[jcifs] Intermittent authentication failures

Chris Kimpton chris.kimpton at rabobank.com
Tue Dec 11 15:10:19 GMT 2007 

Hi,

We have a website that is using jcifs for NT authentication and is generally 
working fine. We are using version 1.2.17.  This is via the NtlmFilter, under 
tomcat, running inside jboss 4.0.5.

On a few pages we have some live updating stuff, done via ajax/dwr.  They do 
not update too frequently - one call every 3-4 seconds, with checks to ensure 
we do not make a new call if the previous one is still pending.

Intermittently, one of these ajax calls fails authentication and we get a 
username/password popup box.

We are not sure what is causing this - busy domain controller, perhaps.

The jcifs settings are:

set params=%params% -Djcifs.http.basicRealm=[some realm]
set params=%params% -Djcifs.netbios.wins=[dc server dns name]
set params=%params% -Djcifs.smb.client.domain=[our domain]
set params=%params% -Djcifs.resolveOrder=DNS
set params=%params% -Djcifs.http.domainController=[dc server dns name]
set params=%params% -Djcifs.smb.client.domain.full=[our fq domain]
set params=%params% -Djcifs.smb.client.username=[a dedicated user]
set params=%params% -Djcifs.smb.client.password=[its password]

Below is an example of what we see in the logs.

We are using the NtlmFilter.  I have tried subclassing it, with a view to 
trapping an exception (but that does not seem to happen) or check whether the 
ntlmAuth item is in the session - but that seems to be always present once 
logged on.

If we can trap one of these conditions, my thoughts are that we could then re-
try the login a few times, with a delay between, to see if its just a busy DC.

So - has anybody got any tips on how to achieve this or which jcifs parameters 
we could play with to make it cope with this situation.

Many thanks in advance,
Chris

2007-12-11 08:18:04,589 ERROR [STDERR] NtlmHttpFilter: blahblah successfully 
authenticated against blahblah

2007-12-11 08:18:05,636 ERROR [STDERR] NtlmHttpFilter: blahblah successfully 
authenticated against blahblah

2007-12-11 08:18:08,277 ERROR [STDERR] SmbComTreeDisconnect
[command=SMB_COM_TREE_DISCONNECT,received=false,errorCode=0,flags=0x0018,flags2
=0xC003,signSeq=0,tid=2054,pid=29853,uid=4098,mid=0,wordCount=0,byteCount=0]

2007-12-11 08:18:08,277 ERROR [STDERR] 00000: FF 53 4D 42 71 00 00 00 00 18 03 
C0 00 00 00 00  |ÿSMBq......À....| 
00010: 00 00 00 00 00 00 00 00 06 08 9D 74 02 10 00 00  |...........t....| 
00020: 00 00 00                                         |...             | 
2007-12-11 08:18:08,277 ERROR [STDERR] SmbComLogoffAndX
[command=SMB_COM_LOGOFF_ANDX,received=false,errorCode=0,flags=0x0018,flags2=0xC
003,signSeq=0,tid=0,pid=29853,uid=4098,mid=0,wordCount=2,byteCount=0,andxComman
d=0xFF,andxOffset=0]

2007-12-11 08:18:08,277 ERROR [STDERR] 00000: FF 53 4D 42 74 00 00 00 00 18 03 
C0 00 00 00 00  |ÿSMBt......À....| 
00010: 00 00 00 00 00 00 00 00 00 00 9D 74 02 10 00 00  |...........t....| 
00020: 02 FF 00 DE DE 00 00                             |.ÿ.ÞÞ..         | 
2007-12-11 08:18:08,652 ERROR [STDERR] SmbComNegotiate
[command=SMB_COM_NEGOTIATE,received=false,errorCode=0,flags=0x0018,flags2=0xC00
3,signSeq=0,tid=0,pid=29853,uid=0,mid=15,wordCount=0,byteCount=12,wordCount=0,d
ialects=NT LM 0.12]

