--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/windows/classes/sun/net/www/protocol/http/NTLMAuthentication.java Sat Dec 01 00:00:00 2007 +0000
@@ -0,0 +1,199 @@
+/*
+ * Copyright 2002-2005 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Sun designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Sun in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+package sun.net.www.protocol.http;
+
+import java.util.Arrays;
+import java.util.StringTokenizer;
+import java.util.Random;
+
+import sun.net.www.HeaderParser;
+
+import java.io.*;
+import javax.crypto.*;
+import javax.crypto.spec.*;
+import java.security.*;
+import java.net.*;
+
+/**
+ * NTLMAuthentication:
+ *
+ * @author Michael McMahon
+ */
+
+class NTLMAuthentication extends AuthenticationInfo {
+
+ private static final long serialVersionUID = 100L;
+
+ static final char NTLM_AUTH = 'N';
+ private String hostname;
+ private static String defaultDomain; /* Domain to use if not specified by user */
+
+ static {
+ defaultDomain = java.security.AccessController.doPrivileged(
+ new sun.security.action.GetPropertyAction("http.auth.ntlm.domain",
+ "domain"));
+ };
+
+ private void init0() {
+
+ hostname = java.security.AccessController.doPrivileged(
+ new java.security.PrivilegedAction<String>() {
+ public String run() {
+ String localhost;
+ try {
+ localhost = InetAddress.getLocalHost().getHostName().toUpperCase();
+ } catch (UnknownHostException e) {
+ localhost = "localhost";
+ }
+ return localhost;
+ }
+ });
+ int x = hostname.indexOf ('.');
+ if (x != -1) {
+ hostname = hostname.substring (0, x);
+ }
+ }
+
+ String username;
+ String ntdomain;
+ String password;
+
+ /**
+ * Create a NTLMAuthentication:
+ * Username may be specified as domain<BACKSLASH>username in the application Authenticator.
+ * If this notation is not used, then the domain will be taken
+ * from a system property: "http.auth.ntlm.domain".
+ */
+ public NTLMAuthentication(boolean isProxy, URL url, PasswordAuthentication pw) {
+ super(isProxy?PROXY_AUTHENTICATION:SERVER_AUTHENTICATION, NTLM_AUTH, url, "");
+ init (pw);
+ }
+
+ private void init (PasswordAuthentication pw) {
+ this.pw = pw;
+ if (pw != null) {
+ String s = pw.getUserName();
+ int i = s.indexOf ('\\');
+ if (i == -1) {
+ username = s;
+ ntdomain = defaultDomain;
+ } else {
+ ntdomain = s.substring (0, i).toUpperCase();
+ username = s.substring (i+1);
+ }
+ password = new String (pw.getPassword());
+ } else {
+ /* credentials will be acquired from OS */
+ username = null;
+ ntdomain = null;
+ password = null;
+ }
+ init0();
+ }
+
+ /**
+ * Constructor used for proxy entries
+ */
+ public NTLMAuthentication(boolean isProxy, String host, int port,
+ PasswordAuthentication pw) {
+ super(isProxy?PROXY_AUTHENTICATION:SERVER_AUTHENTICATION, NTLM_AUTH,host, port, "");
+ init (pw);
+ }
+
+ /**
+ * @return true if this authentication supports preemptive authorization
+ */
+ boolean supportsPreemptiveAuthorization() {
+ return false;
+ }
+
+ /**
+ * @return true if NTLM supported transparently (no password needed, SSO)
+ */
+ static boolean supportsTransparentAuth() {
+ return true;
+ }
+
+ /**
+ * @return the name of the HTTP header this authentication wants set
+ */
+ String getHeaderName() {
+ if (type == SERVER_AUTHENTICATION) {
+ return "Authorization";
+ } else {
+ return "Proxy-authorization";
+ }
+ }
+
+ /**
+ * Not supported. Must use the setHeaders() method
+ */
+ String getHeaderValue(URL url, String method) {
+ throw new RuntimeException ("getHeaderValue not supported");
+ }
+
+ /**
+ * Check if the header indicates that the current auth. parameters are stale.
+ * If so, then replace the relevant field with the new value
+ * and return true. Otherwise return false.
+ * returning true means the request can be retried with the same userid/password
+ * returning false means we have to go back to the user to ask for a new
+ * username password.
+ */
+ boolean isAuthorizationStale (String header) {
+ return false; /* should not be called for ntlm */
+ }
+
+ /**
+ * Set header(s) on the given connection.
+ * @param conn The connection to apply the header(s) to
+ * @param p A source of header values for this connection, not used because
+ * HeaderParser converts the fields to lower case, use raw instead
+ * @param raw The raw header field.
+ * @return true if all goes well, false if no headers were set.
+ */
+ synchronized boolean setHeaders(HttpURLConnection conn, HeaderParser p, String raw) {
+
+ try {
+ NTLMAuthSequence seq = (NTLMAuthSequence)conn.authObj;
+ if (seq == null) {
+ seq = new NTLMAuthSequence (username, password, ntdomain);
+ conn.authObj = seq;
+ }
+ String response = "NTLM " + seq.getAuthHeader (raw.length()>6?raw.substring(5):null);
+ conn.setAuthenticationProperty(getHeaderName(), response);
+ return true;
+ } catch (IOException e) {
+ return false;
+ }
+ }
+
+ /* This is a no-op for NTLM, because there is no authentication information
+ * provided by the server to the client
+ */
+ public void checkResponse (String header, String method, URL url) throws IOException {
+ }
+}