jcifs.ntlmssp.Type3Message Java Examples

The following examples show how to use jcifs.ntlmssp.Type3Message. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: NtlmTest.java    From jcifs with GNU Lesser General Public License v2.1 6 votes vote down vote up
@Test
public void testParsingType3 () throws IOException {

    int flags = 0;
    byte[] lmResponse = new byte[] {
        0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x9, 0xA, 0xB, 0xC, 0xD, 0xE, 0xF
    };
    byte[] ntResponse = new byte[] {
        0xF, 0xE, 0xD, 0xC, 0xB, 0xA, 0x9, 0x8, 0x7, 0x6, 0x5, 0x4, 0x3, 0x2, 0x1, 0x0
    };
    String domain = "TESTDOM";
    String user = "TESTUSER";
    String workstation = "TESTWS";
    Type3Message t3 = new Type3Message(flags, lmResponse, ntResponse, domain, user, workstation);

    Type3Message parsed = new Type3Message(t3.toByteArray());

    assertEquals(domain, parsed.getDomain());
    assertEquals(user, parsed.getUser());
    assertEquals(workstation, parsed.getWorkstation());

    assertArrayEquals(lmResponse, parsed.getLMResponse());
    assertArrayEquals(ntResponse, parsed.getNTResponse());
}
 
Example #2
Source File: NtlmTest.java    From jcifs-ng with GNU Lesser General Public License v2.1 6 votes vote down vote up
@Test
public void testParsingType3 () throws IOException {

    int flags = 0;
    byte[] lmResponse = new byte[] {
        0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x9, 0xA, 0xB, 0xC, 0xD, 0xE, 0xF
    };
    byte[] ntResponse = new byte[] {
        0xF, 0xE, 0xD, 0xC, 0xB, 0xA, 0x9, 0x8, 0x7, 0x6, 0x5, 0x4, 0x3, 0x2, 0x1, 0x0
    };
    String domain = "TESTDOM";
    String user = "TESTUSER";
    String workstation = "TESTWS";
    Type3Message t3 = new Type3Message(flags, lmResponse, ntResponse, domain, user, workstation);

    Type3Message parsed = new Type3Message(t3.toByteArray());

    assertEquals(domain, parsed.getDomain());
    assertEquals(user, parsed.getUser());
    assertEquals(workstation, parsed.getWorkstation());

    assertArrayEquals(lmResponse, parsed.getLMResponse());
    assertArrayEquals(ntResponse, parsed.getNTResponse());
}
 
Example #3
Source File: NTLMSchemeFactory.java    From pushfish-android with BSD 2-Clause "Simplified" License 4 votes vote down vote up
public String generateType3Msg(String username, String password, String domain, String workstation, String challenge) throws NTLMEngineException {
    Type2Message type2Message = decodeType2Message(challenge);
    Type3Message type3Message = new Type3Message(type2Message, password, domain, username, workstation, Type3Message.getDefaultFlags());
    return Base64.encode(type3Message.toByteArray());
}
 
Example #4
Source File: NTLMSchemeFactory.java    From pushfish-android with BSD 2-Clause "Simplified" License 4 votes vote down vote up
public String generateType3Msg(String username, String password, String domain, String workstation, String challenge) throws NTLMEngineException {
    Type2Message type2Message = decodeType2Message(challenge);
    Type3Message type3Message = new Type3Message(type2Message, password, domain, username, workstation, Type3Message.getDefaultFlags());
    return Base64.encode(type3Message.toByteArray());
}
 
Example #5
Source File: NtlmAuthenticationHandler.java    From springboot-shiro-cas-mybatis with MIT License 4 votes vote down vote up
@Override
protected final HandlerResult doAuthentication(
        final Credential credential) throws GeneralSecurityException, PreventedException {

    final SpnegoCredential ntlmCredential = (SpnegoCredential) credential;
    final byte[] src = ntlmCredential.getInitToken();

    UniAddress dc = null;

    boolean success = false;
    try {
        if (this.loadBalance) {
            // find the first dc that matches the includepattern
            if (this.includePattern != null) {
                final NbtAddress[] dcs= NbtAddress.getAllByName(this.domainController, NBT_ADDRESS_TYPE, null, null);
                for (final NbtAddress dc2 : dcs) {
                    if(dc2.getHostAddress().matches(this.includePattern)){
                        dc = new UniAddress(dc2);
                        break;
                    }
                }
            } else {
                dc = new UniAddress(NbtAddress.getByName(this.domainController, NBT_ADDRESS_TYPE, null));
            }
        } else {
            dc = UniAddress.getByName(this.domainController, true);
        }
        final byte[] challenge = SmbSession.getChallenge(dc);

