org.alfresco.filesys.auth.cifs

Class PassthruCifsAuthenticator

java.lang.Object

org.alfresco.jlan.server.auth.CifsAuthenticator

org.alfresco.filesys.auth.cifs.CifsAuthenticatorBase

org.alfresco.filesys.auth.cifs.PassthruCifsAuthenticator

All Implemented Interfaces:

org.alfresco.jlan.server.auth.ICifsAuthenticator, org.alfresco.jlan.server.SessionListener, ActivateableBean, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean

public class PassthruCifsAuthenticator
extends CifsAuthenticatorBase
implements org.alfresco.jlan.server.SessionListener

Passthru Authenticator Class

Authenticate users accessing the CIFS server by validating the user against a domain controller or other server on the network.

Author:

GKSpencer

Field Summary

Fields

Modifier and Type	Field and Description
static int	DefaultSessionTmo
static int	MaxCheckInterval
static int	MaxSessionTmo
static int	MinCheckInterval
static int	MinSessionTmo
static long	PassthruKeepAliveInterval

Fields inherited from class org.alfresco.filesys.auth.cifs.CifsAuthenticatorBase

m_md4Encoder

Fields inherited from class org.alfresco.jlan.server.auth.CifsAuthenticator

GUEST_USERNAME, m_config, m_random

Fields inherited from interface org.alfresco.jlan.server.auth.ICifsAuthenticator

AUTH_ACCDISABLED, AUTH_ALLOW, AUTH_BADPASSWORD, AUTH_BADUSER, AUTH_DISALLOW, AUTH_GUEST, AUTH_PASSEXPIRED, LANMAN, NoAccess, NTLM1, NTLM2, ReadOnly, SHARE_MODE, STANDARD_CHALLENGE_LEN, STANDARD_PASSWORD_LEN, USER_MODE, Writeable

Constructor Summary

Constructors

Constructor and Description
PassthruCifsAuthenticator() Passthru Authenticator Constructor

Method Summary

Modifier and Type	Method and Description
int	authenticateShareConnect(org.alfresco.jlan.server.auth.ClientInfo client, org.alfresco.jlan.server.core.SharedDevice share, String sharePwd, org.alfresco.jlan.server.SrvSession sess) Authenticate the connection to a particular share, called when the SMB server is in share security mode
int	authenticateUser(org.alfresco.jlan.server.auth.ClientInfo client, org.alfresco.jlan.server.SrvSession sess, int alg) Authenticate a session setup by a user
void	closeAuthenticator() Close the authenticator, perform cleanup
void	generateNegotiateResponse(org.alfresco.jlan.smb.server.SMBSrvSession sess, org.alfresco.jlan.smb.server.SMBSrvPacket respPkt, boolean extendedSecurity) Generate the CIFS negotiate response packet, the authenticator should add authentication specific fields to the response.
org.alfresco.jlan.server.auth.AuthContext	getAuthContext(org.alfresco.jlan.smb.server.SMBSrvSession sess) Return an authentication context for the new session
int	getServerCapabilities() Return the server capability flags
Hashtable<String,org.alfresco.jlan.server.auth.passthru.PassthruDetails>	getSessions()
void	initialize(org.alfresco.jlan.server.config.ServerConfiguration config, org.springframework.extensions.config.ConfigElement params) Initialize the authenticator via the config service
void	processAlfrescoSessionSetup(org.alfresco.jlan.smb.server.SMBSrvSession sess, org.alfresco.jlan.smb.server.SMBSrvPacket reqPkt) Process the CIFS session setup request packet and build the session setup response
void	processSessionSetup(org.alfresco.jlan.smb.server.SMBSrvSession sess, org.alfresco.jlan.smb.server.SMBSrvPacket reqPkt) Process the CIFS session setup request packet and build the session setup response.
void	sessionClosed(org.alfresco.jlan.server.SrvSession sess) SMB server session closed notification
void	sessionCreated(org.alfresco.jlan.server.SrvSession sess) SMB server session created notification
void	sessionLoggedOn(org.alfresco.jlan.server.SrvSession sess) User successfully logged on notification
void	setPassthruServers(org.alfresco.jlan.server.auth.passthru.PassthruServers servers)
protected boolean	validateAuthenticationMode() Validate that the authentication component supports the required mode.

