[jcifs] Refers to : Different client properties on the same JVM

Michael B Allen ioplex at gmail.com
Fri Oct 21 17:41:25 MDT 2011 

On Fri, Oct 21, 2011 at 5:47 PM, André Warnier <aw at ice-sa.com> wrote:
> Hi.
>
> The separate thread mentioned in the subject line touches a topic which has
> been puzzling me for a while.  It is not related to jCIFS, but there must be
> some common element, and the expertise on this list may make it the right
> place to ask :
>
> On a Windows workstation, when using the Explorer to connect to remote
> network shares, if one first connects to, say, \\somehost\someshare and
> provides a set of credentials (userid, password), then subsequently tries to
> connect to another share on the same host, say \\somehost\someothershare
> which requires other credentials, it always fails, apparently because
> "something" prevents one workstation to connect twice to the same host using
> two different sets of credentials.
>
> The discussion in the other thread seems to indicate that with jCIFS, this
> would be possible however.
>
> So where is the problem when trying to do the same from a Windows
> workstation ?
> Anyone here knows the explanation ?

André,

The behavior you describe does not surprise me. CIFS does an
SMB_COM_SESSION_SETUP_ANDX command first to authenticate and then does
an SMB_COM_TREE_CONNECT_ANDX to mount a share and *reuses* the
existing "session". Once upon a time I think JCIFS actually did the
same thing. Now it explicitly checks to see if the credentials being
used match an existing session before trying to reuse it. If the creds
are new, the client creates a new session and thus it works.

However your particular failure scenario is actually not all that
common. Development of CIFS in the Windows OS is driven almost
entirely by enterprise users and in that environment 98% of people
only have one set of credentials. Also, it sounds like you might be
talking about share security which is a feature that I didn't think
Windows even supported anymore. I think perhaps what you really mean
is that the share ACL has different permissions.

Mike

-- 
Michael B Allen
Java Active Directory Integration
http://www.ioplex.com/

More information about the jCIFS mailing list