< prev index next >

src/java.base/unix/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java

Print this page
rev 14210 : 8154231: Simplify access to System properties from JDK code
Reviewed-by: rriggs


  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package sun.net.www.protocol.http.ntlm;
  27 
  28 import com.sun.security.ntlm.Client;
  29 import com.sun.security.ntlm.NTLMException;
  30 import java.io.IOException;
  31 import java.net.InetAddress;
  32 import java.net.PasswordAuthentication;
  33 import java.net.UnknownHostException;
  34 import java.net.URL;
  35 import java.security.GeneralSecurityException;
  36 import java.util.Base64;
  37 
  38 import sun.net.www.HeaderParser;
  39 import sun.net.www.protocol.http.AuthenticationInfo;
  40 import sun.net.www.protocol.http.AuthScheme;
  41 import sun.net.www.protocol.http.HttpURLConnection;

  42 
  43 /**
  44  * NTLMAuthentication:
  45  *
  46  * @author Michael McMahon
  47  */
  48 
  49 /*
  50  * NTLM authentication is nominally based on the framework defined in RFC2617,
  51  * but differs from the standard (Basic & Digest) schemes as follows:
  52  *
  53  * 1. A complete authentication requires three request/response transactions
  54  *    as shown below:
  55  *            REQ ------------------------------->
  56  *            <---- 401 (signalling NTLM) --------
  57  *
  58  *            REQ (with type1 NTLM msg) --------->
  59  *            <---- 401 (with type 2 NTLM msg) ---
  60  *
  61  *            REQ (with type3 NTLM msg) --------->
  62  *            <---- OK ---------------------------
  63  *
  64  * 2. The scope of the authentication is the TCP connection (which must be kept-alive)
  65  *    after the type2 response is received. This means that NTLM does not work end-to-end
  66  *    through a proxy, rather between client and proxy, or between client and server (with no proxy)
  67  */
  68 
  69 public class NTLMAuthentication extends AuthenticationInfo {
  70     private static final long serialVersionUID = 170L;
  71 
  72     private static final NTLMAuthenticationCallback NTLMAuthCallback =
  73         NTLMAuthenticationCallback.getNTLMAuthenticationCallback();
  74 
  75     private String hostname;
  76     private static String defaultDomain; /* Domain to use if not specified by user */
  77 
  78     static {
  79         defaultDomain = java.security.AccessController.doPrivileged(
  80             new sun.security.action.GetPropertyAction("http.auth.ntlm.domain", ""));
  81     };
  82 
  83     public static boolean supportsTransparentAuth () {
  84         return false;
  85     }
  86 
  87     /**
  88      * Returns true if the given site is trusted, i.e. we can try
  89      * transparent Authentication.
  90      */
  91     public static boolean isTrustedSite(URL url) {
  92         return NTLMAuthCallback.isTrustedSite(url);
  93     }
  94 
  95     private void init0() {
  96 
  97         hostname = java.security.AccessController.doPrivileged(
  98             new java.security.PrivilegedAction<>() {
  99             public String run() {
 100                 String localhost;
 101                 try {


 126         init (pw);
 127     }
 128 
 129     private void init (PasswordAuthentication pw) {
 130         String username;
 131         String ntdomain;
 132         char[] password;
 133         this.pw = pw;
 134         String s = pw.getUserName();
 135         int i = s.indexOf ('\\');
 136         if (i == -1) {
 137             username = s;
 138             ntdomain = defaultDomain;
 139         } else {
 140             ntdomain = s.substring (0, i).toUpperCase();
 141             username = s.substring (i+1);
 142         }
 143         password = pw.getPassword();
 144         init0();
 145         try {
 146             String version = java.security.AccessController.doPrivileged(
 147                     new sun.security.action.GetPropertyAction("ntlm.version"));
 148             client = new Client(version, hostname, username, ntdomain, password);
 149         } catch (NTLMException ne) {
 150             try {
 151                 client = new Client(null, hostname, username, ntdomain, password);
 152             } catch (NTLMException ne2) {
 153                 // Will never happen
 154                 throw new AssertionError("Really?");
 155             }
 156         }
 157     }
 158 
 159    /**
 160     * Constructor used for proxy entries
 161     */
 162     public NTLMAuthentication(boolean isProxy, String host, int port,
 163                                 PasswordAuthentication pw) {
 164         super(isProxy ? PROXY_AUTHENTICATION : SERVER_AUTHENTICATION,
 165                 AuthScheme.NTLM,
 166                 host,
 167                 port,




