001/* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, 013 * software distributed under the License is distributed on an 014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 015 * KIND, either express or implied. See the License for the 016 * specific language governing permissions and limitations 017 * under the License. 018 * 019 */ 020package org.apache.directory.server.ldap.handlers.sasl.ntlm; 021 022 023import javax.security.sasl.SaslServer; 024 025import org.apache.directory.api.ldap.model.message.BindRequest; 026import org.apache.directory.server.ldap.LdapSession; 027import org.apache.directory.server.ldap.handlers.sasl.AbstractMechanismHandler; 028import org.apache.directory.server.ldap.handlers.sasl.SaslConstants; 029 030 031/** 032 * A handler for the NTLM Sasl and GSS-SPNEGO mechanism. Note that both 033 * mechanisms require an NTLM mechanism provider which could be implemented 034 * using jCIFS or native Win32 system calls via a JNI wrapper. 035 * 036 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> 037 */ 038public class NtlmMechanismHandler extends AbstractMechanismHandler 039{ 040 private String providerFqcn; 041 private NtlmProvider provider; 042 043 044 public void setNtlmProvider( NtlmProvider provider ) 045 { 046 this.provider = provider; 047 } 048 049 050 public void setNtlmProviderFqcn( String fqcnProvider ) 051 { 052 this.providerFqcn = fqcnProvider; 053 } 054 055 056 public SaslServer handleMechanism( LdapSession ldapSession, BindRequest bindRequest ) throws Exception 057 { 058 SaslServer ss = ( SaslServer ) ldapSession.getSaslProperty( SaslConstants.SASL_SERVER ); 059 060 if ( ss == null ) 061 { 062 if ( provider == null ) 063 { 064 initProvider(); 065 } 066 067 ss = new NtlmSaslServer( provider, bindRequest, ldapSession, ldapSession.getLdapServer() 068 .getDirectoryService().getAdminSession() ); 069 ldapSession.putSaslProperty( SaslConstants.SASL_SERVER, ss ); 070 } 071 072 return ss; 073 } 074 075 076 private void initProvider() throws Exception 077 { 078 provider = ( NtlmProvider ) Class.forName( providerFqcn ).newInstance(); 079 } 080 081 082 /** 083 * {@inheritDoc} 084 */ 085 public void init( LdapSession ldapSession ) 086 { 087 // Store the host in the ldap session 088 String saslHost = ldapSession.getLdapServer().getSaslHost(); 089 ldapSession.putSaslProperty( SaslConstants.SASL_HOST, saslHost ); 090 } 091 092 093 /** 094 * Remove the Host, UserBaseDn, props and Mechanism property. 095 * 096 * @param ldapSession the LdapSession instance 097 */ 098 public void cleanup( LdapSession ldapSession ) 099 { 100 ldapSession.removeSaslProperty( SaslConstants.SASL_HOST ); 101 ldapSession.removeSaslProperty( SaslConstants.SASL_USER_BASE_DN ); 102 ldapSession.removeSaslProperty( SaslConstants.SASL_MECH ); 103 ldapSession.removeSaslProperty( SaslConstants.SASL_PROPS ); 104 ldapSession.removeSaslProperty( SaslConstants.SASL_AUTHENT_USER ); 105 } 106}