Some parts of this message have been removed.
Learn more about Nabble's
security policy.
Hi all, I have a question that I’m
hoping someone can shed some light on. We are using
NtlmHttpFilter for SSO with our
application at a customer. The server is Tomcat, and the client OS is
Windows XP. Not sure, ATM, what OS is the domain controller is running.
This occurs using the latest jcifs.jar,
FWIW.
We are getting the (seemingly infamous)
“jcifs.smb.client.useExtendedSecurity must be true if jcifs.smb.lmCompatibility >= 3" error message. Looking at the archives from this list suggest that the solution is to set “useExtendedSecurity” to false and “lmCompatibility” to 0. However, even with those settings in place, we still get this same error. Below is the relevant section from our web.xml
<filter>
<filter-name>NtlmHttpFilter</filter-name>
<filter-class>jcifs.http.NtlmHttpFilter</filter-class>
<init-param>
<param-name>jcifs.http.domainController</param-name>
<param-value>10.10.1.15</param-value>
</init-param>
<init-param>
<param-name>jcifs.smb.client.useExtendedSecurity</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>jcifs.smb.lmCompatibility</param-name>
<param-value>0</param-value>
</init-param>
</filter>
Can anybody explain why we’re still
seeing this, even with these settings in place? Can it have something to
do with the settings on the domain controller (eg, something there attempting
to force NTLMv2 usage)? Do the client settings (on the XP box) affect
this at all?
Thanks,
Phillip Rhodes
