[jcifs] JCIFS Pops up dialog box for Authenticating certain users

Matt Parker parkerman at gmail.com
Fri Jul 11 05:41:37 GMT 2008 

On Fri, Jul 4, 2008 at 11:31 AM, Vivek Mehtani <vivek.mehtani at gmail.com> wrote:
>
> Hi,
>
> We need to configure JCIFS for single sign on silently passing the
> credentials. For this we have configured the NtlmHttpFilter in the following
> manner in our web.xml file. The problem we are facing is that for certain
> users it works perfectly fine but for certain users it pops up a dialog box
> for the credentials . if the user provides the correct credentials then user
> gets authenticated.
>
> But we would like every user to be authenticated silently.
>
> can some one suggest what is wrong in the below configuration that it
> doesn't work for all users ?
>
>    <filter-name>NtlmHttpFilter</filter-name>
>        <filter-class>jcifs.http.NtlmHttpFilter</filter-class>
>        <init-param>
>        <param-name>jcifs.smb.client.domain</param-name>
>        <param-value>DOMAIN</param-value>
>        </init-param>
>    <init-param>
>        <param-name>jcifs.http.domainController</param-name>
>        <param-value>IP</param-value>
>        </init-param>
>    <init-param>
>        <param-name>jcifs.util.loglevel</param-name>
>        <param-value>2</param-value>
>        </init-param>
>    <init-param>
>        <param-name>jcifs.smb.lmCompatibility</param-name>
>        <param-value>3</param-value>
>        </init-param>
>    </filter>
>
>
> Thanks
>
> Vivek
>
> Thanks & Regards,
>
> Vivek Mehtani
> --
> View this message in context: http://www.nabble.com/JCIFS-Pops-up-dialog-box-for-Authenticating-certain-users-tp18283528p18283528.html
> Sent from the Samba - jcifs mailing list archive at Nabble.com.
>
>

I was having this problem as well, until I enabled preauthentication
(described here:
http://jcifs.samba.org/src/docs/ntlmhttpauth.html#signing). Try adding
jcifs.smb.client.username and jcifs.smb.client.password init-params.
This is obviously not an ideal solution since you have to put a
plaintext domain password in your web.xml, so you'd have to get
creative if you wanted it to be more secure.

HTH,

Matt

More information about the jcifs mailing list