[jcifs] 411 - Length Required

Michael B Allen ioplex at gmail.com
Fri Nov 7 18:19:13 GMT 2008

On Fri, Nov 7, 2008 at 12:51 PM, Chad Sturtz <Chad.Sturtz at quest.com> wrote:
> Mike,
> I am working in the context of HTTP/HTTPS connections.  I'm setting the system property "java.protocol.handler.pkgs" to "jcifs" per the documentation.
> I actually downloaded the code and messed around with it to try and get past my issues.  I added a line to set the content-length in two places in NtlmHttpURLConnection.java, and that got me past the 411 error.
> After that I ran into some NullPointerExceptions inside NtlmPasswordAuthentication.java.  I added just a few more lines there to check for null and now everything is working just fine for me.
> I'm attaching the edited source files.  You can search for the string "CWS" to quickly locate my changes.
> I'm not sure my code changes won't cause other problems.  I was simply trying to get past my issues to see if using this library for our needs was a possibility.  Assuming my changes don't break anything or can easily be corrected, is this something that can be reviewed and added into the next version?  And out of curiosity, about how long would it be for these changes would be put in a release?  How do you usually handle external contributions?

Hi Chad,

Actually the HTTP classes will be removed from JCIFS. I was hoping to
the 1.3 changes wouldn't break anything but now that I know they
really are broken I really should just yank them. For all I know they
were broken before as I don't use those classes and have not tested
them in years.

However, I will be taking care to expose the NTLM functionality for
other projects to use. Currently that exposure is in the form of the
undocumented GSSAPI-like jcifs.smb.NtlmContext class. I recommend that
you find a real Java HTTP client and try to convince them to use that
class to add the correct NTLM authentication support. I think the
Apache HTTP client is popular and already has some NTLM capability.
The NTLM part of that code is pretty ugly so maybe they would
appreciate your cleaning it up with jcifs.smb.NtlmContext (as long as
they don't mind the jcifs.jar dep).

In general, I want to narrow the focus of JCIFS to just CIFS and
DCERPC but expose the authentication capability so that it can be
shared with other projects. I think that is the best way for growth to
occur moving forward. I think some of our HTTP stuff has actually been
holding the community back (and in the case of the Filter has actually
done some damage).


> -----Original Message-----
> From: Michael B Allen [mailto:ioplex at gmail.com]
> Sent: Thursday, November 06, 2008 11:10 AM
> To: Chad Sturtz
> Cc: jcifs at lists.samba.org; John Ostermeyer
> Subject: Re: [jcifs] 411 - Length Required
> On Thu, Nov 6, 2008 at 11:54 AM, Chad Sturtz <Chad.Sturtz at quest.com> wrote:
>> I downloaded and started using the JCIFS library yesterday to handle NTLM
>> authentication to a remote windows host running WinRM.  I'm watching the
>> network traffic in Wireshark and can see the original 401 response, followed
>> by the client sending a second request with the NTLM authentication
>> included.  The problem lies here.  The server responds with a 411 error
>> (Length Required).  As I understand it, this means the request was sent
>> without a Content-Length header.  I was able to verify this in the Wireshark
>> trace.
>> Is there a reason the Content-Length is not being set?
> I need more context. It's clear you're using HTTP but it sounds like
> you're using an HTTP client. JCIFS is primarily a CIFS protocol client
> so I don't always pay too much attention to the HTTP stuff. Can you be
> more specific?
> Mike
> --
> Michael B Allen
> PHP Active Directory SPNEGO SSO
> http://www.ioplex.com/

Michael B Allen
PHP Active Directory SPNEGO SSO

More information about the jcifs mailing list