Methods inherited from class org.alfresco.filesys.auth.cifs.CifsAuthenticatorBase

afterPropertiesSet, checkForAdminUserName, destroy, doGuestLogon, doInTransaction, getAuthenticationComponent, getAuthenticationService, getAuthorityService, getHomeFolderForUser, getNodeService, getNTLMAuthenticator, getPersonService, initialize, isActive, mapUserNameToPerson, setActive, setAuthenticationComponent, setAuthenticationService, setAuthorityService, setCurrentUser, setDiskInterface, setNodeService, setPersonService, setTransactionService

Methods inherited from class org.alfresco.jlan.server.auth.CifsAuthenticator

allowGuest, authenticateUserPlainText, convertPassword, generateEncryptedPassword, getAccessMode, getCIFSConfig, getEnabledDialects, getEncryptionKeyLength, getEncryptor, getGuestUserName, getsecurityConfig, getSecurityMode, getStatusAsString, getUserDetails, hasDebug, hasExtendedSecurity, hasSessionCleanup, mapClientAddressToDomain, mapUnknownUserToGuest, setAccessMode, setAllowGuest, setConfig, setDebug, setExtendedSecurity, setGuestUserName, setMapToGuest, setSecurityMode, setSessionCleanup, toString, validatePassword

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

DefaultSessionTmo

public static final int DefaultSessionTmo

See Also:

Constant Field Values

MinSessionTmo

public static final int MinSessionTmo

See Also:

Constant Field Values

MaxSessionTmo

public static final int MaxSessionTmo

See Also:

Constant Field Values

MinCheckInterval

public static final int MinCheckInterval

See Also:

Constant Field Values

MaxCheckInterval

public static final int MaxCheckInterval

See Also:

Constant Field Values

PassthruKeepAliveInterval

public static final long PassthruKeepAliveInterval

See Also:

Constant Field Values

Constructor Detail

PassthruCifsAuthenticator

public PassthruCifsAuthenticator()

Passthru Authenticator Constructor

Default to user mode security with encrypted password support.

Method Detail

getSessions

public Hashtable<String,org.alfresco.jlan.server.auth.passthru.PassthruDetails> getSessions()

setPassthruServers

public void setPassthruServers(org.alfresco.jlan.server.auth.passthru.PassthruServers servers)

authenticateShareConnect

public int authenticateShareConnect(org.alfresco.jlan.server.auth.ClientInfo client,
                                    org.alfresco.jlan.server.core.SharedDevice share,
                                    String sharePwd,
                                    org.alfresco.jlan.server.SrvSession sess)

Authenticate the connection to a particular share, called when the SMB server is in share security mode

Specified by:

authenticateShareConnect in interface org.alfresco.jlan.server.auth.ICifsAuthenticator

Overrides:

authenticateShareConnect in class org.alfresco.jlan.server.auth.CifsAuthenticator

Parameters:

client - ClientInfo

share - SharedDevice

sharePwd - String

sess - SrvSession

Returns:

int

authenticateUser

public int authenticateUser(org.alfresco.jlan.server.auth.ClientInfo client,
                            org.alfresco.jlan.server.SrvSession sess,
                            int alg)

Authenticate a session setup by a user

Specified by:

authenticateUser in interface org.alfresco.jlan.server.auth.ICifsAuthenticator

Overrides:

authenticateUser in class org.alfresco.jlan.server.auth.CifsAuthenticator

Parameters:

client - ClientInfo

sess - SrvSession

alg - int

Returns:

int

getAuthContext

public org.alfresco.jlan.server.auth.AuthContext getAuthContext(org.alfresco.jlan.smb.server.SMBSrvSession sess)

Return an authentication context for the new session

Overrides:

getAuthContext in class org.alfresco.jlan.server.auth.CifsAuthenticator

Returns:

AuthContext

generateNegotiateResponse

public void generateNegotiateResponse(org.alfresco.jlan.smb.server.SMBSrvSession sess,
                                      org.alfresco.jlan.smb.server.SMBSrvPacket respPkt,
                                      boolean extendedSecurity)
                               throws org.alfresco.jlan.server.auth.AuthenticatorException

Generate the CIFS negotiate response packet, the authenticator should add authentication specific fields to the response.

