Examples with Type3Message - jcifs.ntlmssp.Type3Message

Example 1 with Type3Message

use of jcifs.ntlmssp.Type3Message in project cas by apereo.

the class NtlmAuthenticationHandler method doAuthentication.

@Override
protected AuthenticationHandlerExecutionResult doAuthentication(final Credential credential) throws GeneralSecurityException {
    final SpnegoCredential ntlmCredential = (SpnegoCredential) credential;
    final byte[] src = ntlmCredential.getInitToken();
    final UniAddress dc;
    boolean success = false;
    try {
        if (this.loadBalance) {
            if (StringUtils.isNotBlank(this.includePattern)) {
                final NbtAddress[] dcs = NbtAddress.getAllByName(this.domainController, NBT_ADDRESS_TYPE, null, null);
                dc = Arrays.stream(dcs).filter(dc2 -> dc2.getHostAddress().matches(this.includePattern)).findFirst().map(UniAddress::new).orElse(null);
            } else {
                dc = new UniAddress(NbtAddress.getByName(this.domainController, NBT_ADDRESS_TYPE, null));
            }
        } else {
            dc = UniAddress.getByName(this.domainController, true);
        }
        final byte[] challenge = SmbSession.getChallenge(dc);
        switch(src[NTLM_TOKEN_TYPE_FIELD_INDEX]) {
            case NTLM_TOKEN_TYPE_ONE:
                LOGGER.debug("Type 1 received");
                final Type1Message type1 = new Type1Message(src);
                final Type2Message type2 = new Type2Message(type1, challenge, null);
                LOGGER.debug("Type 2 returned. Setting next token.");
                ntlmCredential.setNextToken(type2.toByteArray());
                break;
            case NTLM_TOKEN_TYPE_THREE:
                LOGGER.debug("Type 3 received");
                final Type3Message type3 = new Type3Message(src);
                final byte[] lmResponse = type3.getLMResponse() == null ? new byte[0] : type3.getLMResponse();
                final byte[] ntResponse = type3.getNTResponse() == null ? new byte[0] : type3.getNTResponse();
                final NtlmPasswordAuthentication ntlm = new NtlmPasswordAuthentication(type3.getDomain(), type3.getUser(), challenge, lmResponse, ntResponse);
                LOGGER.debug("Trying to authenticate [{}] with domain controller", type3.getUser());
                try {
                    SmbSession.logon(dc, ntlm);
                    ntlmCredential.setPrincipal(this.principalFactory.createPrincipal(type3.getUser()));
                    success = true;
                } catch (final SmbAuthException sae) {
                    throw new FailedLoginException(sae.getMessage());
                }
                break;
            default:
                LOGGER.debug("Unknown type: [{}]", src[NTLM_TOKEN_TYPE_FIELD_INDEX]);
        }
    } catch (final Exception e) {
        throw new FailedLoginException(e.getMessage());
    }
    if (!success) {
        throw new FailedLoginException();
    }
    return new DefaultAuthenticationHandlerExecutionResult(this, new BasicCredentialMetaData(ntlmCredential), ntlmCredential.getPrincipal());
}

Also used : Type2Message(jcifs.ntlmssp.Type2Message) Type3Message(jcifs.ntlmssp.Type3Message) DefaultAuthenticationHandlerExecutionResult(org.apereo.cas.authentication.DefaultAuthenticationHandlerExecutionResult) GeneralSecurityException(java.security.GeneralSecurityException) FailedLoginException(javax.security.auth.login.FailedLoginException) SmbAuthException(jcifs.smb.SmbAuthException) UniAddress(jcifs.UniAddress) Type1Message(jcifs.ntlmssp.Type1Message) SpnegoCredential(org.apereo.cas.support.spnego.authentication.principal.SpnegoCredential) SmbAuthException(jcifs.smb.SmbAuthException) FailedLoginException(javax.security.auth.login.FailedLoginException) NtlmPasswordAuthentication(jcifs.smb.NtlmPasswordAuthentication) BasicCredentialMetaData(org.apereo.cas.authentication.BasicCredentialMetaData) NbtAddress(jcifs.netbios.NbtAddress)

Example 2 with Type3Message

use of jcifs.ntlmssp.Type3Message in project fess-crawler by codelibs.

the class JcifsEngine method generateType3Msg.

@Override
public String generateType3Msg(final String username, final String password, final String domain, final String workstation, final String challenge) throws NTLMEngineException {
    Type2Message type2Message;
    try {
        type2Message = new Type2Message(Base64.decode(challenge));
    } catch (final IOException exception) {
        throw new NTLMEngineException("Invalid NTLM type 2 message", exception);
    }
    final int type2Flags = type2Message.getFlags();
    final int type3Flags = type2Flags & (0xffffffff ^ (NtlmFlags.NTLMSSP_TARGET_TYPE_DOMAIN | NtlmFlags.NTLMSSP_TARGET_TYPE_SERVER));
    final Type3Message type3Message = new Type3Message(type2Message, password, domain, username, workstation, type3Flags);
    return Base64.encode(type3Message.toByteArray());
}

Also used : IOException(java.io.IOException) NTLMEngineException(org.apache.http.impl.auth.NTLMEngineException) Type2Message(jcifs.ntlmssp.Type2Message) Type3Message(jcifs.ntlmssp.Type3Message)

Aggregations

Type2Message (jcifs.ntlmssp.Type2Message)2 Type3Message (jcifs.ntlmssp.Type3Message)2 IOException (java.io.IOException)1 GeneralSecurityException (java.security.GeneralSecurityException)1 FailedLoginException (javax.security.auth.login.FailedLoginException)1 UniAddress (jcifs.UniAddress)1 NbtAddress (jcifs.netbios.NbtAddress)1 Type1Message (jcifs.ntlmssp.Type1Message)1 NtlmPasswordAuthentication (jcifs.smb.NtlmPasswordAuthentication)1 SmbAuthException (jcifs.smb.SmbAuthException)1 NTLMEngineException (org.apache.http.impl.auth.NTLMEngineException)1 BasicCredentialMetaData (org.apereo.cas.authentication.BasicCredentialMetaData)1 DefaultAuthenticationHandlerExecutionResult (org.apereo.cas.authentication.DefaultAuthenticationHandlerExecutionResult)1 SpnegoCredential (org.apereo.cas.support.spnego.authentication.principal.SpnegoCredential)1