[jcifs] Need help with failed logins
asaf.mesika at gmail.com
Thu Apr 9 22:25:49 GMT 2009
On Thu, Apr 9, 2009 at 4:52 PM, MStreck <mark.strecker at siemens.com> wrote:
> Hello All,
> We are using the filter in production and have a couple of situations where
> people cannot login ... for everyone else it is working great. I am not
> how to debug this and need some guidance.
> I re-read the docs and
> http://jcifs.samba.org/src/docs/ntlmhttpauth.html#transparent implies that
> if something isn't setup correctly with IE or using Linux or MacOS would
> give the login box and they would be able to login. If I use Firefox, this
> is exactly what happens. So, I expected the same from non-MS OSs.
> The first situation is someone cannot login from MacOS. I also tried Linux
> with Konquerer and that also fails. What happens is that it just has a
> window and the browser says that it is waiting for a reply. I turned the
> jcifs logging to 10 and there is no output. I also turned on insecureBasic
> to see if that would work and it's exactly the same as before.(Yes, I
> restarted JBoss after I deployed the change.)
I never heard that it ever worked with non MS OS. I think FireFox have an
integrated code which uses some Windows OS calls to prepare the hashed
password for the 3rd response in the handshake.
> The second situation is that IE fails to login. This is limited to about 5
> machines and if they use Firefox, they can login. I also turned the logging
> to 10 and the communication from the browser stopped after the second
> request/response and just never sent the request for step 3 in the
> negotiation. It then displays the IE error page.
> We tried to set the DisableNTLMPreAuth describes in the FAQ and that didn't
> work. We haven't tried adding the website to the local intranet trusted
> sites ... but I don't have that in my IE and mine works.
Hmm, I think you should start by using WireShark and write down the packets
sent and received between the internet explorer (client) computer and your
Once I have that I can continue on to help you out.
> So, I am not sure what to do to debug these problems. Here is my config :
> jcifs 1.3.8
> Authenticating against a Win2k3 server
> always needed for preauthentication / SMB signatures
> Any help would be greatly appreciated. TIA
> View this message in context:
> Sent from the Samba - jcifs mailing list archive at Nabble.com.
-------------- next part --------------
HTML attachment scrubbed and removed
More information about the jcifs