View Javadoc
1 /* 2 * $Header: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/NTLMScheme.java,v 1.4 2003/04/22 17:00:25 olegk Exp $ 3 * $Revision: 1.4 $ 4 * $Date: 2003/04/22 17:00:25 $ 5 * 6 * ==================================================================== 7 * 8 * The Apache Software License, Version 1.1 9 * 10 * Copyright (c) 2002-2003 The Apache Software Foundation. All rights 11 * reserved. 12 * 13 * Redistribution and use in source and binary forms, with or without 14 * modification, are permitted provided that the following conditions 15 * are met: 16 * 17 * 1. Redistributions of source code must retain the above copyright 18 * notice, this list of conditions and the following disclaimer. 19 * 20 * 2. Redistributions in binary form must reproduce the above copyright 21 * notice, this list of conditions and the following disclaimer in 22 * the documentation and/or other materials provided with the 23 * distribution. 24 * 25 * 3. The end-user documentation included with the redistribution, if 26 * any, must include the following acknowlegement: 27 * "This product includes software developed by the 28 * Apache Software Foundation (http://www.apache.org/)." 29 * Alternately, this acknowlegement may appear in the software itself, 30 * if and wherever such third-party acknowlegements normally appear. 31 * 32 * 4. The names "The Jakarta Project", "Commons", and "Apache Software 33 * Foundation" must not be used to endorse or promote products derived 34 * from this software without prior written permission. For written 35 * permission, please contact apache@apache.org. 36 * 37 * 5. Products derived from this software may not be called "Apache" 38 * nor may "Apache" appear in their names without prior written 39 * permission of the Apache Group. 40 * 41 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED 42 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 43 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 44 * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR 45 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 46 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 47 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF 48 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 49 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 50 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 51 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 52 * SUCH DAMAGE. 53 * ==================================================================== 54 * 55 * This software consists of voluntary contributions made by many 56 * individuals on behalf of the Apache Software Foundation. For more 57 * information on the Apache Software Foundation, please see 58 * <http://www.apache.org/>;. 59 * 60 * [Additional notices, if required by prior licensing conditions] 61 * 62 */ 63 64 package org.apache.commons.httpclient.auth; 65 66 import org.apache.commons.httpclient.HttpException; 67 import org.apache.commons.httpclient.NTLM; 68 import org.apache.commons.httpclient.Credentials; 69 import org.apache.commons.httpclient.NTCredentials; 70 import org.apache.commons.logging.Log; 71 import org.apache.commons.logging.LogFactory; 72 73 /*** 74 * <p> 75 * Microsoft proprietary NTLM authentication scheme. 76 * </p> 77 * 78 * @author <a href="mailto:remm@apache.org">Remy Maucherat</a> 79 * @author Rodney Waldhoff 80 * @author <a href="mailto:jsdever@apache.org">Jeff Dever</a> 81 * @author Ortwin Gl�ck 82 * @author Sean C. Sullivan 83 * @author <a href="mailto:adrian@ephox.com">Adrian Sutton</a> 84 * @author <a href="mailto:mbowler@GargoyleSoftware.com">Mike Bowler</a> 85 * @author <a href="mailto:oleg@ural.ru">Oleg Kalnichevski</a> 86 */ 87 public class NTLMScheme extends AuthSchemeBase { 88 89 /*** Log object for this class. */ 90 private static final Log LOG = LogFactory.getLog(NTLMScheme.class); 91 92 /*** NTLM challenge string. */ 93 private String ntlmchallenge = null; 94 95 /*** 96 * Constructor for the NTLM authentication scheme. 