[jcifs] patch for exposing transports

Matt Parker parkerman at gmail.com
Tue Aug 5 21:53:35 GMT 2008 

I'd like to offer the following small patches for exposing and using
transports. Since all NTLM messages for a given auth session must use
the same transport (since the challenge is tied to the transport),
this patch allows reliable service for multiple concurrent clients by
allowing one to:

- obtain and store a transport/challenge
(SmbSession.getTransport(UniAddress) and SmbTransport.getChallenge())
- retrieve and use that same transport for later authentication
(SmbSession.logon(UniAddress, NtlmPasswordAuthentication,
SmbTransport)

example use of this:

// type 1 incoming
byte[] type1response = ... // somehow get type1
String ip = ... // somehow get ip address
SmbTransport transport = SmbSession.getTransport( dc ); // USES PATCH
myTransports.put(ip, transport);
byte[] challenge = transport.getChallenge(); // USES PATCH
Type2Message type2 = new Type2Message( new Type1Message( type1response
), challenge, domain );

...
// type 3 incoming
String ip = ... // get ip address somehow
SmbTransport transport = myTransports.remove(ip);
byte[] challenge = transport.getChallenge(); // USES PATCH
NtlmPasswordAuthentication creds = new NtlmPasswordAuthentication( ... );
SmbSession.logon( dc, creds, transport ); // USES PATCH

Thanks for considering.

Matt

P.S.:

- I know that it would be more scalable and efficient to re-use
transports, but I haven't been able to successfully do so without
having sporadic StatusAccessDenied errors, even when using smb
signing. This solution is scalable enough for my needs, and allows me
to choose between whether it's okay to fail occasionally with better
performance, or to never fail but with a heavier network/server load.
- using ssnLimit doesn't work well for me
- setting soTimeout to something like 1000 prevents lingering
connections. the whole auth process should never take more than 1
second.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: SmbSession.java.diff
Type: application/octet-stream
Size: 1480 bytes
Desc: not available
Url : http://lists.samba.org/archive/jcifs/attachments/20080805/4cf161e7/SmbSession.java.obj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: SmbTransport.java.diff
Type: application/octet-stream
Size: 872 bytes
Desc: not available
Url : http://lists.samba.org/archive/jcifs/attachments/20080805/4cf161e7/SmbTransport.java.obj

More information about the jcifs mailing list