[jcifs] 1.3.x filter authentication problem

Michael B Allen ioplex at gmail.com
Mon Feb 9 16:24:40 GMT 2009

On Mon, Feb 9, 2009 at 4:45 AM,  <raintrain at gmx.at> wrote:
> I have a web application with http filter authentication and standard user/pwd login.
> If the user was logged in through the http filter and logs out, it's possible to log in with username and password combination.
> For the http filter i have to use the following options:
> jcifs.smb.client.useExtendedSecurity=false and
> jcifs.smb.lmCompatibility=0
> The problem is, that the user can't login with username/password after the http filter sets the properties!

This is an issue between init-params being dynamic and yet the
jcifs.Config properties are static. So technically you cannot reliably
set those properties from within init-params. You must use a
-Djcifs.properties=jcifs.prp file and load the JCIFS properties from
the command line of your servlet container.

> I can't use 1.3.x to log in with http filter and without!

Or use 1.2. The reason this issue suddenly occurs in 1.3 is because
the two above mentioned property defaults have changed and as
mentioned above, cannot be set using init-params. There's nothing
different about the 1.2 filter. The JCIFS NTLM HTTP Filter has not
been modified at all in several years.

Note that the FAQ and NTLM HTTP Authentication Filter documentation
has recently been updated with important information regarding the
Filter and NTLMv2. In short, the Filter doesn't work anymore and is
being removed.


Michael B Allen
Java Active Directory Integration

More information about the jcifs mailing list