[jcifs] Domain based DFS support in Kerberos code, or NTLMv2
support in Java 1.4?
Michael B Allen
ioplex at gmail.com
Wed Feb 25 17:50:34 GMT 2009
On Wed, Feb 25, 2009 at 12:49 PM, Michael B Allen <ioplex at gmail.com> wrote:
> On Wed, Feb 25, 2009 at 11:48 AM, Darren Taft <daztop at rocketmail.com> wrote:
>>> > I'm using a Java 1.4 environment (WebLogic 8.1.4) that I cannot upgrade.
>>> > I've been having issues connecting to a specific server using JCIFS,
>>> > so I've been trying different JCIFS versions. See the following results:
>>> > jcifs-1.2.25.jar - works for Domain-Based DFS, but doesn't work when
>>> > connecting to the "fault" server.
>>> > jcifs-krb5-1.3.1.jar - doesn't work for Domain-Based DFS, but does work
>>> > when connecting to any server (including "fault" server).
>>> > jcifs-1.3.3.jar - doesn't work in a Java 1.4 environment (requires some
>>> > Java 1.5 classes)
>>> > Based on the above results, I'm assuming that the "fault" server is either
>>> > using NTLMv2 or Kerberos for authentication (for which jcifs-krb5-1.3.1.jar
>>> > includes support for both) - would that be a valid assumption? The other
>>> > possibility is that there's a bug fix somewhere in the 1.3.1 code that just
>>> > happens to be resolving the fault.
>>> > So based on the above assumption, how can I get both domain-based DFS and
>>> > this "fault" server working? i.e. I need a JAR that includes the
>>> > NTLMv2/Kerberos (I don't know how to tell which one it's using) and/or the
>>> > possible fix, and the Domain-Based DFS.
>>> > Anyone have any ideas?
>>> What's the "fault"?
>> I wish I knew.
>> If I provide a path of: \\SERVERNAME\ it lists all the shares that are available, but if I try and
>> access any of them it fails with this error:
>> jcifs.smb.SmbException: Transport0 timedout waiting for response to
>> jcifs.util.transport.TransportException: Transport0 timedout waiting for response to
>> at jcifs.util.transport.Transport.sendrecv(Transport.java:76)
>> Note - the SHARE NAME does contain a space (I don't know if that makes any difference).
>> It's definitely not a timeout issue though - the server responds within a reasonable time from
>> Windows, and with jcifs-krb5-1.3.1.jar it responds within a few seconds.
>>> NTLMv2 needs the RC4 cipher. That is only supported by Java 1.5 upate
>>> 7 or later or another version of Java with a different crypto package
>>> like bounty castle.
>> I'm using jrockit81sp4_142_05 - I don't know if that includes RC4 support.
> My guess is that is your problem. Does the issue occur without this
> JVM? Does it work with that JVM and another server?
> I doubt that a timeout issue has anything to do with RC4 or NTLMv2.
> It's more likely a VM or environmental issue. You'll need to get a
> thread dump, try different VMs, servers and hosts machines to identify
> the pattern.
PS: Please send all messages through the JCIFS mailing list.
Michael B Allen
Java Active Directory Integration
More information about the jcifs