[jcifs] Authentication

Michael B Allen ioplex at gmail.com
Mon Aug 17 08:59:34 MDT 2009

On Mon, Aug 17, 2009 at 10:26 AM, Stian Brattland<stian at brattland.no> wrote:
> Hi,
> Just a quick question on samba authentication. The way i usually create
> SmbFile instances is by providing a full path, including username and
> password, in the constructor.
> Typically, it would look like this.
> SmbFile f = new SmbFile("smb://user:password@");
> However, from a performance point of view, does this mean that JCifs will
> have to run through authentication every single time a client connects to
> the server to retrieve a file?
> If i put the above line inside a loop which iterates 1000 times, will that
> require 1000 authentications?

Hi Stian,

No. Transports (which are established during socket connect) are
shared. And for each transport, sessions (which are established during
authentication) are shared [1]. And for each session, trees (which are
established when mounting a share) are shared.

Note that putting credentials into the URL is considered foul and is a
feature that is provided only for when you feel lazy, quick and dirty.

The correct way to create an SmbFile is with a separate credential object like:

NtlmPasswordAuthentication auth = new
NtlmPasswordAuthentication("DOMAIN", "user", "password");
SmbFile f = new SmbFile("smb://", auth);

But again, this has no effect on the number of sessions created. If
another session is required and the credentials are equivalent, the
existing session with be reused. JCIFS is extremely efficient about
resources. If multiple SmbFiles use the same transport, it will
multiplex all requests for those SmbFiles over the same transport
(assuming multiple threads are being used).


[1] If you set the ssnLimit property, at most ssnLimit sessions will
be shared before a new transport is created.

Michael B Allen
Java Active Directory Integration

More information about the jCIFS mailing list