6997851: Create NTLM AuthenticationCallBack class to avoid NTLM info leakage on client side
Reviewed-by: michaelm
--- a/jdk/make/sun/net/FILES_java.gmk Mon Nov 01 11:32:50 2010 -0400
+++ b/jdk/make/sun/net/FILES_java.gmk Mon Jan 10 18:12:43 2011 +0000
@@ -100,6 +100,7 @@
sun/net/www/protocol/http/NegotiateAuthentication.java \
sun/net/www/protocol/http/Negotiator.java \
sun/net/www/protocol/http/ntlm/NTLMAuthentication.java \
+ sun/net/www/protocol/http/ntlm/NTLMAuthenticationCallback.java \
sun/net/www/protocol/http/spnego/NegotiatorImpl.java \
sun/net/www/protocol/http/spnego/NegotiateCallbackHandler.java \
sun/net/www/protocol/http/logging/HttpLogFormatter.java \
--- a/jdk/src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java Mon Nov 01 11:32:50 2010 -0400
+++ b/jdk/src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java Mon Jan 10 18:12:43 2011 +0000
@@ -2173,6 +2173,13 @@
if (tryTransparentNTLMServer) {
tryTransparentNTLMServer =
NTLMAuthenticationProxy.proxy.supportsTransparentAuth;
+ /* If the platform supports transparent authentication
+ * then check if we are in a secure environment
+ * whether, or not, we should try transparent authentication.*/
+ if (tryTransparentNTLMServer) {
+ tryTransparentNTLMServer =
+ NTLMAuthenticationProxy.proxy.isTrustedSite(url);
+ }
}
a = null;
if (tryTransparentNTLMServer) {
--- a/jdk/src/share/classes/sun/net/www/protocol/http/NTLMAuthenticationProxy.java Mon Nov 01 11:32:50 2010 -0400
+++ b/jdk/src/share/classes/sun/net/www/protocol/http/NTLMAuthenticationProxy.java Mon Jan 10 18:12:43 2011 +0000
@@ -36,12 +36,14 @@
*/
class NTLMAuthenticationProxy {
private static Method supportsTA;
+ private static Method isTrustedSite;
private static final String clazzStr = "sun.net.www.protocol.http.ntlm.NTLMAuthentication";
private static final String supportsTAStr = "supportsTransparentAuth";
+ private static final String isTrustedSiteStr = "isTrustedSite";
static final NTLMAuthenticationProxy proxy = tryLoadNTLMAuthentication();
static final boolean supported = proxy != null ? true : false;
- static final boolean supportsTransparentAuth = supported ? supportsTransparentAuth(supportsTA) : false;
+ static final boolean supportsTransparentAuth = supported ? supportsTransparentAuth() : false;
private final Constructor<? extends AuthenticationInfo> threeArgCtr;
private final Constructor<? extends AuthenticationInfo> fiveArgCtr;
@@ -82,9 +84,22 @@
* authentication (try with the current users credentials before
* prompting for username and password, etc).
*/
- private static boolean supportsTransparentAuth(Method method) {
+ private static boolean supportsTransparentAuth() {
try {
- return (Boolean)method.invoke(null);
+ return (Boolean)supportsTA.invoke(null);
+ } catch (ReflectiveOperationException roe) {
+ finest(roe);
+ }
+
+ return false;
+ }
+
+ /* Transparent authentication should only be tried with a trusted
+ * site ( when running in a secure environment ).
+ */
+ public static boolean isTrustedSite(URL url) {
+ try {
+ return (Boolean)isTrustedSite.invoke(null, url);
} catch (ReflectiveOperationException roe) {
finest(roe);
}
@@ -112,6 +127,7 @@
int.class,
PasswordAuthentication.class);
supportsTA = cl.getDeclaredMethod(supportsTAStr);
+ isTrustedSite = cl.getDeclaredMethod(isTrustedSiteStr, java.net.URL.class);
return new NTLMAuthenticationProxy(threeArg,
fiveArg);
}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/net/www/protocol/http/ntlm/NTLMAuthenticationCallback.java Mon Jan 10 18:12:43 2011 +0000
@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.net.www.protocol.http.ntlm;
+
+import java.net.URL;
+
+/**
+ * This class is used to call back to deployment to determine if a given
+ * URL is trusted. Transparent authentication (try with logged in users
+ * credentials without prompting) should only be tried with trusted sites.
+ */
+public abstract class NTLMAuthenticationCallback {
+ private static volatile NTLMAuthenticationCallback callback =
+ new DefaultNTLMAuthenticationCallback();
+
+ public static void setNTLMAuthenticationCallback(
+ NTLMAuthenticationCallback callback) {
+ NTLMAuthenticationCallback.callback = callback;
+ }
+
+ public static NTLMAuthenticationCallback getNTLMAuthenticationCallback() {
+ return callback;
+ }
+
+ /**
+ * Returns true if the given site is trusted, i.e. we can try
+ * transparent Authentication.
+ */
+ public abstract boolean isTrustedSite(URL url);
+
+ static class DefaultNTLMAuthenticationCallback extends NTLMAuthenticationCallback {
+ @Override
+ public boolean isTrustedSite(URL url) { return true; }
+ }
+}
+
--- a/jdk/src/solaris/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java Mon Nov 01 11:32:50 2010 -0400
+++ b/jdk/src/solaris/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java Mon Jan 10 18:12:43 2011 +0000
@@ -68,6 +68,9 @@
public class NTLMAuthentication extends AuthenticationInfo {
private static final long serialVersionUID = 170L;
+ private static final NTLMAuthenticationCallback NTLMAuthCallback =
+ NTLMAuthenticationCallback.getNTLMAuthenticationCallback();
+
private String hostname;
private static String defaultDomain; /* Domain to use if not specified by user */
@@ -81,6 +84,14 @@
return false;
}
+ /**
+ * Returns true if the given site is trusted, i.e. we can try
+ * transparent Authentication.
+ */
+ public static boolean isTrustedSite(URL url) {
+ return NTLMAuthCallback.isTrustedSite(url);
+ }
+
private void init0() {
hostname = java.security.AccessController.doPrivileged(
--- a/jdk/src/windows/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java Mon Nov 01 11:32:50 2010 -0400
+++ b/jdk/src/windows/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java Mon Jan 10 18:12:43 2011 +0000
@@ -45,6 +45,9 @@
private static final long serialVersionUID = 100L;
+ private static final NTLMAuthenticationCallback NTLMAuthCallback =
+ NTLMAuthenticationCallback.getNTLMAuthenticationCallback();
+
private String hostname;
private static String defaultDomain; /* Domain to use if not specified by user */
@@ -143,6 +146,14 @@
}
/**
+ * Returns true if the given site is trusted, i.e. we can try
+ * transparent Authentication.
+ */
+ public static boolean isTrustedSite(URL url) {
+ return NTLMAuthCallback.isTrustedSite(url);
+ }
+
+ /**
* Not supported. Must use the setHeaders() method
*/
@Override