2007-12-11 08:18:08,652 ERROR [STDERR] 00000: FF 53 4D 42 72 00 00 00 00 18 03 
C0 00 00 00 00  |ÿSMBr......À....| 
00010: 00 00 00 00 00 00 00 00 00 00 9D 74 00 00 0F 00  |...........t....| 
00020: 00 0C 00 02 4E 54 20 4C 4D 20 30 2E 31 32 00     |....NT LM 0.12. | 
2007-12-11 08:18:08,667 ERROR [STDERR] New data read: Transport1
[utcs111d12/172.17.40.2:0] 
2007-12-11 08:18:08,667 ERROR [STDERR] 00000: FF 53 4D 42 72 00 00 00 00 98 03 
C0 00 00 00 00  |ÿSMBr......À....| 
00010: 00 00 00 00 00 00 00 00 00 00 9D 74 00 00 0F 00  |...........t....| 
2007-12-11 08:18:08,667 ERROR [STDERR] byteCount=50 but readBytesWireFormat 
returned 26 
2007-12-11 08:18:08,667 ERROR [STDERR] SmbComNegotiateResponse
[command=SMB_COM_NEGOTIATE,received=false,errorCode=0,flags=0x0098,flags2=0xC00
3,signSeq=0,tid=0,pid=29853,uid=0,mid=15,wordCount=17,byteCount=50,wordCount=17
,dialectIndex=0,securityMode=0x7,security=user,encryptedPasswords=true,maxMpxCo
unt=50,maxNumberVcs=1,maxBufferSize=16644,maxRawSize=65536,sessionKey=0x0000000
0,capabilities=0x0001F3FD,serverTime=Tue Dec 11 08:18:08 GMT 
2007,serverTimeZone=65476,encryptionKeyLength=8,byteCount=50,encryptionKey=0x00
1867E63843EBA9,oemDomainName=RABODEVEU]

2007-12-11 08:18:08,667 ERROR [STDERR] 00000: FF 53 4D 42 72 00 00 00 00 98 03 
C0 00 00 00 00  |ÿSMBr......À....| 
00010: 00 00 00 00 00 00 00 00 00 00 9D 74 00 00 0F 00  |...........t....| 
00020: 11 00 00 07 32 00 01 00 04 41 00 00 00 00 01     |....2....A..... | 
2007-12-11 08:18:08,667 ERROR [STDERR] treeConnect: 
unc=\\blahblah\IPC$,service=????? 
2007-12-11 08:18:08,667 ERROR [STDERR] sessionSetup: 
accountName=blahblah,primaryDomain=blahblah 
2007-12-11 08:18:08,667 ERROR [STDERR] SmbComSessionSetupAndX
[command=SMB_COM_SESSION_SETUP_ANDX,received=false,errorCode=0,flags=0x0018,fla
gs2=0xC003,signSeq=0,tid=0,pid=29853,uid=0,mid=16,wordCount=13,byteCount=121,an
dxCommand=0x75,andxOffset=182,snd_buf_size=16644,maxMpxCount=10,VC_NUMBER=1,ses
sionKey=0,passwordLength=24,unicodePasswordLength=24,capabilities=4180,accountN
ame=blahblah,primaryDomain=blahblah,NATIVE_OS=Windows XP,NATIVE_LANMAN=jCIFS]

2007-12-11 08:18:08,667 ERROR [STDERR] SmbComTreeConnectAndX
[command=SMB_COM_TREE_CONNECT_ANDX,received=false,errorCode=0,flags=0x0018,flag
s2=0x0000,signSeq=0,tid=0,pid=29853,uid=0,mid=0,wordCount=4,byteCount=43,andxCo
mmand=0xFF,andxOffset=0,disconnectTid=false,passwordLength=1,password=,path=\\b
lahblah\IPC$,service=?????]

