[jcifs] NTLM and JCIFS: architecture/protocols
Michael B Allen
mba2000 at ioplex.com
Mon Feb 19 18:20:12 GMT 2007
On Mon, 19 Feb 2007 17:00:19 +0000
"Alastair Green" <alastair.j.green at hotmail.co.uk> wrote:
> Eric, Chris:
>
> Thank you very much for these detailed replies.
>
> A couple of follow-on questions, if you don't mind.
>
> 1) I mentioned NTLMSSP as if it were a library that provided client access
> to a DC. Is it that, or is it a service that then accesses the DC behind the
> scenes? In other words are we dealing with three net hops (browser to
> server, server to NTMSSP service, NTLMSSP to DC) or two (browser to server,
> server to DC via NTMLSSP as a library)?
>
> 2) I read in one of the references you supplied that Kerberos is the
> "default authentication protocol" for NTLMSSP, or a similar statement. What
> exactly is the relationship between CIFS and Kerberos? The latest version of
> JCIFS is billed as supporting Kerberos, for example, implying that
> previously it was not using Kerberos?
>
Try this:
http://en.wikipedia.org/wiki/Integrated_Windows_Authentication
It has a good concise list of definitions and relations between the
different protocols and authentication mechanisms.
Mike
--
Michael B Allen
PHP Active Directory SSO
http://www.ioplex.com/
More information about the jcifs
mailing list