[jcifs] alt. jcifs auth mechanism impl.

[Michael B Allen]

On Mon, Oct 13, 2008 at 2:43 PM, Memisyazici, Aras <arasm at vt.edu> wrote:
> Hello List:
>
> I am trying to determine whether or not implementing jCIFS into our
> environment at our department-level will be a viable solution. As such,
> we have a few requirements that any/all similar projects have to meet:
>
> a) they have to support SMB signing
> b) we will not implement WINS
> c) Either of these 3 for AUTH are supported: Kerberosv5, NTLMv2 or LDAPS
>
> Reviewing the documentation on the site, shows samples of configs for
> non-WINS environments, also there is some verbage stating jCIFS
> supporting SMB signing as long as configured properly... The pickle is
> regarding the NTLMv2 auth piece... site specifically states that this
> protocol is not supported, however on the mainpage there are some
> "hints" that KERBv5 and LDAP/S are "possibilities"
>
> Has anyone implemented jCIFS successfully with either of those as the
> auth mechanism? If so, would you mind sharing your experiences with the
> current setup you have? How successful is/was the implementation? How
> many users are you able to support? How many simulatenous sessions
> (successfully)?
>
> Also, if you wouldn't mind sharing some form of "doc/wiki/url/..." that
> has notes/steps on how you went about implementing the alternative auth
> mechanism would be much appreciated as well :)

Hi Russ,

I assume you're talking about the NTLM HTTP Authentication Filter. You
would really just have to try it and see if it works for you.

Note that the Filter does not and never will support NTLMv2 or
Kerberos and will be removed altogether in JCIFS 2.x.

Incedentally JCIFS does not use LDAP for anything and LDAP cannot be
used for SSO. But if LDAP satisfies your requirements I recommend that
you probably go with that since the JCIFS Filter is slowly but surely
becoming obsolete.

Mike

-- 
Michael B Allen
PHP Active Directory SPNEGO SSO
http://www.ioplex.com/