[jcifs] NtlmHttpFilter issue: jcifs.smb.client.useExtendedSecurity seemingly not recognized
Phillip Rhodes
Phillip.Rhodes at redwood.com
Thu Oct 29 11:25:27 MDT 2009
Hi all, I have a question that I'm hoping someone can shed some light
on. We are using
NtlmHttpFilter for SSO with our application at a customer. The server
is Tomcat, and the client OS is Windows XP. Not sure, ATM, what OS is
the domain controller is running.
This occurs using the latest jcifs.jar, FWIW.
We are getting the (seemingly infamous)
"jcifs.smb.client.useExtendedSecurity must be true if
jcifs.smb.lmCompatibility >= 3" error message. Looking at the archives
from this list suggest that the solution is to set "useExtendedSecurity"
to false and "lmCompatibility" to 0. However, even with those settings
in place, we still get this same error. Below is the relevant section
from our web.xml
<filter>
<filter-name>NtlmHttpFilter</filter-name>
<filter-class>jcifs.http.NtlmHttpFilter</filter-class>
<init-param>
<param-name>jcifs.http.domainController</param-name>
<param-value>10.10.1.15</param-value>
</init-param>
<init-param>
<param-name>jcifs.smb.client.useExtendedSecurity</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>jcifs.smb.lmCompatibility</param-name>
<param-value>0</param-value>
</init-param>
</filter>
Can anybody explain why we're still seeing this, even with these
settings in place? Can it have something to do with the settings on the
domain controller (eg, something there attempting to force NTLMv2
usage)? Do the client settings (on the XP box) affect this at all?
Thanks,
Phillip Rhodes
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.samba.org/pipermail/jcifs/attachments/20091029/46a5227d/attachment.html>
More information about the jCIFS
mailing list