota at criticalsoftware.com
Thu Jan 19 16:20:41 GMT 2006 

Hello,

I am having some problems getting transparent authentication to work 
with NtlmHttpFilter jcifs-1.2.7, it seems that IE is failling the 
negotiation.
The domain Controller is a windows 2003 server.

The error that shows in the log at the same time that the dialog box to 
enter username/password shows up is (i replaced the sensitive data for a 
meaningfull word in caps):
     NtlmHttpFilter: DOMAIN\USERLOGIN: 0xC0000022: 
jcifs.smb.SmbAuthException: Access is denied.

Filling in the user and password in the dialog box, the authentication 
works ok.

My questions are:
1) Is it possible to have transparent authentication with the 
jcifs.http.domainController specified ?
2) Is my configuration wrong or incomplete?
3) Do i need to roll my custom version of the Filter to have transparent 
authentication with this configuration?



The configuration I'm using is the following:

   <filter>
        <filter-name>NtlmHttpFilter</filter-name>
        <filter-class>jcifs.http.NtlmHttpFilter</filter-class>
        <init-param>
        <param-name>jcifs.smb.client.domain</param-name>
        <param-value>DOMAIN</param-value>
        </init-param>
    <init-param>
        <param-name>jcifs.smb.client.username</param-name>
        <param-value>USER</param-value>
        </init-param>
    <init-param>
        <param-name>jcifs.smb.client.password</param-name>
        <param-value>PASSWORD</param-value>
        </init-param>
    <init-param>
        <param-name>jcifs.http.domainController</param-name>
        <param-value>IP</param-value>
        </init-param>
    <init-param>
        <param-name>jcifs.util.loglevel</param-name>
        <param-value>2</param-value>
        </init-param>
    <init-param>
        <param-name>jcifs.resolveOrder</param-name>
        <param-value>DNS</param-value>
        </init-param>
    <init-param>
        <param-name>jcifs.smb.lmCompatibility</param-name>
        <param-value>3</param-value>
        </init-param>
    </filter>

thnak you very much for your time,

Joao Mota



DISCLAIMER: This message may contain confidential information or privileged material and is intended only for the individual(s) named. If you are not a named addressee and mistakenly received this message you should not copy or otherwise disseminate it: please delete this e-mail from your system and notify the sender immediately. E-mail transmissions are not guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete or contain viruses. Therefore, the sender does not accept liability for any errors or omissions in the contents of this message that arise as a result of e-mail transmissions. Please request a hard copy version if verification is required. Critical Software.

More information about the jcifs mailing list