1 /*
2 * $Header: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/NTLMScheme.java,v 1.6.2.2 2003/08/16 00:09:37 adrian Exp $
3 * $Revision: 1.6.2.2 $
4 * $Date: 2003/08/16 00:09:37 $
5 *
6 * ====================================================================
7 *
8 * The Apache Software License, Version 1.1
9 *
10 * Copyright (c) 2002-2003 The Apache Software Foundation. All rights
11 * reserved.
12 *
13 * Redistribution and use in source and binary forms, with or without
14 * modification, are permitted provided that the following conditions
15 * are met:
16 *
17 * 1. Redistributions of source code must retain the above copyright
18 * notice, this list of conditions and the following disclaimer.
19 *
20 * 2. Redistributions in binary form must reproduce the above copyright
21 * notice, this list of conditions and the following disclaimer in
22 * the documentation and/or other materials provided with the
23 * distribution.
24 *
25 * 3. The end-user documentation included with the redistribution, if
26 * any, must include the following acknowlegement:
27 * "This product includes software developed by the
28 * Apache Software Foundation (http://www.apache.org/)."
29 * Alternately, this acknowlegement may appear in the software itself,
30 * if and wherever such third-party acknowlegements normally appear.
31 *
32 * 4. The names "The Jakarta Project", "Commons", and "Apache Software
33 * Foundation" must not be used to endorse or promote products derived
34 * from this software without prior written permission. For written
35 * permission, please contact apache@apache.org.
36 *
37 * 5. Products derived from this software may not be called "Apache"
38 * nor may "Apache" appear in their names without prior written
39 * permission of the Apache Group.
40 *
41 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
42 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
43 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
44 * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
45 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
46 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
47 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
48 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
49 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
50 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
51 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
52 * SUCH DAMAGE.
53 * ====================================================================
54 *
55 * This software consists of voluntary contributions made by many
56 * individuals on behalf of the Apache Software Foundation. For more
57 * information on the Apache Software Foundation, please see
58 * <http://www.apache.org/>.
59 *
60 * [Additional notices, if required by prior licensing conditions]
61 *
62 */
63
64 package org.apache.commons.httpclient.auth;
65
66 import org.apache.commons.httpclient.HttpException;
67 import org.apache.commons.httpclient.NTLM;
68 import org.apache.commons.httpclient.Credentials;
69 import org.apache.commons.httpclient.NTCredentials;
70 import org.apache.commons.logging.Log;
71 import org.apache.commons.logging.LogFactory;
72
73 /*** An implementation of the Microsoft proprietary NTLM authentication scheme. For a detailed
74 * explanation of the NTLM scheme please see <a href="http://davenport.sourceforge.net/ntlm.html">
75 * http://davenport.sourceforge.net/ntlm.html</a>.
76 *
77 * @author <a href="mailto:remm@apache.org">Remy Maucherat</a>
78 * @author Rodney Waldhoff
79 * @author <a href="mailto:jsdever@apache.org">Jeff Dever</a>
80 * @author Ortwin Gl�ck
81 * @author Sean C. Sullivan
82 * @author <a href="mailto:adrian@ephox.com">Adrian Sutton</a>
83 * @author <a href="mailto:mbowler@GargoyleSoftware.com">Mike Bowler</a>
84 * @author <a href="mailto:oleg@ural.ru">Oleg Kalnichevski</a>
85 */
86 public class NTLMScheme extends AuthSchemeBase {
87
88 /*** Log object for this class. */
89 private static final Log LOG = LogFactory.getLog(NTLMScheme.class);
90
91 /*** NTLM challenge string. */
92 private String ntlmchallenge = null;
93
94 /***
95 * Constructor for the NTLM authentication scheme.
