| /* |
| * Copyright (c) 2002, 2012, Oracle and/or its affiliates. All rights reserved. |
| * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| * |
| * This code is free software; you can redistribute it and/or modify it |
| * under the terms of the GNU General Public License version 2 only, as |
| * published by the Free Software Foundation. Oracle designates this |
| * particular file as subject to the "Classpath" exception as provided |
| * by Oracle in the LICENSE file that accompanied this code. |
| * |
| * This code is distributed in the hope that it will be useful, but WITHOUT |
| * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| * version 2 for more details (a copy is included in the LICENSE file that |
| * accompanied this code). |
| * |
| * You should have received a copy of the GNU General Public License version |
| * 2 along with this work; if not, write to the Free Software Foundation, |
| * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| * |
| * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
| * or visit www.oracle.com if you need additional information or have any |
| * questions. |
| */ |
| |
| package sun.net.www.protocol.http.ntlm; |
| |
| import java.io.IOException; |
| import java.net.InetAddress; |
| import java.net.PasswordAuthentication; |
| import java.net.UnknownHostException; |
| import java.net.URL; |
| import sun.net.www.HeaderParser; |
| import sun.net.www.protocol.http.AuthenticationInfo; |
| import sun.net.www.protocol.http.AuthScheme; |
| import sun.net.www.protocol.http.HttpURLConnection; |
| |
| /** |
| * NTLMAuthentication: |
| * |
| * @author Michael McMahon |
| */ |
| |
| public class NTLMAuthentication extends AuthenticationInfo { |
| |
| private static final long serialVersionUID = 100L; |
| |
| private static final NTLMAuthenticationCallback NTLMAuthCallback = |
| NTLMAuthenticationCallback.getNTLMAuthenticationCallback(); |
| |
| private String hostname; |
| private static String defaultDomain; /* Domain to use if not specified by user */ |
| |
| static { |
| defaultDomain = java.security.AccessController.doPrivileged( |
| new sun.security.action.GetPropertyAction("http.auth.ntlm.domain", |
| "domain")); |
| }; |
| |
| private void init0() { |
| |
| hostname = java.security.AccessController.doPrivileged( |
| new java.security.PrivilegedAction<String>() { |
| public String run() { |
| String localhost; |
| try { |
| localhost = InetAddress.getLocalHost().getHostName().toUpperCase(); |
| } catch (UnknownHostException e) { |
| localhost = "localhost"; |
| } |
| return localhost; |
| } |
| }); |
| int x = hostname.indexOf ('.'); |
| if (x != -1) { |
| hostname = hostname.substring (0, x); |
| } |
| } |
| |
| String username; |
| String ntdomain; |
| String password; |
| |
| /** |
| * Create a NTLMAuthentication: |
| * Username may be specified as domain<BACKSLASH>username in the application Authenticator. |
| * If this notation is not used, then the domain will be taken |
| * from a system property: "http.auth.ntlm.domain". |
| */ |
| public NTLMAuthentication(boolean isProxy, URL url, PasswordAuthentication pw) { |
| super(isProxy ? PROXY_AUTHENTICATION : SERVER_AUTHENTICATION, |
| AuthScheme.NTLM, |
| url, |
| ""); |
| init (pw); |
| } |
| |
| private void init (PasswordAuthentication pw) { |
| this.pw = pw; |
| if (pw != null) { |
| String s = pw.getUserName(); |
| int i = s.indexOf ('\\'); |
| if (i == -1) { |
| username = s; |
| ntdomain = defaultDomain; |
| } else { |
| ntdomain = s.substring (0, i).toUpperCase(); |
| username = s.substring (i+1); |
| } |
| password = new String (pw.getPassword()); |
| } else { |
| /* credentials will be acquired from OS */ |
| username = null; |
| ntdomain = null; |
| password = null; |
| } |
| init0(); |
| } |
| |
| /** |
| * Constructor used for proxy entries |
| */ |
| public NTLMAuthentication(boolean isProxy, String host, int port, |
| PasswordAuthentication pw) { |
| super(isProxy?PROXY_AUTHENTICATION:SERVER_AUTHENTICATION, |
| AuthScheme.NTLM, |
| host, |
| port, |
| ""); |
| init (pw); |
| } |
| |
| /** |
| * @return true if this authentication supports preemptive authorization |
| */ |
| @Override |
| public boolean supportsPreemptiveAuthorization() { |
| return false; |
| } |
| |
| /** |
| * @return true if NTLM supported transparently (no password needed, SSO) |
| */ |
| public static boolean supportsTransparentAuth() { |
| return true; |
| } |
| |
| /** |
| * Returns true if the given site is trusted, i.e. we can try |
| * transparent Authentication. |
| */ |
| public static boolean isTrustedSite(URL url) { |
| return NTLMAuthCallback.isTrustedSite(url); |
| } |
| |
| /** |
| * Not supported. Must use the setHeaders() method |
| */ |
| @Override |
| public String getHeaderValue(URL url, String method) { |
| throw new RuntimeException ("getHeaderValue not supported"); |
| } |
| |
| /** |
| * Check if the header indicates that the current auth. parameters are stale. |
| * If so, then replace the relevant field with the new value |
| * and return true. Otherwise return false. |
| * returning true means the request can be retried with the same userid/password |
| * returning false means we have to go back to the user to ask for a new |
| * username password. |
| */ |
| @Override |
| public boolean isAuthorizationStale (String header) { |
| return false; /* should not be called for ntlm */ |
| } |
| |
| /** |
| * Set header(s) on the given connection. |
| * @param conn The connection to apply the header(s) to |
| * @param p A source of header values for this connection, not used because |
| * HeaderParser converts the fields to lower case, use raw instead |
| * @param raw The raw header field. |
| * @return true if all goes well, false if no headers were set. |
| */ |
| @Override |
| public synchronized boolean setHeaders(HttpURLConnection conn, HeaderParser p, String raw) { |
| |
| try { |
| NTLMAuthSequence seq = (NTLMAuthSequence)conn.authObj(); |
| if (seq == null) { |
| seq = new NTLMAuthSequence (username, password, ntdomain); |
| conn.authObj(seq); |
| } |
| String response = "NTLM " + seq.getAuthHeader (raw.length()>6?raw.substring(5):null); |
| conn.setAuthenticationProperty(getHeaderName(), response); |
| if (seq.isComplete()) { |
| conn.authObj(null); |
| } |
| return true; |
| } catch (IOException e) { |
| conn.authObj(null); |
| return false; |
| } |
| } |
| |
| } |