  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package sun.net.www.protocol.http.ntlm;
  27 
  28 import com.sun.security.ntlm.Client;
  29 import com.sun.security.ntlm.NTLMException;
  30 import java.io.IOException;
  31 import java.net.InetAddress;
  32 import java.net.PasswordAuthentication;
  33 import java.net.UnknownHostException;
  34 import java.net.URL;
  35 import java.security.GeneralSecurityException;
  36 import java.util.Base64;
  37 
  38 import sun.net.www.HeaderParser;
  39 import sun.net.www.protocol.http.AuthenticationInfo;
  40 import sun.net.www.protocol.http.AuthScheme;
  41 import sun.net.www.protocol.http.HttpURLConnection;
  42 import sun.security.action.GetPropertyAction;
  43 
  44 /**
  45  * NTLMAuthentication:
  46  *
  47  * @author Michael McMahon
  48  */
  49 
  50 /*
  51  * NTLM authentication is nominally based on the framework defined in RFC2617,
  52  * but differs from the standard (Basic & Digest) schemes as follows:
  53  *
  54  * 1. A complete authentication requires three request/response transactions
  55  *    as shown below:
  56  *            REQ ------------------------------->
  57  *            <---- 401 (signalling NTLM) --------
  58  *
  59  *            REQ (with type1 NTLM msg) --------->
  60  *            <---- 401 (with type 2 NTLM msg) ---
  61  *
  62  *            REQ (with type3 NTLM msg) --------->
  63  *            <---- OK ---------------------------
  64  *
  65  * 2. The scope of the authentication is the TCP connection (which must be kept-alive)
  66  *    after the type2 response is received. This means that NTLM does not work end-to-end
  67  *    through a proxy, rather between client and proxy, or between client and server (with no proxy)
  68  */
  69 
  70 public class NTLMAuthentication extends AuthenticationInfo {
  71     private static final long serialVersionUID = 170L;
  72 
  73     private static final NTLMAuthenticationCallback NTLMAuthCallback =
  74         NTLMAuthenticationCallback.getNTLMAuthenticationCallback();
  75 
  76     private String hostname;
  77     /* Domain to use if not specified by user */
  78     private static String defaultDomain =
  79             GetPropertyAction.getProperty("http.auth.ntlm.domain", "");



  80 
  81     public static boolean supportsTransparentAuth () {
  82         return false;
  83     }
  84 
  85     /**
  86      * Returns true if the given site is trusted, i.e. we can try
  87      * transparent Authentication.
  88      */
  89     public static boolean isTrustedSite(URL url) {
  90         return NTLMAuthCallback.isTrustedSite(url);
  91     }
  92 
  93     private void init0() {
  94 
  95         hostname = java.security.AccessController.doPrivileged(
  96             new java.security.PrivilegedAction<>() {
  97             public String run() {
  98                 String localhost;
  99                 try {


 124         init (pw);
 125     }
 126 
 127     private void init (PasswordAuthentication pw) {
 128         String username;
 129         String ntdomain;
 130         char[] password;
 131         this.pw = pw;
 132         String s = pw.getUserName();
 133         int i = s.indexOf ('\\');
 134         if (i == -1) {
 135             username = s;
 136             ntdomain = defaultDomain;
 137         } else {
 138             ntdomain = s.substring (0, i).toUpperCase();
 139             username = s.substring (i+1);
 140         }
 141         password = pw.getPassword();
 142         init0();
 143         try {
 144             String version = GetPropertyAction.getProperty("ntlm.version");

 145             client = new Client(version, hostname, username, ntdomain, password);
 146         } catch (NTLMException ne) {
 147             try {
 148                 client = new Client(null, hostname, username, ntdomain, password);
 149             } catch (NTLMException ne2) {
 150                 // Will never happen
 151                 throw new AssertionError("Really?");
 152             }
 153         }
 154     }
 155 
 156    /**
 157     * Constructor used for proxy entries
 158     */
 159     public NTLMAuthentication(boolean isProxy, String host, int port,
 160                                 PasswordAuthentication pw) {
 161         super(isProxy ? PROXY_AUTHENTICATION : SERVER_AUTHENTICATION,
 162                 AuthScheme.NTLM,
 163                 host,
 164                 port,


< prev index next >