Implementing CIFS in Java

Links:
·	The FAQ
·	Mailing List Archive (GMANE)
·	Alternate Download site
Developer Information
·	jCIFS API Documentation
·	Setting Client Properties
·	Using jCIFS NTLM Authentication for HTTP Connections
·	jCIFS NTLM HTTP Authentication and the Network Explorer Servlet
·	Setting Name Resolution Properties
·	Using jCIFS to Connect to Win32 Named Pipes
·	jCIFS Exceptions and NtlmAuthenticator
·	Batching
·	Java 2 API Documentation
·	jCIFS License
Related Java Projects
·	Jarapac - DCE/RPC in Java
·	Davenport - WebDAV to CIFS gateway
·	Starlasoft's JLAN Client and Server
CIFS Authorities
·	http://www.samba.org/
·	http://www.samba-tng.org/
Other CIFS Utilities and Tools
·	Samba for Amiga
·	Sharity-Lite
·	SMB Browse for MacOSX
·	Xamba Network Integration Project
Technical Documentation
·	"Implementing CIFS" (online book-in-progress)
·	Annotated CIFS Specification: draft-leach-cifs-v1-spec-02.html
·	SNIA CIFS Technical Reference (V1.0)
·	The NTLM Authentication Protocol
·	rfc1001 - NetBIOS Concepts and Methods
·	rfc1002 - NetBIOS Detailed Specifications
·	CIFS Explained (A whitepaper by John Kleven)
·	SMB URL draft specification
·	NetBIOS, NetBEUI, NBF, SMB, CIFS networking links page
·	Microsoft Writeup on WINS behavior
·	Microsoft Writeup on WINS under W2K
·	Microsoft Server Documentation on Browsing WANs using WINS
·	Windows IT Library: NT Network Plumbing
·	Thursby Software's CIFS pages
·	Linux Mag: Understanding the Network Neighborhood
Other
·	Join the jcifs Mailing List
·	Browse the Source
·	jCIFS Presentations
·	About Service Browsing
·	About NetBIOS Names
·	GNU Library General Public License
·	http://www.gnu.org/
·	http://www.opensource.org/
·	Microsoft's CIFS Mailing List Archives

It is a fine library indeed. - Bren C.

Btw. jCIFS is great product - we use this in production (0.7.8) - in next 2 weeks we will test 0.7.14 with about 2000 concurrent users in our intranet. - Sylwester L.

thanks alot i find want i want and am writing my program which shows the shared directories and downloads by clicking them. thank you a alot! with my best wishes............ - spawnnn

News:

This is the first beta release of the 0.8 series. There have been significant additions to this package. The most noteable is Distributed FileSystem (DFS) support. This client fully supports DFS with deep paths, multiple redirects, you name it. This functionality required pervasive changes so DFS users should proceed with caution and report any problems to the mailing list. Support for setting file attributes has been added as is the long awaited RandomAccessFile.

Here is a more specific breakdown:

• DFS - DFS support is thorough. All DFS operations are completely transparent. It Just Works. The client can be redirected an infinate number of times. It will reuse mappings established by other callers. Components of a path that do not fall within the DFS space and deep paths are handled properly. Also, note the new getDfsPath method can be used to determine if a file or directory falls within a DFS space. This support required pervasive changes so proceed with caution and run your unit tests with files that span DFS volumes. Please report any problems to the jCIFS mailing list.
• Random Access Files - The SmbRandomAccessFile class has been added. All features of the analygous java.io.RandomAccessFile class are supported and should function as a drop in replacement. Notice it is now possible to set the size of a file with the SmbRandomAccessFile.setLength() method. Also check out SmbTableFile.java in the examples directory for a nifty persistant storage class. When used with SmbFile.FILE_NO_SHARE this might serve as a reasonable poor man's database.
• File Filters - Support for SmbFilenameFilter and SmbFileFilter is complete. Because CIFS servers can accept attributes and a wildcard expression for filtering entries on the server side, a DosFileFilter is provided that will accept these parameters and pass them to the server. The DosFileFilter can also be extended to create highly sophisticated and efficient file filters. Because of this work the list() and listFiles methods have been refactored and actually reduced in size.
• Complete copyTo - The SmbFile.copyTo operation will now copy all file attributes as well as create and last write times. Directories copied using this method should be indistinquishable from the original minus ACLs. This method can now copy entire shares whereas previously only sud-directories could be specified.
• Setting Attributes and Times - It is now possible to set file attribites, the create time, and last write time in a variety of ways. The new methods are setCreateTime, setLastModified, getAttributes, setAttributes, setReadOnly, and setReadWrite.
• Complete Delete - The SmbFile.delete() method will now completely delete directories regardless of wheather or not there are read-only files in them.
• The createNewFile Method - An SmbFile.createFile method has been added.

