NtlmSsp


1   /* jcifs smb client library in Java
2    * Copyright (C) 2002  "Michael B. Allen" <jcifs at samba dot org>
3    *                   "Eric Glass" <jcifs at samba dot org>
4    *                   "Jason Pugsley" <jcifs at samba dot org>
5    *                   "skeetz" <jcifs at samba dot org>
6    *
7    * This library is free software; you can redistribute it and/or
8    * modify it under the terms of the GNU Lesser General Public
9    * License as published by the Free Software Foundation; either
10   * version 2.1 of the License, or (at your option) any later version.
11   *
12   * This library is distributed in the hope that it will be useful,
13   * but WITHOUT ANY WARRANTY; without even the implied warranty of
14   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
15   * Lesser General Public License for more details.
16   *
17   * You should have received a copy of the GNU Lesser General Public
18   * License along with this library; if not, write to the Free Software
19   * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
20   */
21  
22  package jcifs.http;
23  
24  import java.io.IOException  ;
25  
26  import javax.servlet.ServletException  ;
27  
28  import javax.servlet.http.HttpServletRequest  ;
29  import javax.servlet.http.HttpServletResponse  ;
30  
31  import jcifs.smb.NtlmPasswordAuthentication;
32  
33  import jcifs.util.Base64;
34  
35  import jcifs.ntlmssp.NtlmFlags;
36  import jcifs.ntlmssp.Type1Message;
37  import jcifs.ntlmssp.Type2Message;
38  import jcifs.ntlmssp.Type3Message;
39  
40  /**
41   * This class is used internally by <tt>NtlmHttpFilter</tt>,
42   * <tt>NtlmServlet</tt>, and <tt>NetworkExplorer</tt> to negiotiate password
43   * hashes via NTLM SSP with MSIE. It might also be used directly by servlet
44   * containers to incorporate similar functionality.
45   * <p>
46   * How NTLMSSP is used in conjunction with HTTP and MSIE clients is
47   * described in an <A HREF="http://www.innovation.ch/java/ntlm.html">NTLM
48   * Authentication Scheme for HTTP</A>.  <p> Also, read <a
49   * HREF="../../../ntlmhttpauth.html">jCIFS NTLM HTTP Authentication and
50   * the Network Explorer Servlet</a> related information.
51   */
52  
53  public class NtlmSsp implements NtlmFlags {
54  
55      /**
56       * Calls the static {@link #authenticate(HttpServletRequest,
57       * HttpServletResponse, byte[])} method to perform NTLM authentication
58       * for the specified servlet request.
59       *
60       * @param req The request being serviced.
61       * @param resp The response.
62       * @param challenge The domain controller challenge.
63       * @throws IOException If an IO error occurs.
64       * @throws ServletException If an error occurs.
65       */
66      public NtlmPasswordAuthentication doAuthentication(
67              HttpServletRequest   req, HttpServletResponse   resp, byte[] challenge)
68                      throws IOException  , ServletException   {
69          return authenticate(req, resp, challenge);
70      }
71  
72      /**
73       * Performs NTLM authentication for the servlet request.
74       *
75       * @param req The request being serviced.
76       * @param resp The response.
77       * @param challenge The domain controller challenge.
78       * @throws IOException If an IO error occurs.
79       * @throws ServletException If an error occurs.
80       */
81      public static NtlmPasswordAuthentication authenticate(
82              HttpServletRequest   req, HttpServletResponse   resp, byte[] challenge)
83                      throws IOException  , ServletException   {
84          String   msg = req.getHeader("Authorization");
85          if (msg != null && msg.startsWith("NTLM ")) {
86              byte[] src = Base64.decode(msg.substring(5));
87              if (src[8] == 1) {
88                  Type1Message type1 = new Type1Message(src);
89                  Type2Message type2 = new Type2Message(type1, challenge, null);
90                  msg = Base64.encode(type2.toByteArray());
91                  resp.setHeader( "WWW-Authenticate", "NTLM " + msg );
92              } else if (src[8] == 3) {
93                  Type3Message type3 = new Type3Message(src);
94                  byte[] lmResponse = type3.getLMResponse();
95                  if (lmResponse == null) lmResponse = new byte[0];
96                  byte[] ntResponse = type3.getNTResponse();
97                  if (ntResponse == null) ntResponse = new byte[0];
98                  return new NtlmPasswordAuthentication(type3.getDomain(),
99                          type3.getUser(), challenge, lmResponse, ntResponse);
100             }
101         } else {
102             resp.setHeader("WWW-Authenticate", "NTLM");
103         }
104         resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
105         resp.flushBuffer();
106         return null;
107     }
108 
109 }
110 
111
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags