1 19 20 package com.knowgate.jcifs.http; 21 22 import java.io.IOException ; 23 24 import java.net.UnknownHostException ; 25 26 import java.util.Enumeration ; 27 28 import javax.servlet.ServletConfig ; 29 import javax.servlet.ServletException ; 30 import javax.servlet.UnavailableException ; 31 32 import javax.servlet.http.HttpSession ; 33 import javax.servlet.http.HttpServlet ; 34 import javax.servlet.http.HttpServletRequest ; 35 import javax.servlet.http.HttpServletResponse ; 36 37 import com.knowgate.jcifs.Config; 38 import com.knowgate.jcifs.UniAddress; 39 40 import com.knowgate.jcifs.smb.NtlmPasswordAuthentication; 41 import com.knowgate.jcifs.smb.SmbAuthException; 42 import com.knowgate.jcifs.smb.SmbSession; 43 44 import com.knowgate.misc.Base64Decoder; 45 46 import com.knowgate.jcifs.netbios.NbtAddress; 47 48 60 61 public abstract class NtlmServlet extends HttpServlet { 62 63 private String defaultDomain; 64 65 private String domainController; 66 67 private boolean loadBalance; 68 69 private boolean enableBasic; 70 71 private boolean insecureBasic; 72 73 private String realm; 74 75 public void init(ServletConfig config) throws ServletException { 76 super.init(config); 77 78 80 Config.setProperty( "jcifs.smb.client.soTimeout", "300000" ); 81 Config.setProperty( "jcifs.netbios.cachePolicy", "600" ); 82 83 Enumeration e = config.getInitParameterNames(); 84 String name; 85 while (e.hasMoreElements()) { 86 name = (String ) e.nextElement(); 87 if (name.startsWith("jcifs.")) { 88 Config.setProperty(name, config.getInitParameter(name)); 89 } 90 } 91 defaultDomain = Config.getProperty("jcifs.smb.client.domain"); 92 domainController = Config.getProperty("jcifs.http.domainController"); 93 if( domainController == null ) { 94 domainController = defaultDomain; 95 loadBalance = Config.getBoolean( "jcifs.http.loadBalance", true ); 96 } 97 enableBasic = Boolean.valueOf( 98 Config.getProperty("jcifs.http.enableBasic")).booleanValue(); 99 insecureBasic = Boolean.valueOf( 100 Config.getProperty("jcifs.http.insecureBasic")).booleanValue(); 101 realm = Config.getProperty("jcifs.http.basicRealm"); 102 if (realm == null) realm = "jCIFS"; 103 } 104 105 protected void service(HttpServletRequest request, 106 HttpServletResponse response) throws ServletException , IOException { 107 UniAddress dc; 108 boolean offerBasic = enableBasic && 109 (insecureBasic || request.isSecure()); 110 String msg = request.getHeader("Authorization"); 111 if (msg != null && (msg.startsWith("NTLM ") || 112 (offerBasic && msg.startsWith("Basic ")))) { 113 if( loadBalance ) { 114 dc = new UniAddress( NbtAddress.getByName( domainController, 0x1C, null )); 115 } else { 116 dc = UniAddress.getByName( domainController, true ); 117 } 118 NtlmPasswordAuthentication ntlm; 119 if (msg.startsWith("NTLM ")) { 120 byte[] challenge = SmbSession.getChallenge(dc); 121 ntlm = NtlmSsp.authenticate(request, response, challenge); 122 if (ntlm == null) return; 123 } else { 124 String auth = new String (Base64Decoder.decodeToBytes(msg.substring(6)), "US-ASCII"); 125 int index = auth.indexOf(':'); 126 String user = (index != -1) ? auth.substring(0, index) : auth; 127 String password = (index != -1) ? auth.substring(index + 1) : 128 ""; 129 index = user.indexOf('\\'); 130 if (index == -1) index = user.indexOf('/'); 131 String domain = (index != -1) ? user.substring(0, index) : 132 defaultDomain; 133 user = (index != -1) ? user.substring(index + 1) : user; 134 ntlm = new NtlmPasswordAuthentication(domain, user, password); 135 } 136 try { 137 SmbSession.logon(dc, ntlm); 138 } catch (SmbAuthException sae) { 139 response.setHeader("WWW-Authenticate", "NTLM"); 140 if (offerBasic) { 141 response.addHeader("WWW-Authenticate", "Basic realm=\"" + 142 realm + "\""); 143 } 144 response.setHeader("Connection", "close"); 145 response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); 146 response.flushBuffer(); 147 return; 148 } 149 HttpSession ssn = request.getSession(); 150 ssn.setAttribute("NtlmHttpAuth", ntlm); 151 ssn.setAttribute( "ntlmdomain", ntlm.getDomain() ); 152 ssn.setAttribute( "ntlmuser", ntlm.getUsername() ); 153 } else { 154 HttpSession ssn = request.getSession(false); 155 if (ssn == null || ssn.getAttribute("NtlmHttpAuth") == null) { 156 response.setHeader("WWW-Authenticate", "NTLM"); 157 if (offerBasic) { 158 response.addHeader("WWW-Authenticate", "Basic realm=\"" + 159 realm + "\""); 160 } 161 response.setHeader("Connection", "close"); 162 response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); 163 response.flushBuffer(); 164 return; 165 } 166 } 167 super.service(request, response); 168 } 169 } 170 171 | Popular Tags |