AW: [jcifs] Weird behaviour with NTLMHttpFilter

Stefan Müller stefan.mueller at issp.cc
Wed Dec 31 16:24:16 GMT 2008 

Hi,

I experienced similar issues at the end of 2007 with jCIFS build 1.2.17. The first user went fine, the second user (different user account, different host) received a 403 HTTP error. After a certain time period (I think it was suspiciously close to the SO_TIMEOUT value I had defined) or when restarting Tomcat (5.5) it started working again for the next "first user" that had been the second one in the initial call.

When implementing the NTLM handshake directly (without the filter class and with the motivation to cover multiple domains without trusts in this effort) I eventually ended up with the "solution" to mod the SmbSession in that way that it forcefully called the disconnect method of the underlying transport as soon as the logoff method was being called. So I gave up the benefit of impersonation but it did work that way. Without the modification the handshake apparently failed at the logon method of the SmbSession class. Unfortunately, I did not backup the exception.

Regards

---------------------------------------------------------------------------
Stefan Müller
CTO

ISSP Software und Service GmbH
Eichenweg 6
A-4048 Puchenau/Linz
Mob.: +43 664 39 59 518
Fax.: +43 732 221705-28
Mail: stefan.mueller at issp.cc
-------------------------------------------------
Firmenbuchgericht: LG Linz
Firmenbuchnummer: 218098 h


-----Ursprüngliche Nachricht-----
Von: jcifs-bounces+stefan.mueller=issp.cc at lists.samba.org [mailto:jcifs-bounces+stefan.mueller=issp.cc at lists.samba.org] Im Auftrag von Swapnil Patil
Gesendet: Mittwoch, 31. Dezember 2008 16:07
An: jcifs at lists.samba.org
Betreff: [jcifs] Weird behaviour with NTLMHttpFilter

Hi,
I am using NTLMHttpFilter.
Server : Tomcat 5.0. On machine 192.168.2.79.
After starting tomcat if test my application from  192.168.5.120.(its
in same domain where my apllication is deployed) NTLM works fine.
After this if I test my application from server itself i.e
192.168.2.79 it ask for user name password to connect 192.168.2.79. !
I can login if click url 3 times !.  vice-versa of this is true i.e.
afteer server restart if strat testing from 192.168.2.79 then I
encounter problem at 192.168.5.120
web.xml is as follows
<filter>
    <filter-name>NtlmHttpFilter</filter-name>
     <filter-class>jcifs.http.NtlmHttpFilter</filter-class>
     <init-param>
          <param-name>jcifs.netbios.wins</param-name>
          <param-value>192.168.5.124,192.168.5.126</param-value>
     </init-param>
     <init-param>
          <param-name>jcifs.smb.client.domain</param-name>
          <param-value>techo</param-value>
     </init-param>
</filter>
<filter-mapping>
   <filter-name>NtlmHttpFilter</filter-name>
   <url-pattern>/index.jsp</url-pattern>
</filter-mapping>

--- index.jsp
I am getting user name from session.getAttribute("NtlmHttpAuth");. And
then puting that user in request. and then I am submiting page to
login.jsp
I am hiting index.jsp to test my application.
I am newbie in NTLM so this may be as per design behaviour.
Does any know about such behavior ?
--
Thanks & Regards
Swapnil Patil.

More information about the jcifs mailing list