--- old/src/windows/classes/sun/net/www/protocol/http/NTLMAuthentication.java Wed Oct 21 11:55:13 2009 +++ /dev/null Wed Oct 21 11:55:13 2009 @@ -1,195 +0,0 @@ -/* - * Copyright 2002-2005 Sun Microsystems, Inc. All Rights Reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Sun designates this - * particular file as subject to the "Classpath" exception as provided - * by Sun in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, - * CA 95054 USA or visit www.sun.com if you need additional information or - * have any questions. - */ - -package sun.net.www.protocol.http; - -import java.io.IOException; -import java.net.InetAddress; -import java.net.PasswordAuthentication; -import java.net.UnknownHostException; -import java.net.URL; -import sun.net.www.HeaderParser; - -/** - * NTLMAuthentication: - * - * @author Michael McMahon - */ - -class NTLMAuthentication extends AuthenticationInfo { - - private static final long serialVersionUID = 100L; - - private String hostname; - private static String defaultDomain; /* Domain to use if not specified by user */ - - static { - defaultDomain = java.security.AccessController.doPrivileged( - new sun.security.action.GetPropertyAction("http.auth.ntlm.domain", - "domain")); - }; - - private void init0() { - - hostname = java.security.AccessController.doPrivileged( - new java.security.PrivilegedAction() { - public String run() { - String localhost; - try { - localhost = InetAddress.getLocalHost().getHostName().toUpperCase(); - } catch (UnknownHostException e) { - localhost = "localhost"; - } - return localhost; - } - }); - int x = hostname.indexOf ('.'); - if (x != -1) { - hostname = hostname.substring (0, x); - } - } - - String username; - String ntdomain; - String password; - - /** - * Create a NTLMAuthentication: - * Username may be specified as domainusername in the application Authenticator. - * If this notation is not used, then the domain will be taken - * from a system property: "http.auth.ntlm.domain". - */ - public NTLMAuthentication(boolean isProxy, URL url, PasswordAuthentication pw) { - super(isProxy ? PROXY_AUTHENTICATION : SERVER_AUTHENTICATION, - AuthScheme.NTLM, - url, - ""); - init (pw); - } - - private void init (PasswordAuthentication pw) { - this.pw = pw; - if (pw != null) { - String s = pw.getUserName(); - int i = s.indexOf ('\\'); - if (i == -1) { - username = s; - ntdomain = defaultDomain; - } else { - ntdomain = s.substring (0, i).toUpperCase(); - username = s.substring (i+1); - } - password = new String (pw.getPassword()); - } else { - /* credentials will be acquired from OS */ - username = null; - ntdomain = null; - password = null; - } - init0(); - } - - /** - * Constructor used for proxy entries - */ - public NTLMAuthentication(boolean isProxy, String host, int port, - PasswordAuthentication pw) { - super(isProxy?PROXY_AUTHENTICATION:SERVER_AUTHENTICATION, - AuthScheme.NTLM, - host, - port, - ""); - init (pw); - } - - /** - * @return true if this authentication supports preemptive authorization - */ - boolean supportsPreemptiveAuthorization() { - return false; - } - - /** - * @return true if NTLM supported transparently (no password needed, SSO) - */ - static boolean supportsTransparentAuth() { - return true; - } - - /** - * @return the name of the HTTP header this authentication wants set - */ - String getHeaderName() { - if (type == SERVER_AUTHENTICATION) { - return "Authorization"; - } else { - return "Proxy-authorization"; - } - } - - /** - * Not supported. Must use the setHeaders() method - */ - String getHeaderValue(URL url, String method) { - throw new RuntimeException ("getHeaderValue not supported"); - } - - /** - * Check if the header indicates that the current auth. parameters are stale. - * If so, then replace the relevant field with the new value - * and return true. Otherwise return false. - * returning true means the request can be retried with the same userid/password - * returning false means we have to go back to the user to ask for a new - * username password. - */ - boolean isAuthorizationStale (String header) { - return false; /* should not be called for ntlm */ - } - - /** - * Set header(s) on the given connection. - * @param conn The connection to apply the header(s) to - * @param p A source of header values for this connection, not used because - * HeaderParser converts the fields to lower case, use raw instead - * @param raw The raw header field. - * @return true if all goes well, false if no headers were set. - */ - synchronized boolean setHeaders(HttpURLConnection conn, HeaderParser p, String raw) { - - try { - NTLMAuthSequence seq = (NTLMAuthSequence)conn.authObj; - if (seq == null) { - seq = new NTLMAuthSequence (username, password, ntdomain); - conn.authObj = seq; - } - String response = "NTLM " + seq.getAuthHeader (raw.length()>6?raw.substring(5):null); - conn.setAuthenticationProperty(getHeaderName(), response); - return true; - } catch (IOException e) { - return