[jcifs] Slow authentication in v1.3.12

jv vanek.jiri at post.cz
Mon Oct 26 05:33:11 MDT 2009 

Hi,

we are using SpringSecurity which uses jcifs for NTLM authentication. 
We've got some errors like ArrayIndexOutOfBoundsException and SmbException: 
The parameter is incorrect, so we've decided to upgrade jcifs version in 
SpringSecurity. At first we've tried version 1.2.25
(ArrayIndexOutOfBoundsException  FIX) and it was fine then we've tried 
1.3.12(SmbException: The parameter is incorrect FIX) and NTLM authorization 
is very slow now. As you can see from logs there are three 6 seconds gaps in 
v1.3.12 and only one in v1.2.25. Do you have any idea what is wrong?

v1.2.25 configuration and log:
<bean id="ntlmFilter"
    class="org.springframework.security.ui.ntlm.NtlmProcessingFilter">
      <property name="stripDomain" value="true"/>
      <property name="retryOnAuthFailure" value="true" />
      <property name="defaultDomain" value="COMPANY" />
      <property name="domainController" value="127.0.0.1" />
      <property name="authenticationManager" ref="ntlmAuthenticationManager"/>
</bean>

13:44:19,567 [org.springframework.security.ui.ntlm.NtlmProcessingFilter]
Starting NTLM handshake

13:44:19,583 [org.springframework.security.ui.ExceptionTranslationFilter]
Authentication exception occurred; redirecting to authentication entry point

13:44:19,583 [org.springframework.security.ui.ExceptionTranslationFilter]
Authentication entry point being called; SavedRequest added to Session:
SavedRequest[http://127.0.0.1/client/index.jsp]

    13:44:19,598 [org.springframework.security.ui.ntlm.NtlmProcessingFilter]
Processing NTLM Type 1 Message

<-- 6 seconds gap -->

13:44:25,598 [org.springframework.security.ui.ExceptionTranslationFilter]
Authentication exception occurred; redirecting to authentication entry point

13:44:25,598 [org.springframework.security.ui.ExceptionTranslationFilter]
Authentication entry point being called; SavedRequest added to Session:
SavedRequest[http://127.0.0.1/client/index.jsp]

    13:44:25,598 [org.springframework.security.ui.ntlm.NtlmProcessingFilter]
Processing NTLM Type 3 Message

13:44:25,598 [org.springframework.security.ui.ntlm.NtlmProcessingFilter]
NTLM negotiation complete

 13:44:25,598 [org.springframework.security.ui.ntlm.NtlmProcessingFilter]
vanek successfully authenticated against 0.0.0.0<00>/127.0.0.1

 13:44:25,598 [org.springframework.security.ui.ntlm.NtlmProcessingFilter]
Authenticating user credentials


v1.3.12 configuration and log:
<bean id="ntlmFilter"
    class="org.springframework.security.ui.ntlm.NtlmProcessingFilter">
      <property name="stripDomain" value="true"/>
      <property name="retryOnAuthFailure" value="true" />
      <property name="defaultDomain" value="COMPANY" />
      <property name="domainController" value="127.0.0.1" />
      <property name="authenticationManager" ref="ntlmAuthenticationManager"/>
    <property name="jcifsProperties">
    <value>
      jcifs.smb.lmCompatibility=2
      jcifs.smb.client.useExtendedSecurity=false
      jcifs.util.loglevel=N
    </value>
    </property>
</bean>

08:08:17,289 [org.springframework.security.ui.ntlm.NtlmProcessingFilter]
Starting NTLM handshake

08:08:17,289 [org.springframework.security.ui.ExceptionTranslationFilter]
Authentication exception occurred; redirecting to authentication entry point

08:08:17,321 [org.springframework.security.ui.ExceptionTranslationFilter]
Authentication entry point being called; SavedRequest added to Session:
SavedRequest[http://127.0.0.1/client/index.jsp]

08:08:17,336 [org.springframework.security.ui.ntlm.NtlmProcessingFilter]
Processing NTLM Type 1 Message

<-- 6 seconds gap -->

08:08:23,461 [org.springframework.security.ui.ExceptionTranslationFilter]
Authentication exception occurred; redirecting to authentication entry point

08:08:23,461 [org.springframework.security.ui.ExceptionTranslationFilter]
Authentication entry point being called; SavedRequest added to Session:
SavedRequest[http://127.0.0.1/client/index.jsp]

08:08:23,508 [org.springframework.security.ui.ntlm.NtlmProcessingFilter]
Processing NTLM Type 3 Message

<-- 6 seconds gap -->

08:08:29,539 [org.springframework.security.ui.ntlm.NtlmProcessingFilter]
NTLM negotiation complete

<-- 6 seconds gap -->

08:08:35,602 [org.springframework.security.ui.ntlm.NtlmProcessingFilter]
vanek successfully authenticated against 0.0.0.0<00>/127.0.0.1

08:08:35,602 [org.springframework.security.ui.ntlm.NtlmProcessingFilter]
Authenticating user credentials

More information about the jCIFS mailing list