2007-12-11 08:18:08,667 ERROR [STDERR] 00000: FF 53 4D 42 73 00 00 00 00 18 03 
C0 00 00 00 00  |ÿSMBs......À....| 
00010: 00 00 00 00 00 00 00 00 00 00 9D 74 00 00 10 00  |...........t....| 
00020: 0D 75 00 B6 00 04 41 0A 00 01 00 00 00 00 00 18  |.u.¶..A.........| 
00030: 00 18 00 00 00 00 00 54 10 00 00 79 00 CF 1D A5  |.......T...y.Ï.¥| 
00040: FB E6 09 95 03 FB 93 DA CE 86 20 0E 48 EA 40 1E  |ûæ...û.ÚÎ. .Hê@.| 
00050: 9A 0D 0B F9 86 E8 D1 8C BC F2 6C AC 29 8A 1C 4F  |...ù.èÑ.¼òl¬)..O| 
00060: 07 78 59 44 02 EB 59 25 11 40 DC 5D 9C 00 6B 00  |.xYD.ëY%.@Ü]..k.| 
00070: 69 00 6D 00 70 00 74 00 6F 00 6E 00 63 00 00 00  |i.m.p.t.o.n.c...| 
00080: 52 00 41 00 42 00 4F 00 44 00 45 00 56 00 45 00  |R.A.B.O.D.E.V.E.| 
00090: 55 00 00 00 57 00 69 00 6E 00 64 00 6F 00 77 00  |U...W.i.n.d.o.w.| 
000A0: 73 00 20 00 58 00 50 00 00 00 6A 00 43 00 49 00  |s. .X.P...j.C.I.| 
000B0: 46 00 53 00 00 00 04 FF 00 DE DE 00 00 01 00 2B  |F.S....ÿ.ÞÞ....+| 
000C0: 00 00 5C 00 5C 00 75 00 74 00 63 00 73 00 31 00  |..\.\.u.t.c.s.1.| 
000D0: 31 00 31 00 64 00 31 00 32 00 5C 00 49 00 50 00  |1.1.d.1.2.\.I.P.| 
000E0: 43 00 24 00 00 00 3F 3F 3F 3F 3F 00              |C.$...?????.    | 
2007-12-11 08:18:08,683 ERROR [STDERR] New data read: Transport1
[utcs111d12/172.17.40.2:0] 
2007-12-11 08:18:08,683 ERROR [STDERR] 00000: FF 53 4D 42 73 00 00 00 00 98 03 
C0 00 00 00 00  |ÿSMBs......À....| 
00010: 00 00 00 00 00 00 00 00 01 08 9D 74 01 08 10 00  |...........t....| 
2007-12-11 08:18:08,699 ERROR [STDERR] SmbComSessionSetupAndXResponse
[command=SMB_COM_SESSION_SETUP_ANDX,received=false,errorCode=0,flags=0x0098,fla
gs2=0xC003,signSeq=0,tid=2049,pid=29853,uid=2049,mid=16,wordCount=3,byteCount=1
48,andxCommand=0x75,andxOffset=189,isLoggedInAsGuest=false,nativeOs=Windows 
Server 2003 3790 Service Pack 2,nativeLanMan=Windows Server 2003 
5.2,primaryDomain=RABODEVEU]

2007-12-11 08:18:08,699 ERROR [STDERR] 00000: FF 53 4D 42 73 00 00 00 00 98 03 
C0 00 00 00 00  |ÿSMBs......À....| 
00010: 00 00 00 00 00 00 00 00 01 08 9D 74 01 08 10 00  |...........t....| 
00020: 03 75 00 BD 00 00 00 94 00 41 57 00 69 00 6E 00  |.u.½.....AW.i.n.| 
00030: 64 00 6F 00 77 00 73 00 20 00 53 00 65 00 72 00  |d.o.w.s. .S.e.r.| 
00040: 76 00 65 00 72 00 20 00 32 00 30 00 30 00 33 00  |v.e.r. .2.0.0.3.| 
00050: 20 00 33 00 37 00 39 00 30 00 20 00 53 00 65 00  | .3.7.9.0. .S.e.| 
00060: 72 00 76 00 69 00 63 00 65 00 20 00 50 00 61 00  |r.v.i.c.e. .P.a.| 
00070: 63 00 6B 00 20 00 32 00 00 00 57 00 69 00 6E 00  |c.k. .2...W.i.n.| 
00080: 64 00 6F 00 77 00 73 00 20 00 53 00 65 00 72 00  |d.o.w.s. .S.e.r.| 
00090: 76 00 65 00 72 00 20 00 32 00 30 00 30 00 33 00  |v.e.r. .2.0.0.3.| 
000A0: 20 00 35 00 2E 00 32 00 00 00 52 00 41 00 42 00  | .5...2...R.A.B.| 
000B0: 4F 00 44 00 45 00 56 00 45 00 55 00 00 03 FF 00  |O.D.E.V.E.U...ÿ.| 
000C0: CC 00 01 00 06 00 49 50 43 00 00 00              |Ì.....IPC...    | 
2007-12-11 08:18:08,699 ERROR [STDERR] NtlmHttpFilter: blahblah successfully 
authenticated against blahblah

2007-12-11 08:18:09,574 ERROR [STDERR] NtlmHttpFilter: blahblah successfully 
authenticated against blahblah

More information about the jcifs mailing list