I am developing an application which needs to access a network share using SMB. I was told that if security detects an authentication attempt using NTLM v. 1, then the respective firewall rules will be revoked.
Therefore I need to make sure that SMBJ (which I may use for this) supports NTLM v. 2 and uses it by default.
Does SMBJ support NTLM v. 2? Does it use it by default?
My own attempts at finding out
In the source code of SMBJ I found following fragment:
byte[] serverChallenge = challenge.getServerChallenge();
byte[] responseKeyNT = ntlmFunctions.NTOWFv2(String.valueOf(context.getPassword()), context.getUsername(), context.getDomain());
byte[] ntlmv2ClientChallenge = ntlmFunctions.(challenge.getTargetInfo());
byte[] ntlmv2Response = ntlmFunctions.getNTLMv2Response(responseKeyNT, serverChallenge, ntlmv2ClientChallenge);
The names getNTLMv2ClientChallenge
and getNTLMv2Response
suggest that NTLM v. 2 may be used.
Also, JCIFS homepage claims that SMBJ is a successor project:
Fortunately there are multiple new open source SMB Java projects to try including the following:
jcifs-codelibs jcifs-ng smbj
According to its FAQ, JCIFS has been using NTLM v. 2 since version 1.3.0.
If
- JCIFS supports NTLM v. 2 and uses it by default,
- SMBJ is based on JCIFS,
then SMBJ should support NTLM v. 2 and use it by default.
Yes, SMBJ uses either NTLMv2 or SPNEGO for authentication. You can configure which one you want to use. It doesn't use NTLMv1.