[jcifs] NTLMHttpFilter issue with web server plugin

Janarthana Sankareswaran janapro2000 at yahoo.com
Fri Apr 11 20:27:46 GMT 2008


I have a web application deployed in WAS 5.0. But we
access this application (without a hard coded port
number) through IBM Http Server with plugin-cfg.xml.
The application uses NTLMHttpFilter  for
authentication. I am getting the following exception
only when I am accessing the application through the
web server. This results in a "page cannot be
displayed" in the IE. I am not getting this error if I
access the application directly from the web
container(with a hard coded port number). Everything
works fine.

I tried removing the NTLMHttpFilter configuration from
the web.xml and application works fine irrespective of
whether I directly access it from web container or
through the web server.

Error:

[4/11/08 21:14:52:102 UTC] 772f5868 SystemErr     R
SmbComNegotiate[command=SMB_COM_NEGOTIATE,received=false,errorCode=0,flags=0x0018,flags2=0xC003,signSeq=0,tid=0,pid=33386,uid=0,mid=73,wordCount=0,byteCount=12,wordCount=0,dialects=NT
LM 0.12]
[4/11/08 21:14:52:165 UTC] 772f5868 SystemErr     R
New data read: Transport1[DC22REG<00>/206.70.40.128:0]
[4/11/08 21:14:52:166 UTC] 772f5868 SystemErr     R
00000: FF 53 4D 42 72 00 00 00 00 98 03 C0 00 00 00 00
 |ÿSMBr......À....|
00010: 00 00 00 00 00 00 00 00 00 00 6A 82 00 00 49 00
 |..........j...I.|
[4/11/08 21:14:52:166 UTC] 772f5868 SystemErr     R 
[4/11/08 21:14:52:166 UTC] 772f5868 SystemErr     R
byteCount=32 but readBytesWireFormat returned 14
[4/11/08 21:14:52:206 UTC] 772f5868 SystemErr     R
SmbComNegotiateResponse[command=SMB_COM_NEGOTIATE,received=false,errorCode=0,flags=0x0098,flags2=0xC003,signSeq=0,tid=0,pid=33386,uid=0,mid=73,wordCount=17,byteCount=32,wordCount=17,dialectIndex=0,securityMode=0x7,security=user,encryptedPasswords=true,maxMpxCount=50,maxNumberVcs=1,maxBufferSize=16644,maxRawSize=65536,sessionKey=0x00000000,capabilities=0x0001F3FD,serverTime=Fri
Apr 11 20:17:22 UTC
2008,serverTimeZone=65476,encryptionKeyLength=8,byteCount=32,encryptionKey=0xF454D3244CA15A3D,oemDomainName=REG]


Please find below the NTLM configuration in web.xml

	<filter>
	    <filter-name>NtlmHttpFilter</filter-name>
	   
<filter-class>jcifs.http.NtlmHttpFilter</filter-class>
	    <init-param>
	        <param-name>jcifs.netbios.wins</param-name>
	        <param-value>206.70.40.128</param-value>
	    </init-param>	
	    <init-param>
	       
<param-name>jcifs.http.domainController</param-name>
	        <param-value>206.70.40.128</param-value>
	    </init-param>
	    <init-param>
	        <param-name>jcifs.util.loglevel</param-name>
	        <param-value>10</param-value>
	    </init-param>        
	</filter>
	
	<filter-mapping>
	    <filter-name>NtlmHttpFilter</filter-name>
	    <url-pattern>/*</url-pattern>
	</filter-mapping>	


Please note that this configuration works if I access
the application server directly. But the above error
is thrown only when I try to access the application
through the web server.


Find below the plugin-cfg.xml:

 <?xml version="1.0" encoding="ISO-8859-1" ?> 
- <Config ASDisableNagle="false"
AcceptAllContent="false"
AppServerPortPreference="HostHeader"
ChunkedResponse="false" IISDisableNagle="false"
IISPluginPriority="High" IgnoreDNSFailures="false"
RefreshInterval="60" ResponseChunkSize="64"
VHostMatchingCompat="false">
  <Log LogLevel="Error"
Name="/QIBM/UserData/WebAS5/Base/default/logs/http_plugin.log"
/> 
  <Property Name="ESIEnable" Value="true" /> 
  <Property Name="ESIMaxCacheSize" Value="1024" /> 
  <Property Name="ESIInvalidationMonitor"
Value="false" /> 
- <VirtualHostGroup Name="default_host">
  <VirtualHost Name="*:9080" /> 
  <VirtualHost Name="*:80" /> 
  </VirtualHostGroup>
- <ServerCluster CloneSeparatorChange="false"
LoadBalance="Round Robin"
Name="server1_TRUWEBEU_Cluster"
PostSizeLimit="10000000" RemoveSpecialHeaders="true"
RetryInterval="60">
- <Server ConnectTimeout="0" ExtendedHandshake="false"
MaxConnections="0" Name="TRUWEBEU_server1"
ServerIOTimeout="0" WaitForContinue="false">
  <Transport Hostname="TRUWEBEU" Port="9080"
Protocol="http" /> 
  </Server>
- <PrimaryServers>
  <Server Name="TRUWEBEU_server1" /> 
  </PrimaryServers>
  </ServerCluster>
- <UriGroup
Name="default_host_server1_TRUWEBEU_Cluster_URIs">
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid" Name="/snoop/*" /> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid" Name="/hello" /> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid" Name="/hitcount" />

  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid" Name="*.jsp" /> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid" Name="*.jsv" /> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid" Name="*.jsw" /> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid"
Name="/j_security_check" /> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid"
Name="/ibm_security_logout" /> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid" Name="/servlet/*"
/> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid" Name="/ivt/*" /> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid" Name="/gms/*" /> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid" Name="/sso/*" /> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid" Name="/fns/*" /> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid" Name="/rfd/*" /> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid" Name="/trussouk/*"
/> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid" Name="/trussospn/*"
/> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid"
Name="/trussospnservlet/*" /> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid" Name="/trussofra/*"
/> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid" Name="/rlm/*" /> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid" Name="/appusage/*"
/> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid"
Name="/appusageservlet/*" /> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid" Name="/newssodom/*"
/> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid" Name="/trussodom/*"
/> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid"
Name="/MailConfig/*" /> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid"
Name="/MailConfigservlet/*" /> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid" Name="/sknupload/*"
/> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid"
Name="/sknuploadservlet/*" /> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid"
Name="/genxlsupld/*" /> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid"
Name="/genxlsupldservlet/*" /> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid"
Name="/GenericReport/*" /> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid"
Name="/GenericReportservlet/*" /> 
  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid" Name="/RMSWeb/*" />

  <Uri AffinityCookie="JSESSIONID"
AffinityURLIdentifier="jsessionid" Name="/S2S/*" /> 
  </UriGroup>
  <Route ServerCluster="server1_TRUWEBEU_Cluster"
UriGroup="default_host_server1_TRUWEBEU_Cluster_URIs"
VirtualHostGroup="default_host" /> 
- <RequestMetrics armEnabled="false"
newBehavior="false" rmEnabled="false"
traceLevel="HOPS">
- <filters enable="false" type="URI">
  <filterValues enable="false" value="/servlet/snoop"
/> 
  <filterValues enable="false"
value="/webapp/examples/HitCount" /> 
  </filters>
- <filters enable="false" type="SOURCE_IP">
  <filterValues enable="false" value="255.255.255.255"
/> 
  <filterValues enable="false" value="254.254.254.254"
/> 
  </filters>
  </RequestMetrics>
  </Config>


Can someone please help me on this?

Regards
Jana

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 


More information about the jcifs mailing list