Source code

001/*
002 *  Licensed to the Apache Software Foundation (ASF) under one
003 *  or more contributor license agreements.  See the NOTICE file
004 *  distributed with this work for additional information
005 *  regarding copyright ownership.  The ASF licenses this file
006 *  to you under the Apache License, Version 2.0 (the
007 *  "License"); you may not use this file except in compliance
008 *  with the License.  You may obtain a copy of the License at
009 *
010 *    http://www.apache.org/licenses/LICENSE-2.0
011 *
012 *  Unless required by applicable law or agreed to in writing,
013 *  software distributed under the License is distributed on an
014 *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015 *  KIND, either express or implied.  See the License for the
016 *  specific language governing permissions and limitations
017 *  under the License.
018 *
019 */
020package org.apache.directory.server.ldap.handlers.sasl.ntlm;
021
022
023import javax.security.sasl.SaslServer;
024
025import org.apache.directory.api.ldap.model.message.BindRequest;
026import org.apache.directory.server.ldap.LdapSession;
027import org.apache.directory.server.ldap.handlers.sasl.AbstractMechanismHandler;
028import org.apache.directory.server.ldap.handlers.sasl.SaslConstants;
029
030
031/**
032 * A handler for the NTLM Sasl and GSS-SPNEGO mechanism. Note that both
033 * mechanisms require an NTLM mechanism provider which could be implemented
034 * using jCIFS or native Win32 system calls via a JNI wrapper.
035 *
036 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
037 */
038public class NtlmMechanismHandler extends AbstractMechanismHandler
039{
040    private String providerFqcn;
041    private NtlmProvider provider;
042
043
044    public void setNtlmProvider( NtlmProvider provider )
045    {
046        this.provider = provider;
047    }
048
049
050    public void setNtlmProviderFqcn( String fqcnProvider )
051    {
052        this.providerFqcn = fqcnProvider;
053    }
054
055
056    public SaslServer handleMechanism( LdapSession ldapSession, BindRequest bindRequest ) throws Exception
057    {
058        SaslServer ss = ( SaslServer ) ldapSession.getSaslProperty( SaslConstants.SASL_SERVER );
059
060        if ( ss == null )
061        {
062            if ( provider == null )
063            {
064                initProvider();
065            }
066
067            ss = new NtlmSaslServer( provider, bindRequest, ldapSession, ldapSession.getLdapServer()
068                .getDirectoryService().getAdminSession() );
069            ldapSession.putSaslProperty( SaslConstants.SASL_SERVER, ss );
070        }
071
072        return ss;
073    }
074
075
076    private void initProvider() throws Exception
077    {
078        provider = ( NtlmProvider ) Class.forName( providerFqcn ).newInstance();
079    }
080
081
082    /**
083     * {@inheritDoc}
084     */
085    public void init( LdapSession ldapSession )
086    {
087        // Store the host in the ldap session
088        String saslHost = ldapSession.getLdapServer().getSaslHost();
089        ldapSession.putSaslProperty( SaslConstants.SASL_HOST, saslHost );
090    }
091
092
093    /**
094     * Remove the Host, UserBaseDn, props and Mechanism property.
095     * 
096     * @param ldapSession the LdapSession instance
097     */
098    public void cleanup( LdapSession ldapSession )
099    {
100        ldapSession.removeSaslProperty( SaslConstants.SASL_HOST );
101        ldapSession.removeSaslProperty( SaslConstants.SASL_USER_BASE_DN );
102        ldapSession.removeSaslProperty( SaslConstants.SASL_MECH );
103        ldapSession.removeSaslProperty( SaslConstants.SASL_PROPS );
104        ldapSession.removeSaslProperty( SaslConstants.SASL_AUTHENT_USER );
105    }
106}