com.luigidragone.net.ntlm
Class NTLMAuthorizationHandler

java.lang.Object
  |
  +--com.luigidragone.net.ntlm.NTLMAuthorizationHandler
All Implemented Interfaces:
HTTPClient.AuthorizationHandler

public class NTLMAuthorizationHandler
extends java.lang.Object
implements HTTPClient.AuthorizationHandler

This is an NTLM protocol authorization module for HTTPClient.

NTLM is a Microsoft proprietary network authentication protocol used in many situations and HTTPClient is a versatile and extendible component for implementing HTTP client applications.

This class relies on NTLM class and on HTTPClient package. It also requires a JCE compliant library (e.g., Cryptix JCE) that implements MD4 and DES algorithms.

To perform an authentication the following information are needed: Alternatively, the user password can be replaced with its Lan Manager and NT hashed versions. On a Windows system these can be collected in the registry (with a bit of JNI, so), otherwise can be extracted from a SAMBA password file.
Notice that the host and user domain could not be the same.

Use these data as argument to class constructor to create a new authorization object:

     HTTPClient.AuthorizationHandler ntlm = new NTLMAuthorizationHandler(host, hostDomain, user,
       userDomain, password);
     HTTPClient.AuthorizationInfo.setAuthHandler(ntlm);
 
If the client is behind a proxy server, set accordingly the system properties http.proxyHost and http.proxyPort. The authorization handler must be set before opening any connection, thus it could be done in a (static or instance) initializer or in a constructor. After the setting of the authorization handler HTTP connections can be used as usual.
It is also possibile store authentication information in the following system properties:

Version:
1.0.2
Author:
Luigi Dragone (luigi@luigidragone.com)
See Also:
NTLM Authentication Scheme for HTTP, HTTPClient, Hypertext Transfer Protocol -- HTTP/1.1, HTTP Authentication: Basic and Digest Access Authentication


Constructor Summary
NTLMAuthorizationHandler()
           Build an NTLM authorization handler for the authentication credentials specified by system properties.
NTLMAuthorizationHandler(java.lang.String host, java.lang.String hostDomain, java.lang.String user, java.lang.String userDomain, byte[] lmPassword, byte[] ntPassword)
           Build an NTLM authorization handler for the specified authentication credentials.
NTLMAuthorizationHandler(java.lang.String host, java.lang.String hostDomain, java.lang.String user, java.lang.String userDomain, java.lang.String password)
           Build an NTLM authorization handler for the specified authentication credentials.
 
Method Summary
 HTTPClient.AuthorizationInfo fixupAuthInfo(HTTPClient.AuthorizationInfo parm1, HTTPClient.RoRequest parm2, HTTPClient.AuthorizationInfo parm3, HTTPClient.RoResponse parm4)
           
 HTTPClient.AuthorizationInfo getAuthorization(HTTPClient.AuthorizationInfo parm1, HTTPClient.RoRequest parm2, HTTPClient.RoResponse parm3)
           
 void handleAuthHeaders(HTTPClient.Response parm1, HTTPClient.RoRequest parm2, HTTPClient.AuthorizationInfo parm3, HTTPClient.AuthorizationInfo parm4)
           
 void handleAuthTrailers(HTTPClient.Response parm1, HTTPClient.RoRequest parm2, HTTPClient.AuthorizationInfo parm3, HTTPClient.AuthorizationInfo parm4)
           
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

NTLMAuthorizationHandler

public NTLMAuthorizationHandler()
                         throws java.lang.IllegalArgumentException,
                                javax.crypto.NoSuchPaddingException,
                                java.security.NoSuchAlgorithmException

Build an NTLM authorization handler for the authentication credentials specified by system properties.

To specify the authentication information set accordingly the following properties:

Throws:
java.lang.IllegalArgumentException - if a required property is undefined
javax.crypto.NoSuchPaddingException - if there isn't any suitable padding method
java.security.NoSuchAlgorithmException - if there isn't any suitable cipher algorithm

NTLMAuthorizationHandler

public NTLMAuthorizationHandler(java.lang.String host,
                                java.lang.String hostDomain,
                                java.lang.String user,
                                java.lang.String userDomain,
                                byte[] lmPassword,
                                byte[] ntPassword)
                         throws java.lang.IllegalArgumentException

Build an NTLM authorization handler for the specified authentication credentials.

All the arguments are mandatory (null value are not allowed).

Parameters:
host - the name of the host that is authenticating
hostDomain - the name of the domain to which the host belongs
user - the name of the user
userDomain - the name of the domain to which the user belongs
lmPassword - a 16-bytes array containing the Lan Manager hashed password
ntPassword - a 16-bytes array containing the NT hashed password
Throws:
java.lang.IllegalArgumentException - if a supplied argument is invalid

NTLMAuthorizationHandler

public NTLMAuthorizationHandler(java.lang.String host,
                                java.lang.String hostDomain,
                                java.lang.String user,
                                java.lang.String userDomain,
                                java.lang.String password)
                         throws java.lang.IllegalArgumentException,
                                javax.crypto.NoSuchPaddingException,
                                java.security.NoSuchAlgorithmException

Build an NTLM authorization handler for the specified authentication credentials.

All the arguments are mandatory (null value are not allowed).

Parameters:
host - the name of the host that is authenticating
hostDomain - the name of the domain to which the host belongs
user - the name of the user
userDomain - the name of the domain to which the user belongs
password - the user's password
Throws:
java.lang.IllegalArgumentException - if a supplied argument is invalid
javax.crypto.NoSuchPaddingException - if there isn't any suitable padding method
java.security.NoSuchAlgorithmException - if there isn't any suitable cipher algorithm
Method Detail

getAuthorization

public HTTPClient.AuthorizationInfo getAuthorization(HTTPClient.AuthorizationInfo parm1,
                                                     HTTPClient.RoRequest parm2,
                                                     HTTPClient.RoResponse parm3)
                                              throws HTTPClient.AuthSchemeNotImplException,
                                                     java.io.IOException
Specified by:
getAuthorization in interface HTTPClient.AuthorizationHandler
HTTPClient.AuthSchemeNotImplException
java.io.IOException

fixupAuthInfo

public HTTPClient.AuthorizationInfo fixupAuthInfo(HTTPClient.AuthorizationInfo parm1,
                                                  HTTPClient.RoRequest parm2,
                                                  HTTPClient.AuthorizationInfo parm3,
                                                  HTTPClient.RoResponse parm4)
                                           throws HTTPClient.AuthSchemeNotImplException,
                                                  java.io.IOException
Specified by:
fixupAuthInfo in interface HTTPClient.AuthorizationHandler
HTTPClient.AuthSchemeNotImplException
java.io.IOException

handleAuthHeaders

public void handleAuthHeaders(HTTPClient.Response parm1,
                              HTTPClient.RoRequest parm2,
                              HTTPClient.AuthorizationInfo parm3,
                              HTTPClient.AuthorizationInfo parm4)
                       throws java.io.IOException
Specified by:
handleAuthHeaders in interface HTTPClient.AuthorizationHandler
java.io.IOException

handleAuthTrailers

public void handleAuthTrailers(HTTPClient.Response parm1,
                               HTTPClient.RoRequest parm2,
                               HTTPClient.AuthorizationInfo parm3,
                               HTTPClient.AuthorizationInfo parm4)
                        throws java.io.IOException
Specified by:
handleAuthTrailers in interface HTTPClient.AuthorizationHandler
java.io.IOException