[jcifs] Alternative to jcifs.http.NtlmHttpFilter

Michael Piscatello mpiscatello at directvinternet.com
Wed Oct 16 22:20:57 EST 2002


Mike,

Thanks! RSN? I did try to adapt it, but it does not bring up the NTLM
challenge box. It returns, null and then after refreshing, brings back the
credentials, But I need the pop-up. Here is my code.

Thanks,


Mike


import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import jcifs.UniAddress;
import jcifs.netbios.NbtAddress;
import jcifs.smb.SmbSession;
import jcifs.util.Base64;
import jcifs.http.NtlmHttpSession;

public class jcifstest extends HttpServlet {

    public void doPost(
        javax.servlet.http.HttpServletRequest request,
        javax.servlet.http.HttpServletResponse response)
        throws javax.servlet.ServletException, java.io.IOException {

        PrintWriter out = response.getWriter();
        ServletContext context = getServletContext();
        String domainController = "192.168.1.102";
        String domain = "HOMEDOM";
        boolean debug = true;
        HttpServletRequest req;
        HttpServletResponse resp;
        HttpSession ssn;
        NtlmHttpSession ntlm;
        String msg;
        byte[] src;

        try {
            req = (HttpServletRequest) request;
            resp = (HttpServletResponse) response;

            ssn = req.getSession(); /* Retrive the NTLM session
            */
            ntlm = (NtlmHttpSession) ssn.getAttribute("NtlmHttpSession");
            msg = req.getHeader("Authorization");

            if (msg == null || msg.startsWith("NTLM ") == false) {
                resp.reset();
                resp.setContentLength(0);
                resp.setHeader("WWW-Authenticate", "NTLM");
                resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
                resp.flushBuffer();
                return;
            }

            src = Base64.decode(msg.substring(5));

            if (src[8] == 1) {
                String svr;
                byte[] dst = new byte[40];

                ntlm = new NtlmHttpSession();
                /* Message 1
                 */
                ntlm.decodeType1Message(src);
                ssn.setAttribute("ntlmworkgroup", ntlm.domain);

                /* If a "Domain Contoller" IP was not specified try and
lookup
                 * a real domain controller using jcifs.smb.client.domain
                 */
                if ((svr = domainController) == null) {
                    svr = domain != null ? domain : ntlm.domain;
                    svr = NbtAddress.getByName(svr, 0x1c,
null).getHostAddress();
                }

                ntlm.domainController = UniAddress.getByName(svr);
                ntlm.challenge =
SmbSession.getChallenge(ntlm.domainController);

                /* Message 2
                 */
                msg = Base64.encodeBytes(dst, 0,
ntlm.encodeType2Message(dst));

                /* Save NTLM session in HTTP session
                 */
                ssn.setAttribute("NtlmHttpSession", ntlm);

                resp.reset();
                resp.setContentLength(0);
                resp.setHeader("WWW-Authenticate", "NTLM " + msg);
                resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
                resp.flushBuffer();
                return;
            } else
                if (src[8] == 3) { /* Message 3
                */
                   
ntlm.decodeType3Message(Base64.decode(msg.substring(5)));
                } else {
                    throw new ServletException("NTLM HTTP Authentication
message invalid");
                }

            SmbSession.logon(ntlm.domainController, ntlm.auth);

            ssn.setAttribute("ntlmdomain", ntlm.domain);
            ssn.setAttribute("ntlmuser", ntlm.user);
            ssn.setAttribute("ntlmhost", ntlm.host);

            if (debug) {
                context.log(
                    "NTLM HTTP Autentication successfull: "
                        + ntlm.domain
                        + "\\"
                        + ntlm.user
                        + "@"
                        + ntlm.host);
            }
            out.print("ntdomain: " + ssn.getAttribute("ntlmdomain"));
        } catch (Exception e) {
            out.print("An Error has occured: " + e.getMessage());
        }

    }

    public void doGet(
        javax.servlet.http.HttpServletRequest request,
        javax.servlet.http.HttpServletResponse response)
        throws javax.servlet.ServletException, java.io.IOException {
        doPost(request, response);
    }

}

On 10/15/02 9:55 PM, "Allen, Michael B (RSCH)" <Michael_B_Allen at ml.com>
wrote:

> The code is pretty simple. I don't think it would be hard to adapt it.
> Actually
> the current code is somewhat flawed and more complicated than it needs to
> be. The 0.7.0b4 package will be released RSN. Look at that.
> 
>> -----Original Message-----
>> From:    Michael Piscatello [SMTP:mpiscatello at directvinternet.com]
>> Sent:    Tuesday, October 15, 2002 9:53 PM
>> To:    jcifs at lists.samba.org
>> Subject:    [jcifs] Alternative to jcifs.http.NtlmHttpFilter
>> 
>> Help! I need the functionality of the NtlmHttpFilter but I am stuck with a
>> 2.2 Servlet spec app server (Websphere) Has anyone replicated the
>> functionality of the NtlmHttpFilter in a servlet?
>> 
>> Thanks
>> 
>> Mike
>> 
> 
> 




More information about the jcifs mailing list