[jcifs] Jcifs Error after upgrading from 1.2.17 to 1.3.14 (Access Denied)

Russel Morgan russel.morgan at disney.com
Mon Jun 27 16:44:37 MDT 2011 

Jcifs Team:

We have recently upgraded the jcifs library on one of our systems and are
experiencing an issue with users getting "Access Denied" when trying to NTLM
authenticate.

Behavior:
If a user is logged into our application client, and we restart the service with
the new 1.3.14 jcifs jar being used, once the service comes back up, previously
logged in users are not able to be re-authenticated with the service for
anywhere from 3-10 minutes.

New users, or users that have exited their application and attempt to
re-authenticate with the service are authenticated correctly and without wait or
retry.

Eventually the service is able to authenticate the previously logged in users,
but this is fairly painful from an end user perspective.

If we take the same service and roll it back to jcifs 1.2.17.jar this does not
happen. On the 1.2x jar individuals that are newly authenticated , along with
individuals that were already logged in before the service restart, are all
authenticated without error.

Dump of *.out showing a request/error

treeConnect: unc=\\NENA\IPC$,service=?????
sessionSetup: accountName=sidimem,primaryDomain=nena
NtlmContext[auth=nena\sidimem,ntlmsspFlags=0x60088014,
workstation=JCIFS64_65_B3,
isEstablished=false,state=1,serverChallenge=null,signingKey=null]
Type1Message[suppliedDomain=nena,
suppliedWorkstation=JCIFS64_65_B3,flags=0x60088215]
00000: 4E 54 4C 4D 53 53 50 00 01 00 00 00 15 B2 08 60  |NTLMSSP......¦.`|
00010: 04 00 04 00 20 00 00 00 0D 00 0D 00 24 00 00 00  |.... .......$...|
00020: 4E 45 4E 41 4A 43 49 46 53 36 34 5F 36 35 5F 42  |NENAJCIFS64_65_B|
00030: 33                                               |3               |

update: 0 0:16
00000: 84 FD B6 F8 58 E6 4F 72 58 B1 BD EB BE 9D 91 A2  |.²¦°XµOrX¦+d+..ó|

update: 1 4:146
00000: FF 53 4D 42 73 00 00 00 00 18 07 C8 00 00 C0 00  | SMBs......+..+.|
00010: 00 00 00 00 00 00 00 00 00 00 34 EC 00 00 64 00  |..........48..d.|
00020: 0C FF 00 DE DE 04 41 0A 00 01 00 00 00 00 00 31  |. .¦¦.A........1|
00030: 00 00 00 00 00 54 10 00 80 57 00 4E 54 4C 4D 53  |.....T...W.NTLMS|
00040: 53 50 00 01 00 00 00 15 B2 08 60 04 00 04 00 20  |SP......¦.`.... |
00050: 00 00 00 0D 00 0D 00 24 00 00 00 4E 45 4E 41 4A  |.......$...NENAJ|
00060: 43 49 46 53 36 34 5F 36 35 5F 42 33 57 00 69 00  |CIFS64_65_B3W.i.|
00070: 6E 00 64 00 6F 00 77 00 73 00 20 00 32 00 30 00  |n.d.o.w.s. .2.0.|
00080: 30 00 30 00 00 00 6A 00 43 00 49 00 46 00 53 00  |0.0...j.C.I.F.S.|
00090: 00 00                                            |..              |

digest:
00000: 8D 5D 75 EA D6 F1 FD 58 0F 88 B5 1A 1E 3E C7 31  |.]uO+±²X..¦..>¦1|

SmbComSessionSetupAndX[command=SMB_COM_SESSION_SETUP_ANDX,received=false,
errorCode=0,flags=0x0018,flags2=0xC807,signSeq=192,tid=0,pid=60468,uid=0,
mid=100,wordCount=12,byteCount=87,andxCommand=0xFF,andxOffset=0,
snd_buf_size=16644,maxMpxCount=10,VC_NUMBER=1,sessionKey=0,lmHash.length=0,
ntHash.length=0
,capabilities=-2147479468,accountName=null,primaryDomain=null,
NATIVE_OS=Windows
2000,NATIVE_LANMAN=jCIFS]
00000: FF 53 4D 42 73 00 00 00 00 18 07 C8 00 00 8D 5D  | SMBs......+...]|
00010: 75 EA D6 F1 FD 58 00 00 00 00 34 EC 00 00 64 00  |uO+±²X....48..d.|
00020: 0C FF 00 DE DE 04 41 0A 00 01 00 00 00 00 00 31  |. .¦¦.A........1|
00030: 00 00 00 00 00 54 10 00 80 57 00 4E 54 4C 4D 53  |.....T...W.NTLMS|
00040: 53 50 00 01 00 00 00 15 B2 08 60 04 00 04 00 20  |SP......¦.`.... |
00050: 00 00 00 0D 00 0D 00 24 00 00 00 4E 45 4E 41 4A  |.......$...NENAJ|
00060: 43 49 46 53 36 34 5F 36 35 5F 42 33 57 00 69 00  |CIFS64_65_B3W.i.|
00070: 6E 00 64 00 6F 00 77 00 73 00 20 00 32 00 30 00  |n.d.o.w.s. .2.0.|
00080: 30 00 30 00 00 00 6A 00 43 00 49 00 46 00 53 00  |0.0...j.C.I.F.S.|
00090: 00 00                                            |..              |

New data read: Transport4[NENA/139.104.192.10:0]
00000: FF 53 4D 42 73 22 00 00 C0 98 07 C8 00 00 10 7B  | SMBs"..+..+...{|
00010: 36 CF 13 8C C1 32 00 00 00 00 34 EC 00 00 64 00  |6-..-2....48..d.|

SmbComSessionSetupAndXResponse[command=SMB_COM_SESSION_SETUP_ANDX,
received=false,errorCode=Access is
denied.,flags=0x0098,flags2=0xC807,signSeq=193,tid=0,pid=60468,
uid=0,mid=100,wordCount=0,byteCount=0,andxCommand=0xFF,andxOffset=0,
isLoggedInAsGuest=false,nativeOs=,nativeLanMan=,primaryDomain=]
00000: FF 53 4D 42 73 22 00 00 C0 98 07 C8 00 00 10 7B  | SMBs"..+..+...{|
00010: 36 CF 13 8C C1 32 00 00 00 00 34 EC 00 00 64 00  |6-..-2....48..d.|
00020: 00 00 00 

arguments used for jcifs currently:
-Djcifs.util.loglevel= 1
-Djcifs.resolveOrder= DNS

This seems like something is being cached, since new requests to authenticate
succeed immediately, is there a setting that we can change to help mitigate this
issue?

Any help would be appreciated.
Russel Morgan
Walt Disney Company

More information about the jCIFS mailing list