search

hierynomus / smbj

Server Message Block (SMB2, SMB3) implementation in Java
Other
705 stars 179 forks source link

Can't create files if the share autorisations are not in full control #814

Closed pacounet closed 6 months ago

pacounet commented 6 months ago

Hello,

I have a problem i am currently writing code in order to write a file on a shared encrypted folder, the issue is i got this message:

[info] com.hierynomus.mssmb2.SMBApiException: STATUS_ACCESS_DENIED (0xc0000022): Create failed for \192.168.4.5\Serveur-BEE\TEST_BILANS\TEST\DC00331.csv

i resolved it by giving the user full control on the shared autorisations of the folder, but i need the code to work even if the rights are not on full-control (but modify at least obviously) since i don't know what the customer rights will be.

code is below:

public FichierSrvEncrypted(String url, String login, String pwd, String domain) throws IOException { this.login = login; this.pwd = pwd; this.domain = domain;

    // Load BouncyCastle security provider
    Security.addProvider(new BouncyCastleProvider());

    SmbConfig config = SmbConfig.builder()
            .withEncryptData(true)
            .withDialects(SMB2Dialect.SMB_3_1_1)
            .withTimeout(120, TimeUnit.SECONDS)
            .withSoTimeout(180, TimeUnit.SECONDS) 
            .build();
    this.servername = getServerName(url);
    this.sharename = getShareName(url);
    this.filename = getPathAfterShare(url);
    SMBClient client = new SMBClient(config);
    try (Connection connection = client.connect(servername)) {
        AuthenticationContext authenticationContext = new AuthenticationContext(this.login, this.pwd.toCharArray(), this.domain);
        Session session = connection.authenticate(authenticationContext);
        try (DiskShare share = (DiskShare) session.connectShare(sharename)) {
            Set<FileAttributes> fileAttributes = new HashSet<>();
            fileAttributes.add(FileAttributes.FILE_ATTRIBUTE_ENCRYPTED);
            Set<SMB2CreateOptions> createOptions = new HashSet<>();
            createOptions.add(SMB2CreateOptions.FILE_SEQUENTIAL_ONLY);

            this.fichier = share.openFile(this.filename, new HashSet(Arrays.asList(new AccessMask[]{AccessMask.GENERIC_ALL})), fileAttributes, SMB2ShareAccess.ALL, SMB2CreateDisposition.FILE_OPEN_IF, createOptions);

        }

    }

}

Is there someting i am doing wrong?

thanks

hierynomus commented 6 months ago

Have you tried using a more restricted AccessMask than GENERIC_ALL?

pacounet commented 6 months ago

OK, i have tried and it worked now.

Thanks a lot