Specified by:

generateNegotiateResponse in interface org.alfresco.jlan.server.auth.ICifsAuthenticator

Overrides:

generateNegotiateResponse in class org.alfresco.jlan.server.auth.CifsAuthenticator

Parameters:

sess - SMBSrvSession

respPkt - SMBSrvPacket

extendedSecurity - boolean

Throws:

org.alfresco.jlan.server.auth.AuthenticatorException

processSessionSetup

public void processSessionSetup(org.alfresco.jlan.smb.server.SMBSrvSession sess,
                                org.alfresco.jlan.smb.server.SMBSrvPacket reqPkt)
                         throws org.alfresco.jlan.smb.server.SMBSrvException

Process the CIFS session setup request packet and build the session setup response.

This is the boundary between alfresco and JLAN. So is responsible for logging and ensuring that the exceptions are correct for JLAN.

Specified by:

processSessionSetup in interface org.alfresco.jlan.server.auth.ICifsAuthenticator

Overrides:

processSessionSetup in class org.alfresco.jlan.server.auth.CifsAuthenticator

Parameters:

sess - SMBSrvSession

reqPkt - SMBSrvPacket

Throws:

org.alfresco.jlan.smb.server.SMBSrvException

processAlfrescoSessionSetup

public void processAlfrescoSessionSetup(org.alfresco.jlan.smb.server.SMBSrvSession sess,
                                        org.alfresco.jlan.smb.server.SMBSrvPacket reqPkt)
                                 throws org.alfresco.jlan.smb.server.SMBSrvException

Process the CIFS session setup request packet and build the session setup response

Parameters:

sess - SMBSrvSession

reqPkt - SMBSrvPacket

Throws:

org.alfresco.jlan.smb.server.SMBSrvException

validateAuthenticationMode

protected boolean validateAuthenticationMode()

Description copied from class: CifsAuthenticatorBase

Validate that the authentication component supports the required mode.

Overrides:

validateAuthenticationMode in class CifsAuthenticatorBase

Returns:

boolean

initialize

public void initialize(org.alfresco.jlan.server.config.ServerConfiguration config,
                       org.springframework.extensions.config.ConfigElement params)
                throws org.alfresco.jlan.server.config.InvalidConfigurationException

Initialize the authenticator via the config service

Overrides:

initialize in class CifsAuthenticatorBase

Parameters:

config - ServerConfiguration

params - ConfigElement

Throws:

org.alfresco.jlan.server.config.InvalidConfigurationException

getServerCapabilities

public int getServerCapabilities()

Return the server capability flags

Specified by:

getServerCapabilities in interface org.alfresco.jlan.server.auth.ICifsAuthenticator

Overrides:

getServerCapabilities in class org.alfresco.jlan.server.auth.CifsAuthenticator

Returns:

int

closeAuthenticator

public void closeAuthenticator()

Close the authenticator, perform cleanup

Specified by:

closeAuthenticator in interface org.alfresco.jlan.server.auth.ICifsAuthenticator

Overrides:

closeAuthenticator in class org.alfresco.jlan.server.auth.CifsAuthenticator

sessionClosed

public void sessionClosed(org.alfresco.jlan.server.SrvSession sess)

SMB server session closed notification

Specified by:

sessionClosed in interface org.alfresco.jlan.server.SessionListener

Parameters:

sess - SrvSession

sessionCreated

public void sessionCreated(org.alfresco.jlan.server.SrvSession sess)

SMB server session created notification

Specified by:

sessionCreated in interface org.alfresco.jlan.server.SessionListener

Parameters:

sess - SrvSession

sessionLoggedOn

public void sessionLoggedOn(org.alfresco.jlan.server.SrvSession sess)

User successfully logged on notification

Specified by:

sessionLoggedOn in interface org.alfresco.jlan.server.SessionListener

Parameters:

sess - SrvSession