public abstract class BaseNTLMAuthenticationFilter extends BaseSSOAuthenticationFilter
Modifier and Type | Field and Description |
---|---|
protected static String |
AUTH_NTLM |
protected static String |
AUTHORIZATION |
static String |
NTLM_AUTH_DETAILS |
static String |
NTLM_AUTH_SESSION |
protected static String |
WWW_AUTHENTICATE |
loginPageLink, MIME_HTML_TEXT
ARG_TICKET, AUTHENTICATION_USER, authenticationComponent, authenticationListener, authenticationService, NO_AUTH_REQUIRED, nodeService, personService, remoteUserMapper, transactionService
AUTHENTICATION_USER
Constructor and Description |
---|
BaseNTLMAuthenticationFilter() |
Modifier and Type | Method and Description |
---|---|
boolean |
authenticateRequest(ServletContext context,
HttpServletRequest sreq,
HttpServletResponse sresp)
Authenticate user based on information in http request such as Authorization header or cached session
information.
|
protected boolean |
checkNTLMv1(String md4hash,
byte[] challenge,
org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg,
boolean checkLMHash)
Perform an NTLMv1 hashed password check
|
protected boolean |
checkNTLMv2(String md4hash,
byte[] challenge,
org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg)
Perform an NTLMv2 check
|
protected boolean |
checkNTLMv2SessionKey(String md4hash,
byte[] challenge,
org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg)
Perform an NTLMv2 session key check
|
protected void |
disableNTLMv2()
Disable NTLMv2 support, must be called from the implementation constructor
|
protected String |
getMD4Hash(String userName)
Get the stored MD4 hashed password for the user, or null if the user does not exist
|
protected void |
init()
Initializes the filter.
|
protected void |
processType1(org.alfresco.jlan.server.auth.ntlm.Type1NTLMMessage type1Msg,
HttpServletRequest req,
HttpServletResponse res)
Process a type 1 NTLM message
|
protected boolean |
processType3(org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg,
ServletContext context,
HttpServletRequest req,
HttpServletResponse res)
Process a type 3 NTLM message
|
void |
restartLoginChallenge(ServletContext context,
HttpServletRequest req,
HttpServletResponse res)
Restart the NTLM logon process
|
void |
setMapUnknownUserToGuest(boolean mapUnknownUserToGuest) |
protected boolean |
validateLocalHashedPassword(org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg,
org.alfresco.jlan.server.auth.ntlm.NTLMLogonDetails ntlmDetails,
boolean authenticated,
String md4hash)
Validate the MD4 hash against local password
|
afterPropertiesSet, allowsTicketLogons, checkForTicketParameter, doFilter, getLoginPage, getLoginPageLink, getSecurityConfigSection, getServerName, hasLoginPage, includeFallbackAuth, isActive, isFallbackEnabled, isNTLMSSPBlob, mapClientAddressToDomain, onLoginComplete, onValidate, onValidateFailed, performFallbackAuthentication, redirectToLoginPage, setActive, setFallback, setFallbackEnabled, setLoginPage, setLoginPageLink, setServerConfiguration, setTicketLogons, writeLoginPageLink
createUserEnvironment, createUserEnvironment, createUserObject, doInSystemTransaction, getLogger, getSessionUser, getUserAttributeName, handleLoginForm, invalidateSession, setAuthenticationComponent, setAuthenticationListener, setAuthenticationService, setNodeService, setPersonService, setRemoteUserMapper, setTransactionService, setUserAttributeName
public static final String NTLM_AUTH_SESSION
public static final String NTLM_AUTH_DETAILS
protected static final String WWW_AUTHENTICATE
protected static final String AUTHORIZATION
protected static final String AUTH_NTLM
public void setMapUnknownUserToGuest(boolean mapUnknownUserToGuest)
mapUnknownUserToGuest
- should an unknown user be mapped to guest?protected void init() throws ServletException
BaseSSOAuthenticationFilter
BaseSSOAuthenticationFilter.isActive()
. Subclasses
should override.init
in class BaseSSOAuthenticationFilter
ServletException
public boolean authenticateRequest(ServletContext context, HttpServletRequest sreq, HttpServletResponse sresp) throws IOException, ServletException
AuthenticationDriver
context
- the contextsreq
- http requestsresp
- http responsetrue
if authentication was successfulIOException
ServletException
protected void processType1(org.alfresco.jlan.server.auth.ntlm.Type1NTLMMessage type1Msg, HttpServletRequest req, HttpServletResponse res) throws IOException
type1Msg
- Type1NTLMMessagereq
- HttpServletRequestres
- HttpServletResponseIOException
protected boolean processType3(org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg, ServletContext context, HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException
type3Msg
- Type3NTLMMessagereq
- HttpServletRequestres
- HttpServletResponseIOException
ServletException
protected boolean validateLocalHashedPassword(org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg, org.alfresco.jlan.server.auth.ntlm.NTLMLogonDetails ntlmDetails, boolean authenticated, String md4hash)
type3Msg
- Type3NTLMMessagentlmDetails
- NTLMLogonDetailsauthenticated
- booleanmd4hash
- Stringprotected final boolean checkNTLMv1(String md4hash, byte[] challenge, org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg, boolean checkLMHash)
md4hash
- Stringchallenge
- byte[]type3Msg
- Type3NTLMMessagecheckLMHash
- booleanprotected final boolean checkNTLMv2(String md4hash, byte[] challenge, org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg)
md4hash
- Stringchallenge
- byte[]type3Msg
- Type3NTLMMessageprotected final boolean checkNTLMv2SessionKey(String md4hash, byte[] challenge, org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg)
md4hash
- Stringchallenge
- byte[]type3Msg
- Type3NTLMMessageprotected String getMD4Hash(String userName)
userName
- Stringpublic void restartLoginChallenge(ServletContext context, HttpServletRequest req, HttpServletResponse res) throws IOException
context
- ServletContextreq
- HttpServletRequestres
- SessHttpServletResponseIOException
protected final void disableNTLMv2()
Copyright © 2005–2017 Alfresco Software. All rights reserved.