false; - } - } - -} --- /dev/null Wed Oct 21 11:55:13 2009 +++ new/src/windows/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java Wed Oct 21 11:55:12 2009 @@ -0,0 +1,191 @@ +/* + * Copyright 2002-2005 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Sun designates this + * particular file as subject to the "Classpath" exception as provided + * by Sun in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, + * CA 95054 USA or visit www.sun.com if you need additional information or + * have any questions. + */ + +package sun.net.www.protocol.http.ntlm; + +import java.io.IOException; +import java.net.InetAddress; +import java.net.PasswordAuthentication; +import java.net.UnknownHostException; +import java.net.URL; +import sun.net.www.HeaderParser; +import sun.net.www.protocol.http.AuthenticationInfo; +import sun.net.www.protocol.http.AuthScheme; +import sun.net.www.protocol.http.HttpURLConnection; + +/** + * NTLMAuthentication: + * + * @author Michael McMahon + */ + +public class NTLMAuthentication extends AuthenticationInfo { + + private static final long serialVersionUID = 100L; + + private String hostname; + private static String defaultDomain; /* Domain to use if not specified by user */ + + static { + defaultDomain = java.security.AccessController.doPrivileged( + new sun.security.action.GetPropertyAction("http.auth.ntlm.domain", + "domain")); + }; + + private void init0() { + + hostname = java.security.AccessController.doPrivileged( + new java.security.PrivilegedAction() { + public String run() { + String localhost; + try { + localhost = InetAddress.getLocalHost().getHostName().toUpperCase(); + } catch (UnknownHostException e) { + localhost = "localhost"; + } + return localhost; + } + }); + int x = hostname.indexOf ('.'); + if (x != -1) { + hostname = hostname.substring (0, x); + } + } + + String username; + String ntdomain; + String password; + + /** + * Create a NTLMAuthentication: + * Username may be specified as domainusername in the application Authenticator. + * If this notation is not used, then the domain will be taken + * from a system property: "http.auth.ntlm.domain". + */ + public NTLMAuthentication(boolean isProxy, URL url, PasswordAuthentication pw) { + super(isProxy ? PROXY_AUTHENTICATION : SERVER_AUTHENTICATION, + AuthScheme.NTLM, + url, + ""); + init (pw); + } + + private void init (PasswordAuthentication pw) { + this.pw = pw; + if (pw != null) { + String s = pw.getUserName(); + int i = s.indexOf ('\\'); + if (i == -1) { + username = s; + ntdomain = defaultDomain; + } else { + ntdomain = s.substring (0, i).toUpperCase(); + username = s.substring (i+1); + } + password = new String (pw.getPassword()); + } else { + /* credentials will be acquired from OS */ + username = null; + ntdomain = null; + password = null; + } + init0(); + } + + /** + * Constructor used for proxy entries + */ + public NTLMAuthentication(boolean isProxy, String host, int port, + PasswordAuthentication pw) { + super(isProxy?PROXY_AUTHENTICATION:SERVER_AUTHENTICATION, + AuthScheme.NTLM, + host, + port, + ""); + init (pw); + } + + /** + * @return true if this authentication supports preemptive authorization + */ + @Override + public boolean supportsPreemptiveAuthorization() { + return false; + } + + /** + * @return true if NTLM supported transparently (no password needed, SSO) + */ + public static boolean supportsTransparentAuth() { + return true; + } + + /** + * Not supported. Must use the setHeaders() method + */ + @Override + public String getHeaderValue(URL url, String method) { + throw new RuntimeException ("getHeaderValue not supported"); + } + + /** + * Check if the header indicates that the current auth. parameters are stale. + * If so, then replace the relevant field with the new value + * and return true. Otherwise return false. + * returning true means the request can be retried with the same userid/password + * returning false means we have to go back to the user to ask for a new + * username password. + */ + @Override + public boolean isAuthorizationStale (String header) { + return false; /* should not be called for ntlm */ + } + + /** + * Set header(s) on the given connection. + * @param conn The connection to apply the header(s) to + * @param p A source of header values for this connection, not used because + * HeaderParser converts the fields to lower case, use raw instead + * @param raw The raw header field. + * @return true if all goes well, false if no headers were set. + */ + @Override + public synchronized boolean setHeaders(HttpURLConnection conn, HeaderParser p, String raw) { + + try { + NTLMAuthSequence seq = (NTLMAuthSequence)conn.authObj(); + if (seq == null) { + seq = new NTLMAuthSequence (username, password, ntdomain); + conn.authObj(seq); + } + String response = "NTLM " + seq.getAuthHeader (raw.length()>6?raw.substring(5):null); + conn.setAuthenticationProperty(getHeaderName(), response); + return true; + } catch (IOException e) { + return false; + } + } + +}