The name service code has been modified to return a different response with each 0x1C domain controller query. The range of servers is limited to the top jcifs.netbios.lookupRespLimit entries in the NetBIOS response. The effect that this will have is that the NtlmHttpFilter and NtlmServlet will rotate through domain controllers when authenticating WWW clients. Also, because different transports are used, fewer sessions will be multiplexed over each resulting in an increase in scalability proportional to the number of domain controllers used. This behavior can be turned off by setting the jcifs.http.loadBalance property to false (the default is true).

The jcifs.smb.client.ssnLimit property default value has been changed to 250 from 100.

An from Eric that improves (corrects) LMv2 support has been merged. There is some uncertainty surrounding the signing of SMBs if guest credentials are negotiated. A minor syncronization issue has been recified. Finally there has been a straight forward but potentially dangerous change in SmbFile. All list operations now build a list of names or files using an ArrayList. This assisted in fixing another problem where NetServerEnum2 responses were observed to return server names of 0 length which caused ArrayIndexOutOfBounds exceptions. These entries are now ignored.

JCIFS now supports SMB signing. If a server requires SMB signing (Windows 2003 requires it by default) or if the server supports signing and the jcifs.smb.client.signingPreferred property is true signing will be negotiated and used. Signing does not work with NTLM HTTP authentication because the original password hashes are required to generate the MAC signing key. There have also been some adjustments to SmbFile.hashCode(). Previously jCIFS did not precisely exhibit the behavior described in the comments for hashCode() and equals().

CIFS permits multiple users to be logged in over the same transport (socket). JCIFS takes advantage of this and reuses existing transports wherever possible. It was reported that a user using the NTLM Servlet Filter was getting ERRSRV/90 which means "Too many Uids active on this session". So it looks like the limit is ~150 sessions per transport. I have added code to logoff 1/10th of the sessions if the jcifs.smb.client.ssnLimit propery is exceeded (default 100). update: this value was later reported to be low and has been increased to 250.

Support for LMv2 authentication has been added. See the Overview page in the API documentation regarding the jcifs.smb.lmCompatibility property. Some additonal "cleanup" has also been performed. One side-effect that might be noticed is that the default domain/username/password can no longer be set at runtime. Once the client is initialized the default credentials are fixed. Setting default credentials are runtime was always an unsafe operation. Create an NtlmPasswordAuthentication object instead.

There have been two small bug fixes in the SMB layer; the count field in the SMB_COM_WRITE_ANDX response was being ignored. Apparently the count specified in the request is always honored or we would have seen plenty of file corruption by now. Second, the list() and listFiles() did not properly handle Transaction buffering with certain values for the listSize and listCount properties (if multipart transaction responses are send). Also removed a few obnoxious warnings getting logged during file transfers if Log.WARNINGS is set.

Regarding NTLM HTTP Authentication; there have been additions and updates to the documentation on the NTLM flags, a fix to NtlmSsp to only provide the target when requested by the client via the NTLM "request target" flag (this is the correct behavior), and a bugfix to NtlmSsp regarding Base64.encodeBytes Eric has prepared excellent documentation detailing his analysis of the NTLM protocol:

http://davenport.sourceforge.net/ntlm.html

It was discovered that if a server responds to the NBT session setup but not to the SMB_COM_NEGOTIATE request the client will hang indefinately. This is not a likely thing to occur because servers usually respond or not at all. Regardless it has been fixed. The client will timeout after jcifs.netbios.soTimeout in this situation.

Some tweeking of the NTLM http code has been performed.

A bug in the new ntlm http client code was identified and fixed.

Old News ...