|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.alfresco.repo.webdav.auth.BaseAuthenticationFilter
org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter
org.alfresco.repo.webdav.auth.BaseNTLMAuthenticationFilter
public abstract class BaseNTLMAuthenticationFilter
Base class with common code and initialisation for NTLM authentication filters.
Field Summary | |
---|---|
protected static java.lang.String |
AUTH_NTLM
|
protected static java.lang.String |
AUTHORIZATION
|
static java.lang.String |
NTLM_AUTH_DETAILS
|
static java.lang.String |
NTLM_AUTH_SESSION
|
protected static java.lang.String |
WWW_AUTHENTICATE
|
Fields inherited from class org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter |
---|
authenticationComponent, NO_AUTH_REQUIRED |
Fields inherited from class org.alfresco.repo.webdav.auth.BaseAuthenticationFilter |
---|
ARG_TICKET, AUTHENTICATION_USER, authenticationService, nodeService, personService, transactionService |
Constructor Summary | |
---|---|
BaseNTLMAuthenticationFilter()
|
Method Summary | |
---|---|
protected boolean |
checkNTLMv1(java.lang.String md4hash,
byte[] challenge,
org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg,
boolean checkLMHash)
Perform an NTLMv1 hashed password check |
protected boolean |
checkNTLMv2(java.lang.String md4hash,
byte[] challenge,
org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg)
Perform an NTLMv2 check |
protected boolean |
checkNTLMv2SessionKey(java.lang.String md4hash,
byte[] challenge,
org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg)
Perform an NTLMv2 session key check |
protected void |
disableNTLMv2()
Disable NTLMv2 support, must be called from the implementation constructor |
void |
doFilter(javax.servlet.ServletContext context,
javax.servlet.ServletRequest sreq,
javax.servlet.ServletResponse sresp,
javax.servlet.FilterChain chain)
The doFilter method of the Filter is called by the container each time a request/response pair is
passed through the chain due to a client request for a resource at the end of the chain. |
protected java.lang.String |
getMD4Hash(java.lang.String userName)
Get the stored MD4 hashed password for the user, or null if the user does not exist |
protected void |
init()
Initializes the filter. |
protected void |
processType1(org.alfresco.jlan.server.auth.ntlm.Type1NTLMMessage type1Msg,
javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse res)
Process a type 1 NTLM message |
protected void |
processType3(org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg,
javax.servlet.ServletContext context,
javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse res,
javax.servlet.FilterChain chain)
Process a type 3 NTLM message |
protected void |
restartLoginChallenge(javax.servlet.http.HttpServletResponse res,
javax.servlet.http.HttpSession session)
Restart the NTLM logon process |
void |
setMapUnknownUserToGuest(boolean mapUnknownUserToGuest)
|
protected boolean |
validateLocalHashedPassword(org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg,
org.alfresco.jlan.server.auth.ntlm.NTLMLogonDetails ntlmDetails,
boolean authenticated,
java.lang.String md4hash)
Validate the MD4 hash against local password |
Methods inherited from class org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter |
---|
afterPropertiesSet, allowsTicketLogons, checkForTicketParameter, createUserEnvironment, getLoginPage, getSecurityConfigSection, getServerName, hasLoginPage, isActive, isNTLMSSPBlob, mapClientAddressToDomain, onLoginComplete, onValidate, onValidateFailed, redirectToLoginPage, setActive, setAuthenticationComponent, setLoginPage, setServerConfiguration, setTicketLogons |
Methods inherited from class org.alfresco.repo.webdav.auth.BaseAuthenticationFilter |
---|
createUserEnvironment, createUserObject, doInSystemTransaction, getLogger, getSessionUser, getUserAttributeName, handleLoginForm, invalidateSession, setAuthenticationService, setNodeService, setPersonService, setTransactionService, setUserAttributeName |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final java.lang.String NTLM_AUTH_SESSION
public static final java.lang.String NTLM_AUTH_DETAILS
protected static final java.lang.String WWW_AUTHENTICATE
protected static final java.lang.String AUTHORIZATION
protected static final java.lang.String AUTH_NTLM
Constructor Detail |
---|
public BaseNTLMAuthenticationFilter()
Method Detail |
---|
public void setMapUnknownUserToGuest(boolean mapUnknownUserToGuest)
mapUnknownUserToGuest
- should an unknown user be mapped to guest?protected void init() throws javax.servlet.ServletException
BaseSSOAuthenticationFilter
BaseSSOAuthenticationFilter.isActive()
. Subclasses
should override.
init
in class BaseSSOAuthenticationFilter
javax.servlet.ServletException
public void doFilter(javax.servlet.ServletContext context, javax.servlet.ServletRequest sreq, javax.servlet.ServletResponse sresp, javax.servlet.FilterChain chain) throws java.io.IOException, javax.servlet.ServletException
DependencyInjectedFilter
doFilter
method of the Filter is called by the container each time a request/response pair is
passed through the chain due to a client request for a resource at the end of the chain. The FilterChain passed
in to this method allows the Filter to pass on the request and response to the next entity in the chain.
A typical implementation of this method would follow the following pattern:-
1. Examine the request
2. Optionally wrap the request object with a custom implementation to filter content or headers for input
filtering
3. Optionally wrap the response object with a custom implementation to filter content or headers for output
filtering
4. a) Either invoke the next entity in the chain using the FilterChain object (
chain.doFilter()
),
4. b) or not pass on the request/response pair to the next entity in the filter chain to block
the request processing
5. Directly set headers on the response after invocation of the next entity in the filter chain.
java.io.IOException
javax.servlet.ServletException
protected void processType1(org.alfresco.jlan.server.auth.ntlm.Type1NTLMMessage type1Msg, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res) throws java.io.IOException
type1Msg
- Type1NTLMMessagereq
- HttpServletRequestres
- HttpServletResponsesession
- HttpSession
java.io.IOException
protected void processType3(org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg, javax.servlet.ServletContext context, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res, javax.servlet.FilterChain chain) throws java.io.IOException, javax.servlet.ServletException
type3Msg
- Type3NTLMMessagereq
- HttpServletRequestres
- HttpServletResponsesession
- HttpSessionchain
- FilterChain
java.io.IOException
javax.servlet.ServletException
protected boolean validateLocalHashedPassword(org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg, org.alfresco.jlan.server.auth.ntlm.NTLMLogonDetails ntlmDetails, boolean authenticated, java.lang.String md4hash)
type3Msg
- ntlmDetails
- authenticated
- md4hash
-
protected final boolean checkNTLMv1(java.lang.String md4hash, byte[] challenge, org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg, boolean checkLMHash)
String
- md4hashbyte[]
- challengeType3NTLMMessage
- type3MsgcheckLMHash
- boolean
protected final boolean checkNTLMv2(java.lang.String md4hash, byte[] challenge, org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg)
String
- md4hashbyte[]
- challengeType3NTLMMessage
- type3Msg
protected final boolean checkNTLMv2SessionKey(java.lang.String md4hash, byte[] challenge, org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg)
String
- md4hashbyte[]
- challengeType3NTLMMessage
- type3Msg
protected java.lang.String getMD4Hash(java.lang.String userName)
userName
- md4hash
-
protected void restartLoginChallenge(javax.servlet.http.HttpServletResponse res, javax.servlet.http.HttpSession session) throws java.io.IOException
resp
- httpSess
-
java.io.IOException
protected final void disableNTLMv2()
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |