|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.alfresco.repo.webdav.auth.BaseAuthenticationFilter
org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter
org.alfresco.repo.webdav.auth.BaseNTLMAuthenticationFilter
public abstract class BaseNTLMAuthenticationFilter
Base class with common code and initialisation for NTLM authentication filters.
Field Summary | |
---|---|
protected static java.lang.String |
AUTH_NTLM
|
protected static java.lang.String |
AUTHORIZATION
|
static java.lang.String |
NTLM_AUTH_DETAILS
|
static java.lang.String |
NTLM_AUTH_SESSION
|
protected static java.lang.String |
WWW_AUTHENTICATE
|
Fields inherited from class org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter |
---|
MIME_HTML_TEXT |
Fields inherited from class org.alfresco.repo.webdav.auth.BaseAuthenticationFilter |
---|
ARG_TICKET, AUTHENTICATION_USER, authenticationComponent, authenticationService, NO_AUTH_REQUIRED, nodeService, personService, remoteUserMapper, transactionService |
Constructor Summary | |
---|---|
BaseNTLMAuthenticationFilter()
|
Method Summary | |
---|---|
boolean |
authenticateRequest(javax.servlet.ServletContext context,
javax.servlet.http.HttpServletRequest sreq,
javax.servlet.http.HttpServletResponse sresp)
Authenticate user based on information in http request such as Authorization header or cached session information. |
protected boolean |
checkNTLMv1(java.lang.String md4hash,
byte[] challenge,
org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg,
boolean checkLMHash)
Perform an NTLMv1 hashed password check |
protected boolean |
checkNTLMv2(java.lang.String md4hash,
byte[] challenge,
org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg)
Perform an NTLMv2 check |
protected boolean |
checkNTLMv2SessionKey(java.lang.String md4hash,
byte[] challenge,
org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg)
Perform an NTLMv2 session key check |
protected void |
disableNTLMv2()
Disable NTLMv2 support, must be called from the implementation constructor |
protected java.lang.String |
getMD4Hash(java.lang.String userName)
Get the stored MD4 hashed password for the user, or null if the user does not exist |
protected void |
init()
Initializes the filter. |
protected void |
processType1(org.alfresco.jlan.server.auth.ntlm.Type1NTLMMessage type1Msg,
javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse res)
Process a type 1 NTLM message |
protected boolean |
processType3(org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg,
javax.servlet.ServletContext context,
javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse res)
Process a type 3 NTLM message |
void |
restartLoginChallenge(javax.servlet.ServletContext context,
javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse res)
Restart the NTLM logon process |
void |
setMapUnknownUserToGuest(boolean mapUnknownUserToGuest)
|
protected boolean |
validateLocalHashedPassword(org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg,
org.alfresco.jlan.server.auth.ntlm.NTLMLogonDetails ntlmDetails,
boolean authenticated,
java.lang.String md4hash)
Validate the MD4 hash against local password |
Methods inherited from class org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter |
---|
afterPropertiesSet, allowsTicketLogons, checkForTicketParameter, doFilter, getLoginPage, getSecurityConfigSection, getServerName, hasLoginPage, isActive, isNTLMSSPBlob, mapClientAddressToDomain, onLoginComplete, onValidate, onValidateFailed, redirectToLoginPage, setActive, setLoginPage, setServerConfiguration, setTicketLogons, writeLoginPageLink |
Methods inherited from class org.alfresco.repo.webdav.auth.BaseAuthenticationFilter |
---|
createUserEnvironment, createUserEnvironment, createUserObject, doInSystemTransaction, getLogger, getSessionUser, getUserAttributeName, handleLoginForm, invalidateSession, setAuthenticationComponent, setAuthenticationService, setNodeService, setPersonService, setRemoteUserMapper, setTransactionService, setUserAttributeName |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final java.lang.String NTLM_AUTH_SESSION
public static final java.lang.String NTLM_AUTH_DETAILS
protected static final java.lang.String WWW_AUTHENTICATE
protected static final java.lang.String AUTHORIZATION
protected static final java.lang.String AUTH_NTLM
Constructor Detail |
---|
public BaseNTLMAuthenticationFilter()
Method Detail |
---|
public void setMapUnknownUserToGuest(boolean mapUnknownUserToGuest)
mapUnknownUserToGuest
- should an unknown user be mapped to guest?protected void init() throws javax.servlet.ServletException
BaseSSOAuthenticationFilter
BaseSSOAuthenticationFilter.isActive()
. Subclasses
should override.
init
in class BaseSSOAuthenticationFilter
javax.servlet.ServletException
public boolean authenticateRequest(javax.servlet.ServletContext context, javax.servlet.http.HttpServletRequest sreq, javax.servlet.http.HttpServletResponse sresp) throws java.io.IOException, javax.servlet.ServletException
AuthenticationDriver
context
- the contextsreq
- http requestsresp
- http response
true
if authentication was successful
java.io.IOException
javax.servlet.ServletException
protected void processType1(org.alfresco.jlan.server.auth.ntlm.Type1NTLMMessage type1Msg, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res) throws java.io.IOException
type1Msg
- Type1NTLMMessagereq
- HttpServletRequestres
- HttpServletResponsesession
- HttpSession
java.io.IOException
protected boolean processType3(org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg, javax.servlet.ServletContext context, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res) throws java.io.IOException, javax.servlet.ServletException
type3Msg
- Type3NTLMMessagereq
- HttpServletRequestres
- HttpServletResponsesession
- HttpSessionchain
- FilterChain
java.io.IOException
javax.servlet.ServletException
protected boolean validateLocalHashedPassword(org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg, org.alfresco.jlan.server.auth.ntlm.NTLMLogonDetails ntlmDetails, boolean authenticated, java.lang.String md4hash)
type3Msg
- ntlmDetails
- authenticated
- md4hash
-
protected final boolean checkNTLMv1(java.lang.String md4hash, byte[] challenge, org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg, boolean checkLMHash)
String
- md4hashbyte[]
- challengeType3NTLMMessage
- type3MsgcheckLMHash
- boolean
protected final boolean checkNTLMv2(java.lang.String md4hash, byte[] challenge, org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg)
String
- md4hashbyte[]
- challengeType3NTLMMessage
- type3Msg
protected final boolean checkNTLMv2SessionKey(java.lang.String md4hash, byte[] challenge, org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg)
String
- md4hashbyte[]
- challengeType3NTLMMessage
- type3Msg
protected java.lang.String getMD4Hash(java.lang.String userName)
userName
- md4hash
-
public void restartLoginChallenge(javax.servlet.ServletContext context, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res) throws java.io.IOException
context
- resp
- httpSess
-
java.io.IOException
protected final void disableNTLMv2()
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |