001 /* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, 013 * software distributed under the License is distributed on an 014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 015 * KIND, either express or implied. See the License for the 016 * specific language governing permissions and limitations 017 * under the License. 018 * 019 */ 020 package org.apache.directory.server.ldap.handlers.bind.ntlm; 021 022 023 import org.apache.directory.server.ldap.LdapSession; 024 import org.apache.directory.server.ldap.handlers.bind.AbstractMechanismHandler; 025 import org.apache.directory.server.ldap.handlers.bind.SaslConstants; 026 import org.apache.directory.shared.ldap.message.internal.InternalBindRequest; 027 028 import javax.security.sasl.SaslServer; 029 030 031 /** 032 * A handler for the NTLM Sasl and GSS-SPNEGO mechanism. Note that both 033 * mechanisms require an NTLM mechanism provider which could be implemented 034 * using jCIFS or native Win32 system calls via a JNI wrapper. 035 * 036 * @org.apache.xbean.XBean 037 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> 038 * @version $Rev$, $Date$ 039 */ 040 public class NtlmMechanismHandler extends AbstractMechanismHandler 041 { 042 private String providerFqcn; 043 private NtlmProvider provider; 044 045 046 public void setNtlmProvider( NtlmProvider provider ) 047 { 048 this.provider = provider; 049 } 050 051 052 public void setNtlmProviderFqcn( String fqcnProvider ) 053 { 054 this.providerFqcn = fqcnProvider; 055 } 056 057 058 public SaslServer handleMechanism( LdapSession ldapSession, InternalBindRequest bindRequest ) throws Exception 059 { 060 SaslServer ss = ( SaslServer ) ldapSession.getSaslProperty( SaslConstants.SASL_SERVER ); 061 062 if ( ss == null ) 063 { 064 if ( provider == null ) 065 { 066 initProvider(); 067 } 068 069 ss = new NtlmSaslServer( provider, bindRequest, ldapSession ); 070 ldapSession.putSaslProperty( SaslConstants.SASL_SERVER, ss ); 071 } 072 073 return ss; 074 } 075 076 077 private void initProvider() throws Exception 078 { 079 provider = ( NtlmProvider ) Class.forName( providerFqcn ).newInstance(); 080 } 081 082 083 /** 084 * {@inheritDoc} 085 */ 086 public void init( LdapSession ldapSession ) 087 { 088 // Store the host in the ldap session 089 String saslHost = ldapSession.getLdapServer().getSaslHost(); 090 ldapSession.putSaslProperty( SaslConstants.SASL_HOST, saslHost ); 091 } 092 093 094 /** 095 * Remove the Host, UserBaseDn, props and Mechanism property. 096 * 097 * @param ldapSession the LdapSession instance 098 */ 099 public void cleanup( LdapSession ldapSession ) 100 { 101 ldapSession.removeSaslProperty( SaslConstants.SASL_HOST ); 102 ldapSession.removeSaslProperty( SaslConstants.SASL_USER_BASE_DN ); 103 ldapSession.removeSaslProperty( SaslConstants.SASL_MECH ); 104 ldapSession.removeSaslProperty( SaslConstants.SASL_PROPS ); 105 ldapSession.removeSaslProperty( SaslConstants.SASL_AUTHENT_USER ); 106 } 107 }