97 * 98 * @param challenge The authentication challenge 99 * 100 * @throws MalformedChallengeException is thrown if the authentication challenge 101 * is malformed 102 */ 103 public NTLMScheme(final String challenge) throws MalformedChallengeException { 104 super(challenge); 105 String s = AuthChallengeParser.extractScheme(challenge); 106 if (!s.equalsIgnoreCase(getSchemeName())) { 107 throw new MalformedChallengeException("Invalid NTLM challenge: " + challenge); 108 } 109 int i = challenge.indexOf(' '); 110 if (i != -1) { 111 s = challenge.substring(i, challenge.length()); 112 this.ntlmchallenge = s.trim(); 113 } else { 114 this.ntlmchallenge = ""; 115 } 116 } 117 118 /*** 119 * Returns textual designation of the NTLM authentication scheme. 120 * 121 * @return <code>ntlm</code> 122 */ 123 public String getSchemeName() { 124 return "ntlm"; 125 } 126 127 /*** 128 * The concept of an authentication realm is not supported by the NTLM 129 * authentication scheme. Always returns <code>null</code>. 130 * 131 * @return <code>null</code> 132 */ 133 public String getRealm() { 134 return null; 135 } 136 137 /*** 138 * Returns a String identifying the authentication challenge. This is 139 * used, in combination with the host and port to determine if 140 * authorization has already been attempted or not. Schemes which 141 * require multiple requests to complete the authentication should 142 * return a different value for each stage in the request. 143 * 144 * <p>Additionally, the ID should take into account any changes to the 145 * authentication challenge and return a different value when appropriate. 146 * For example when the realm changes in basic authentication it should be 147 * considered a different authentication attempt and a different value should 148 * be returned.</p> 149 * 150 * @return String a String identifying the authentication challenge. The 151 * returned value may be null. 152 */ 153 public String getID() { 154 return ntlmchallenge; 155 } 156 157 158 /*** 159 * Returns authentication parameter with the given name, if available. 160 * 161 * @param name The name of the parameter to be returned 162 * 163 * @return the parameter with the given name 164 */ 165 public String getParameter(String name) { 166 if (name == null) { 167 throw new IllegalArgumentException("Parameter name may not be null"); 168 } 169 return null; 170 } 171 172 /*** 173 * Create a NTLM authorization string for the given 174 * challenge and NT credentials. 175 * 176 * @param challenge The challenge. 177 * @param credentials {@link NTCredentials} 178 * 179 * @return a ntlm authorization string 180 * @throws AuthenticationException is thrown if authentication fails 181 */ 182 public static String authenticate( 183 final NTCredentials credentials, final String challenge) 184 throws AuthenticationException { 185 186 LOG.trace("enter NTLMScheme.authenticate(NTCredentials, String)"); 187 188 if (credentials == null) { 189 throw new IllegalArgumentException("Credentials may not be null"); 190 } 191 192 NTLM ntlm = new NTLM(); 193 String s = null; 194 try { 195 s = ntlm.getResponseFor(challenge, 196 credentials.getUserName(), credentials.getPassword(), 197 credentials.getHost(), credentials.getDomain()); 198 } catch (HttpException e) { 199 throw new AuthenticationException(e.getMessage()); 200 } 201 return "NTLM " + s; 202 } 203 204 /*** 205 * Produces NTLM authorization string for the given set of 206 * {@link Credentials}. 207 * 208 * @param credentials The set of credentials to be used for athentication 209 * @param method Method name is ignored by the NTLM authentication scheme 210 * @param uri URI is ignored by the NTLM authentication scheme 211 * @throws AuthenticationException if authorization string cannot 212 * be generated due to an authentication failure 213 * 214 * @return an NTLM authorization string 215 */ 216 public String authenticate(Credentials credentials, String method, String uri) 217 throws AuthenticationException { 218 LOG.trace("enter NTLMScheme.authenticate(Credentials, String, String)"); 219 220 NTCredentials ntcredentials = null; 221 try { 222 ntcredentials = (NTCredentials) credentials; 223 } catch (ClassCastException e) { 224 throw new AuthenticationException( 225 "Credentials cannot be used for basic authentication: " 226 + credentials.toString()); 227 } 228 return NTLMScheme.authenticate(ntcredentials, this.ntlmchallenge); 229 } 230 }

This page was automatically generated by Maven