96 *
97 * @param challenge The authentication challenge
98 *
99 * @throws MalformedChallengeException is thrown if the authentication challenge
100 * is malformed
101 */
102 public NTLMScheme(final String challenge) throws MalformedChallengeException {
103 super(challenge);
104 String s = AuthChallengeParser.extractScheme(challenge);
105 if (!s.equalsIgnoreCase(getSchemeName())) {
106 throw new MalformedChallengeException("Invalid NTLM challenge: " + challenge);
107 }
108 int i = challenge.indexOf(' ');
109 if (i != -1) {
110 s = challenge.substring(i, challenge.length());
111 this.ntlmchallenge = s.trim();
112 } else {
113 this.ntlmchallenge = "";
114 }
115 }
116
117 /***
118 * Returns textual designation of the NTLM authentication scheme.
119 *
120 * @return <code>ntlm</code>
121 */
122 public String getSchemeName() {
123 return "ntlm";
124 }
125
126 /***
127 * The concept of an authentication realm is not supported by the NTLM
128 * authentication scheme. Always returns <code>null</code>.
129 *
130 * @return <code>null</code>
131 */
132 public String getRealm() {
133 return null;
134 }
135
136 /***
137 * Returns a String identifying the authentication challenge. This is
138 * used, in combination with the host and port to determine if
139 * authorization has already been attempted or not. Schemes which
140 * require multiple requests to complete the authentication should
141 * return a different value for each stage in the request.
142 *
143 * <p>Additionally, the ID should take into account any changes to the
144 * authentication challenge and return a different value when appropriate.
145 * For example when the realm changes in basic authentication it should be
146 * considered a different authentication attempt and a different value should
147 * be returned.</p>
148 *
149 * @return String a String identifying the authentication challenge. The
150 * returned value may be null.
151 */
152 public String getID() {
153 return ntlmchallenge;
154 }
155
156
157 /***
158 * Returns the authentication parameter with the given name, if available.
159 *
160 * <p>There are no valid parameters for NTLM authentication so this method always returns
161 * <tt>null</tt>.</p>
162 *
163 * @param name The name of the parameter to be returned
164 *
165 * @return the parameter with the given name
166 */
167 public String getParameter(String name) {
168 if (name == null) {
169 throw new IllegalArgumentException("Parameter name may not be null");
170 }
171 return null;
172 }
173
174 /***
175 * Create a NTLM authorization string for the given
176 * challenge and NT credentials.
177 *
178 * @param challenge The challenge.
179 * @param credentials {@link NTCredentials}
180 *
181 * @return a ntlm authorization string
182 * @throws AuthenticationException is thrown if authentication fails
183 */
184 public static String authenticate(
185 final NTCredentials credentials, final String challenge)
186 throws AuthenticationException {
187
188 LOG.trace("enter NTLMScheme.authenticate(NTCredentials, String)");
189
190 if (credentials == null) {
191 throw new IllegalArgumentException("Credentials may not be null");
192 }
193
194 NTLM ntlm = new NTLM();
195 String s = null;
196 try {
197 s = ntlm.getResponseFor(challenge,
198 credentials.getUserName(), credentials.getPassword(),
199 credentials.getHost(), credentials.getDomain());
200 } catch (HttpException e) {
201 throw new AuthenticationException(e.getMessage());
202 }
203 return "NTLM " + s;
204 }
205
206 /***
207 * Produces NTLM authorization string for the given set of
208 * {@link Credentials}.
209 *
210 * @param credentials The set of credentials to be used for athentication
211 * @param method Method name is ignored by the NTLM authentication scheme
212 * @param uri URI is ignored by the NTLM authentication scheme
213 * @throws AuthenticationException if authorization string cannot
214 * be generated due to an authentication failure
215 *
216 * @return an NTLM authorization string
217 */
218 public String authenticate(Credentials credentials, String method, String uri)
219 throws AuthenticationException {
220 LOG.trace("enter NTLMScheme.authenticate(Credentials, String, String)");
221
222 NTCredentials ntcredentials = null;
223 try {
224 ntcredentials = (NTCredentials) credentials;
225 } catch (ClassCastException e) {
226 throw new AuthenticationException(
227 "Credentials cannot be used for NTLM authentication: "
228 + credentials.getClass().getName());
229 }
230 return NTLMScheme.authenticate(ntcredentials, this.ntlmchallenge);
231 }
232 }
This page was automatically generated by Maven