org.apache.commons.httpclient.auth
Class NTLM

java.lang.Object
  |
  +--org.apache.commons.httpclient.auth.NTLM

final class NTLM
extends Object

Provides an implementation of the NTLM authentication protocol.

This class provides methods for generating authentication challenge responses for the NTLM authentication protocol. The NTLM protocol is a proprietary Microsoft protocol and as such no RFC exists for it. This class is based upon the reverse engineering efforts of a wide range of people.

Please note that an implementation of JCE must be correctly installed and configured when using NTLM support.

This class should not be used externally to HttpClient as it's API is specifically designed to work with HttpClient's use case, in particular it's connection management.

Since:
3.0
Version:
$Revision: 1.11 $ $Date: 2004/05/13 04:02:00 $
Author:
Adrian Sutton, Jeff Dever, Mike Bowler

Field Summary
static String DEFAULT_CHARSET
          Character encoding
 
Constructor Summary
(package private) NTLM()
           
 
Method Summary
 String getCredentialCharset()
           
 String getResponseFor(String message, String username, String password, String host, String domain)
          Returns the response for the given message.
 String getType1Message(String host, String domain)
          Creates the first message (type 1 message) in the NTLM authentication sequence.
 String getType3Message(String user, String password, String host, String domain, byte[] nonce)
          Creates the type 3 message using the given server nonce.
 byte[] parseType2Message(String message)
          Extracts the server nonce out of the given message type 2.
 void setCredentialCharset(String credentialCharset)
           
 
Methods inherited from class java.lang.Object
, clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

DEFAULT_CHARSET

public static final String DEFAULT_CHARSET
Character encoding
Constructor Detail

NTLM

NTLM()
Method Detail

getResponseFor

public final String getResponseFor(String message,
                                   String username,
                                   String password,
                                   String host,
                                   String domain)
                            throws AuthenticationException
Returns the response for the given message.
Parameters:
message - the message that was received from the server.
username - the username to authenticate with.
password - the password to authenticate with.
host - The host.
domain - the NT domain to authenticate in.
Returns:
The response.
Throws:
HttpException - If the messages cannot be retrieved.

getType1Message

public String getType1Message(String host,
                              String domain)
Creates the first message (type 1 message) in the NTLM authentication sequence. This message includes the user name, domain and host for the authentication session.
Parameters:
host - the computer name of the host requesting authentication.
domain - The domain to authenticate with.
Returns:
String the message to add to the HTTP request header.

parseType2Message

public byte[] parseType2Message(String message)
Extracts the server nonce out of the given message type 2.
Parameters:
message - the String containing the base64 encoded message.
Returns:
an array of 8 bytes that the server sent to be used when hashing the password.

getType3Message

public String getType3Message(String user,
                              String password,
                              String host,
                              String domain,
                              byte[] nonce)
                       throws AuthenticationException
Creates the type 3 message using the given server nonce. The type 3 message includes all the information for authentication, host, domain, username and the result of encrypting the nonce sent by the server using the user's password as the key.
Parameters:
user - The user name. This should not include the domain name.
password - The password.
host - The host that is originating the authentication request.
domain - The domain to authenticate within.
nonce - the 8 byte array the server sent.
Returns:
The type 3 message.
Throws:
AuthenticationException - If {@encrypt(byte[],byte[])} fails.

getCredentialCharset

public String getCredentialCharset()
Returns:
Returns the credentialCharset.

setCredentialCharset

public void setCredentialCharset(String credentialCharset)
Parameters:
credentialCharset - The credentialCharset to set.


Copyright © 2001-2004 Apache Software Foundation. All Rights Reserved.