[jcifs] Re: NTLM HTTP Filter Does Not Work With SMB Signing

Dane Henry danehenry at gmail.com
Fri Jun 2 17:30:21 GMT 2006

I think you were right about the older version of JCIFS, I removed and
deleted all that jar files, restarted and re-downloaded jcifs1.2.9.jar and
now it is allowing me to authenticate with IE. You, not surprisingly, were
also right about the log not printing 'The operation completed
successfully'. However when I tried it on another client, it was doing the
same thing it was doing for me previously, however since it is working on my
machine, I know it has to be a client configuration with IE. It isn't
related, yet, to the problem that you were describing of the access denied,
I'll test further to see if that pops up. I think what is different is in my
registry, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet
I have a String Value 'DLLFile' set to Winsspi.dll and a DWORD Value 'Flags'
set to 0x08. This is different from the default, or at least the default
systems here, do you all think this might be what's allowing the

On 6/2/06, Michael B Allen <mba2000 at ioplex.com> wrote:
> On Fri, 2 Jun 2006 08:37:49 -0400
> "Dane Henry" <danehenry at gmail.com> wrote:
> >
> SmbComSessionSetupAndXResponse[command=SMB_COM_SESSION_SETUP_ANDX,received=true,errorCode=The
> > operation completed
> > successfully.,flags=0x0098,fla
> I think you're using an old version of jCIFS. Newer versions of jCIFS do
> not print 'The operation completed successfully.' for errorCode 0. They
> just print errorCode=0.
> Seek and destroy jcifs.jar files and *restart until the jCIFS classes
> are no longer found*. Then download a brand new jcifs 1.2.9 and carefully
> install that jar.
> I think there was a serious bug in SMB signing prior to 1.2.8. You must
> be running 1.2.9 or SMB signing may not work.
> > I know that it is pre-authenticating, because if I remove the user name
> and
> > password from the filter, it gives me the error:
> Yup. Preauth is definitely working. That's good. But the problem we've
> been talking about is that after a while SMB signing get's messed up
> and people start getting "Access denied".
> > From what I've been seeing, all that is _not_ happening, is IE 6 is not
> > sending the "3rd" handshake back to the server, unlike Firefox. And if
> what
> Hmm, well if firefox works but IE doesn't that's a client issue.
> > I know of NTLM authentication is correct, it's this 3rd handshake that
> > contains the user's name and information to be checked against the
> server.
> > This is occurring in Firefox simply because I provide the browser with
> > credentials through the dialog box, however that defeats the purpose of
> > in my opinion. Any light that you or anyone else can shed on this would
> be
> > _amazing_.
> It sounds like transparent auth just isn't taking place in which case
> read the section in the NTLM HTTP auth docs about that. For example,
> make sure the workstation is actually joined to the domain. And when
> you log into XP make sure that the domain (ie MAIN) is selected in the
> domain dialog box. If it's something else like the local workstation
> name *transparent* auth won't work.
> Mike
-------------- next part --------------
HTML attachment scrubbed and removed

More information about the jcifs mailing list