[jcifs] Anonymous access to samba servers

David Kaelbling dkaelbling at blackducksoftware.com
Tue Nov 2 08:45:13 MDT 2010 

Hi Mike,

Changing sessionSetup to not throw the fake exception if 
auth == NtlmPasswordAuthentication.ANONYMOUS looks good 
enough to me!  After doing that I can access Samba servers when
I specify ANONYMOUS explicitly.  The behavior for Windows servers 
is unchanged; they throw "Access is denied" unless I used GUEST.

I'd be happy to test a pre-release build if you decide to make one.

    Thanks,
    David

--
David Kaelbling
Senior Software Engineer
Black Duck Software, Inc.

dkaelbling at blackducksoftware.com
T +1.781.810.2041
F +1.781.891.5145

http://www.blackducksoftware.com
________________________________________
From: Michael B Allen [ioplex at gmail.com]
Sent: Tuesday, November 02, 2010 3:29 AM
To: David Kaelbling
Cc: jcifs at lists.samba.org
Subject: Re: [jcifs] Anonymous access to samba servers

Hi David,

JCIFS is hard coded to never do anonymous because the whole concept of
failing over to anonymous is horrible. But if you explicitly use
NtlmPasswordAuthentication.ANONYMOUS, that should probably be allowed
to work. I suspect there should be an additional condition in the
sessionSetup method where the "fake" exception is thrown that checks
auth != NtlmPasswordAuthentication.ANONYMOUS. Then it will work. Try
it. If it works for you, let me know and I'll add it to the TODO list.

Mike

On Mon, Nov 1, 2010 at 3:36 PM, David Kaelbling
<dkaelbling at blackducksoftware.com> wrote:
> Hi,
>
> I'm having trouble getting anonymous access to Samba servers to work.  I
> couldn't find a solution in the archives, so here goes....
>
> I'm using jcifs 1.3.15, Samba 3.0.33-3.29.el5_5.1, and Java 1.6.0_13 on
> a Linux box.  The smb.conf is pretty minimal, and is attached.
> "smbclient -N //donald/public/ -c 'ls'" works, sending:
>    Session Setup AndX Request, User: anonymous
>
> jcifs-1.3.15/examples/List throws SmbAuthException(Logon Failure) from
> SmbTransport.checkStatus().  It sends:
>    Session Setup AndX Request, NTLMSSP_AUTH, User: ?\GUEST
>
> I tried changing List.java to pass NtlmPasswordAuthentication.ANONYMOUS
> in the SmbFile constructor, after which it sends:
>    Session Setup AndX Request, User: anonymous;
>    Tree Connect AndX, Path: \\donald\PUBLIC
>
> The server is happy with that -- it returns "Guest: Logged in as GUEST".
> But then SmbSession.sessionSetup() throws a fake login failure in line
> 332.
>
> Is the logic in sessionSetup for state 10 right?  Around like 295 it
> forces NTLMSSP if auth is not ("","",""), but at line 329 is rejects
> anonymous login if auth.username was not "GUEST".  It seems like there
> are two different definitions for ANONYMOUS in use here!
>
> Any clues would be appreciated :-)
>
>  - Thanks
>    David
>
> --
> David Kaelbling
> Senior Software Engineer
> Black Duck Software, Inc.
>
> dkaelbling at blackducksoftware.com
> T +1.781.810.2041
> F +1.781.891.5145
>
> http://www.blackducksoftware.com
>



--
Michael B Allen
Java Active Directory Integration
http://www.ioplex.com/

More information about the jCIFS mailing list