Examples with Type1Message jcifs.ntlmssp.Type1Message used on opensource projects

Example 1 with Type1Message

use of jcifs.ntlmssp.Type1Message in project cas by apereo.

the class NtlmAuthenticationHandler method doAuthentication.

@Override
protected AuthenticationHandlerExecutionResult doAuthentication(final Credential credential) throws GeneralSecurityException {
    val ntlmCredential = (SpnegoCredential) credential;
    val src = ntlmCredential.getInitToken();
    var success = false;
    try {
        val dc = getUniAddress();
        val challenge = SmbSession.getChallenge(dc);
        switch(src[NTLM_TOKEN_TYPE_FIELD_INDEX]) {
            case NTLM_TOKEN_TYPE_ONE:
                LOGGER.debug("Type 1 received");
                val type1 = new Type1Message(src);
                val type2 = new Type2Message(type1, challenge, null);
                LOGGER.debug("Type 2 returned. Setting next token.");
                ntlmCredential.setNextToken(type2.toByteArray());
                break;
            case NTLM_TOKEN_TYPE_THREE:
                LOGGER.debug("Type 3 received");
                val type3 = new Type3Message(src);
                val lmResponse = type3.getLMResponse() == null ? ArrayUtils.EMPTY_BYTE_ARRAY : type3.getLMResponse();
                val ntResponse = type3.getNTResponse() == null ? ArrayUtils.EMPTY_BYTE_ARRAY : type3.getNTResponse();
                val ntlm = new NtlmPasswordAuthentication(type3.getDomain(), type3.getUser(), challenge, lmResponse, ntResponse);
                LOGGER.debug("Trying to authenticate [{}] with domain controller", type3.getUser());
                try {
                    SmbSession.logon(dc, ntlm);
                    ntlmCredential.setPrincipal(this.principalFactory.createPrincipal(type3.getUser()));
                    success = true;
                } catch (final SmbAuthException sae) {
                    throw new FailedLoginException(sae.getMessage());
                }
                break;
            default:
                LOGGER.debug("Unknown type: [{}]", src[NTLM_TOKEN_TYPE_FIELD_INDEX]);
        }
    } catch (final Exception e) {
        throw new FailedLoginException(e.getMessage());
    }
    if (!success) {
        throw new FailedLoginException();
    }
    return new DefaultAuthenticationHandlerExecutionResult(this, new BasicCredentialMetaData(ntlmCredential), ntlmCredential.getPrincipal());
}

Example 2 with Type1Message

use of jcifs.ntlmssp.Type1Message in project wso2-synapse by wso2.

the class CustomNTLMAuthScheme method authenticate.

/**
 * Produces NTLM authorization string for the given set of
 * {@link Credentials}.
 *
 * @param credentials The set of credentials to be used for athentication
 * @param method      The method being authenticated
 * @return an NTLM authorization string
 * @throws InvalidCredentialsException if authentication credentials are not valid or not applicable
 *                                     for this authentication scheme
 * @throws AuthenticationException     if authorization string cannot be generated due to an
 *                                     authentication failure
 * @since 3.0
 */
public String authenticate(Credentials credentials, HttpMethod method) throws AuthenticationException {
    if (logger.isDebugEnabled()) {
        logger.debug("[CustomNTLMAuthScheme] NTLM Scheme Authentication Method Invoked.");
    }
    if (this.state == UNINITIATED) {
        throw new IllegalStateException("[CustomNTLMAuthScheme] NTLM authentication process has not been initiated");
    }
    // Get the NTLM version from the NTLMMediator and identify the flags to be used for authentication.
    String ntlmVersion = getNTLMVersion();
    if (logger.isDebugEnabled()) {
        logger.debug("[CustomNTLMAuthScheme] The NTLM version going to use is: " + ntlmVersion);
    }
    int flags = 0;
    if (ntlmVersion.toUpperCase().equals("V1")) {
        flags = NtlmFlags.NTLMSSP_NEGOTIATE_NTLM;
    } else if (ntlmVersion.toUpperCase().equals("V2")) {
        flags = NtlmFlags.NTLMSSP_NEGOTIATE_NTLM2;
    } else {
        if (logger.isDebugEnabled()) {
            logger.debug("[CustomNTLMAuthScheme] NTLM Version not specified.");
        }
    }
    NTCredentials ntcredentials = null;
    try {
        ntcredentials = (NTCredentials) credentials;
    } catch (ClassCastException e) {
        throw new InvalidCredentialsException("[CustomNTLMAuthScheme] Credentials cannot be used for NTLM authentication: " + credentials.getClass().getName());
    }
    byte[] msgBytes = null;
    String response = null;
    if (this.state == INITIATED) {
        Type1Message type1Message = new Type1Message(flags, ntcredentials.getDomain(), ntcredentials.getHost());
        msgBytes = type1Message.toByteArray();
        this.state = TYPE1_MSG_GENERATED;
        if (logger.isDebugEnabled()) {
            logger.debug("[CustomNTLMAuthScheme] Type1Message Generated.");
        }
    } else if (this.state == TYPE2_MSG_RECEIVED) {
        if (logger.isDebugEnabled()) {
            logger.debug("[CustomNTLMAuthScheme] Type2Message Received.");
        }
        Type2Message type2Message;
        try {
            type2Message = new jcifs.ntlmssp.Type2Message(jcifs.util.Base64.decode(this.ntlmChallenge));
        } catch (IOException e) {
            throw new RuntimeException("[CustomNTLMAuthScheme] Invalid Type2 message", e);
        }
        Type3Message type3Message = new Type3Message(type2Message, ntcredentials.getPassword(), ntcredentials.getDomain(), ntcredentials.getUserName(), ntcredentials.getHost(), flags);
        msgBytes = type3Message.toByteArray();
        this.state = TYPE3_MSG_GENERATED;
        if (logger.isDebugEnabled()) {
            logger.debug("[CustomNTLMAuthScheme] Type3Message Generated.");
        }
    } else {
        throw new RuntimeException("[CustomNTLMAuthScheme] Failed to Authenticate");
    }
    response = EncodingUtil.getAsciiString(Base64.encodeBase64(msgBytes));
    return "NTLM " + response;
}