View Javadoc

1   /*
2    * ====================================================================
3    * Licensed to the Apache Software Foundation (ASF) under one
4    * or more contributor license agreements.  See the NOTICE file
5    * distributed with this work for additional information
6    * regarding copyright ownership.  The ASF licenses this file
7    * to you under the Apache License, Version 2.0 (the
8    * "License"); you may not use this file except in compliance
9    * with the License.  You may obtain a copy of the License at
10   *
11   *   http://www.apache.org/licenses/LICENSE-2.0
12   *
13   * Unless required by applicable law or agreed to in writing,
14   * software distributed under the License is distributed on an
15   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16   * KIND, either express or implied.  See the License for the
17   * specific language governing permissions and limitations
18   * under the License.
19   * ====================================================================
20   *
21   * This software consists of voluntary contributions made by many
22   * individuals on behalf of the Apache Software Foundation.  For more
23   * information on the Apache Software Foundation, please see
24   * <http://www.apache.org/>.
25   *
26   */
27  package org.apache.http.impl.auth;
28  
29  import org.apache.http.Header;
30  import org.apache.http.HttpRequest;
31  import org.apache.http.annotation.NotThreadSafe;
32  import org.apache.http.auth.AUTH;
33  import org.apache.http.auth.AuthenticationException;
34  import org.apache.http.auth.Credentials;
35  import org.apache.http.auth.InvalidCredentialsException;
36  import org.apache.http.auth.MalformedChallengeException;
37  import org.apache.http.auth.NTCredentials;
38  import org.apache.http.message.BufferedHeader;
39  import org.apache.http.util.Args;
40  import org.apache.http.util.CharArrayBuffer;
41  
42  /**
43   * NTLM is a proprietary authentication scheme developed by Microsoft
44   * and optimized for Windows platforms.
45   *
46   * @since 4.0
47   */
48  @NotThreadSafe
49  public class NTLMScheme extends AuthSchemeBase {
50  
51      enum State {
52          UNINITIATED,
53          CHALLENGE_RECEIVED,
54          MSG_TYPE1_GENERATED,
55          MSG_TYPE2_RECEVIED,
56          MSG_TYPE3_GENERATED,
57          FAILED,
58      }
59  
60      private final NTLMEngine engine;
61  
62      private State state;
63      private String challenge;
64  
65      public NTLMScheme(final NTLMEngine engine) {
66          super();
67          Args.notNull(engine, "NTLM engine");
68          this.engine = engine;
69          this.state = State.UNINITIATED;
70          this.challenge = null;
71      }
72  
73      /**
74       * @since 4.3
75       */
76      public NTLMScheme() {
77          this(new NTLMEngineImpl());
78      }
79  
80      public String getSchemeName() {
81          return "ntlm";
82      }
83  
84      public String getParameter(final String name) {
85          // String parameters not supported
86          return null;
87      }
88  
89      public String getRealm() {
90          // NTLM does not support the concept of an authentication realm
91          return null;
92      }
93  
94      public boolean isConnectionBased() {
95          return true;
96      }
97  
98      @Override
99      protected void parseChallenge(
100             final CharArrayBuffer buffer,
101             final int beginIndex, final int endIndex) throws MalformedChallengeException {
102         final String challenge = buffer.substringTrimmed(beginIndex, endIndex);
103         if (challenge.length() == 0) {
104             if (this.state == State.UNINITIATED) {
105                 this.state = State.CHALLENGE_RECEIVED;
106             } else {
107                 this.state = State.FAILED;
108             }
109             this.challenge = null;
110         } else {
111             this.state = State.MSG_TYPE2_RECEVIED;
112             this.challenge = challenge;
113         }
114     }
115 
116     public Header authenticate(
117             final Credentials credentials,
118             final HttpRequest request) throws AuthenticationException {
119         NTCredentials ntcredentials = null;
120         try {
121             ntcredentials = (NTCredentials) credentials;
122         } catch (final ClassCastException e) {
123             throw new InvalidCredentialsException(
124              "Credentials cannot be used for NTLM authentication: "
125               + credentials.getClass().getName());
126         }
127         String response = null;
128         if (this.state == State.CHALLENGE_RECEIVED || this.state == State.FAILED) {
129             response = this.engine.generateType1Msg(
130                     ntcredentials.getDomain(),
131                     ntcredentials.getWorkstation());
132             this.state = State.MSG_TYPE1_GENERATED;
133         } else if (this.state == State.MSG_TYPE2_RECEVIED) {
134             response = this.engine.generateType3Msg(
135                     ntcredentials.getUserName(),
136                     ntcredentials.getPassword(),
137                     ntcredentials.getDomain(),
138                     ntcredentials.getWorkstation(),
139                     this.challenge);
140             this.state = State.MSG_TYPE3_GENERATED;
141         } else {
142             throw new AuthenticationException("Unexpected state: " + this.state);
143         }
144         final CharArrayBuffer buffer = new CharArrayBuffer(32);
145         if (isProxy()) {
146             buffer.append(AUTH.PROXY_AUTH_RESP);
147         } else {
148             buffer.append(AUTH.WWW_AUTH_RESP);
149         }
150         buffer.append(": NTLM ");
151         buffer.append(response);
152         return new BufferedHeader(buffer);
153     }
154 
155     public boolean isComplete() {
156         return this.state == State.MSG_TYPE3_GENERATED || this.state == State.FAILED;
157     }
158 
159 }