All Downloads are FREE. Search and download functionalities are using the official Maven repository.

jcifs.http.NtlmSsp Maven / Gradle / Ivy

There is a newer version: 2.1.10
Show newest version
/* jcifs smb client library in Java
 * Copyright (C) 2002  "Michael B. Allen" 
 *                   "Eric Glass" 
 *                   "Jason Pugsley" 
 *                   "skeetz" 
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */

package jcifs.http;


import java.io.IOException;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.bouncycastle.util.encoders.Base64;

import jcifs.CIFSContext;
import jcifs.ntlmssp.NtlmFlags;
import jcifs.ntlmssp.Type1Message;
import jcifs.ntlmssp.Type2Message;
import jcifs.ntlmssp.Type3Message;
import jcifs.smb.NtlmPasswordAuthentication;


/**
 * This class is used internally by NtlmHttpFilter,
 * NtlmServlet, and NetworkExplorer to negotiate password
 * hashes via NTLM SSP with MSIE. It might also be used directly by servlet
 * containers to incorporate similar functionality.
 * 

* How NTLMSSP is used in conjunction with HTTP and MSIE clients is * described in an NTLM * Authentication Scheme for HTTP. *

* Also, read jCIFS NTLM HTTP Authentication and * the Network Explorer Servlet related information. */ public class NtlmSsp implements NtlmFlags { /** * Calls the static {@link #authenticate(CIFSContext, HttpServletRequest, * HttpServletResponse, byte[])} method to perform NTLM authentication * for the specified servlet request. * * @param tc * * @param req * The request being serviced. * @param resp * The response. * @param challenge * The domain controller challenge. * @return credentials passed in the servlet request * @throws IOException * If an IO error occurs. */ public NtlmPasswordAuthentication doAuthentication ( CIFSContext tc, HttpServletRequest req, HttpServletResponse resp, byte[] challenge ) throws IOException { return authenticate(tc, req, resp, challenge); } /** * Performs NTLM authentication for the servlet request. * * @param tc * context to use * * @param req * The request being serviced. * @param resp * The response. * @param challenge * The domain controller challenge. * @return credentials passed in the servlet request * @throws IOException * If an IO error occurs. */ public static NtlmPasswordAuthentication authenticate ( CIFSContext tc, HttpServletRequest req, HttpServletResponse resp, byte[] challenge ) throws IOException { String msg = req.getHeader("Authorization"); if ( msg != null && msg.startsWith("NTLM ") ) { byte[] src = Base64.decode(msg.substring(5)); if ( src[ 8 ] == 1 ) { Type1Message type1 = new Type1Message(src); Type2Message type2 = new Type2Message(tc, type1, challenge, null); msg = new String(Base64.encode(type2.toByteArray()), "US-ASCII"); resp.setHeader("WWW-Authenticate", "NTLM " + msg); } else if ( src[ 8 ] == 3 ) { Type3Message type3 = new Type3Message(src); byte[] lmResponse = type3.getLMResponse(); if ( lmResponse == null ) lmResponse = new byte[0]; byte[] ntResponse = type3.getNTResponse(); if ( ntResponse == null ) ntResponse = new byte[0]; return new NtlmPasswordAuthentication(type3.getDomain(), type3.getUser(), challenge, lmResponse, ntResponse); } } else { resp.setHeader("WWW-Authenticate", "NTLM"); } resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED); resp.setContentLength(0); resp.flushBuffer(); return null; } }





© 2015 - 2025 Weber Informatics LLC | Privacy Policy