        switch (src[NTLM_TOKEN_TYPE_FIELD_INDEX]) {
            case NTLM_TOKEN_TYPE_ONE:
                logger.debug("Type 1 received");
                final Type1Message type1 = new Type1Message(src);
                final Type2Message type2 = new Type2Message(type1,
                        challenge, null);
                logger.debug("Type 2 returned. Setting next token.");
                ntlmCredential.setNextToken(type2.toByteArray());
                break;
            case NTLM_TOKEN_TYPE_THREE:
                logger.debug("Type 3 received");
                final Type3Message type3 = new Type3Message(src);
                final byte[] lmResponse = type3.getLMResponse() == null ? new byte[0] : type3.getLMResponse();
                final byte[] ntResponse = type3.getNTResponse() == null ? new byte[0] : type3.getNTResponse();
                final NtlmPasswordAuthentication ntlm = new NtlmPasswordAuthentication(
                        type3.getDomain(), type3.getUser(), challenge,
                        lmResponse, ntResponse);
                logger.debug("Trying to authenticate {} with domain controller", type3.getUser());
                try {
                    SmbSession.logon(dc, ntlm);
                    ntlmCredential.setPrincipal(this.principalFactory.createPrincipal(type3.getUser()));
                    success = true;
                } catch (final SmbAuthException sae) {
                    throw new FailedLoginException(sae.getMessage());
                }
                break;
            default:
                logger.debug("Unknown type: {}", src[NTLM_TOKEN_TYPE_FIELD_INDEX]);
        }
    } catch (final Exception e) {
        throw new FailedLoginException(e.getMessage());
    }

    if (!success) {
        throw new FailedLoginException();
    }
    return new DefaultHandlerResult(this, new BasicCredentialMetaData(ntlmCredential), ntlmCredential.getPrincipal());
}
 
Example #6
Source File: NtlmAuthenticationHandler.java    From cas4.0.x-server-wechat with Apache License 2.0 4 votes vote down vote up
@Override
protected final HandlerResult doAuthentication(
        final Credential credential) throws GeneralSecurityException, PreventedException {

    final SpnegoCredential ntlmCredential = (SpnegoCredential) credential;
    final byte[] src = ntlmCredential.getInitToken();

    UniAddress dc = null;

    boolean success = false;
    try {
        if (this.loadBalance) {
            // find the first dc that matches the includepattern
            if(this.includePattern != null){
                NbtAddress [] dcs  = NbtAddress.getAllByName(this.domainController, 0x1C, null, null);
                for (NbtAddress dc2 : dcs) {
                    if(dc2.getHostAddress().matches(this.includePattern)){
                        dc = new UniAddress(dc2);
                        break;
                    }
                }
            } else {
                dc = new UniAddress(NbtAddress.getByName(this.domainController,
                        0x1C, null));
            }
        } else {
            dc = UniAddress.getByName(this.domainController, true);
        }
        final byte[] challenge = SmbSession.getChallenge(dc);

        switch (src[8]) {
            case 1:
                logger.debug("Type 1 received");
                final Type1Message type1 = new Type1Message(src);
                final Type2Message type2 = new Type2Message(type1,
                        challenge, null);
                logger.debug("Type 2 returned. Setting next token.");
                ntlmCredential.setNextToken(type2.toByteArray());
            case 3:
                logger.debug("Type 3 received");
                final Type3Message type3 = new Type3Message(src);
                final byte[] lmResponse = type3.getLMResponse() == null ? new byte[0] : type3.getLMResponse();
                byte[] ntResponse = type3.getNTResponse() == null ? new byte[0] : type3.getNTResponse();
                final NtlmPasswordAuthentication ntlm = new NtlmPasswordAuthentication(
                        type3.getDomain(), type3.getUser(), challenge,
                        lmResponse, ntResponse);
                logger.debug("Trying to authenticate {} with domain controller", type3.getUser());
                try {
                    SmbSession.logon(dc, ntlm);
                    ntlmCredential.setPrincipal(new SimplePrincipal(type3.getUser()));
                    success = true;
                } catch (final SmbAuthException sae) {
                    throw new FailedLoginException(sae.getMessage());
                }
            default:
                logger.debug("Unknown type: {}", src[8]);
        }
    } catch (final Exception e) {
        throw new FailedLoginException(e.getMessage());
    }

    if (!success) {
        throw new FailedLoginException();
    }
    return new HandlerResult(this, new BasicCredentialMetaData(ntlmCredential), ntlmCredential.getPrincipal());
}
 
Example #7
Source File: NtlmSsp.java    From jcifs with GNU Lesser General Public License v2.1 4 votes vote down vote up
/**
 * Performs NTLM authentication for the servlet request.
 * 
 * @param tc
 *            context to use
 *
 * @param req
 *            The request being serviced.
 * @param resp
 *            The response.
 * @param challenge
 *            The domain controller challenge.
 * @return credentials passed in the servlet request
 * @throws IOException
 *             If an IO error occurs.
 */
public static NtlmPasswordAuthentication authenticate ( CIFSContext tc, HttpServletRequest req, HttpServletResponse resp, byte[] challenge )
        throws IOException {
    String msg = req.getHeader("Authorization");
    if ( msg != null && msg.startsWith("NTLM ") ) {
        byte[] src = Base64.decode(msg.substring(5));
        if ( src[ 8 ] == 1 ) {
            Type1Message type1 = new Type1Message(src);
            Type2Message type2 = new Type2Message(tc, type1, challenge, null);
            msg = new String(Base64.encode(type2.toByteArray()), "US-ASCII");
            resp.setHeader("WWW-Authenticate", "NTLM " + msg);
        }
        else if ( src[ 8 ] == 3 ) {
            Type3Message type3 = new Type3Message(src);
            byte[] lmResponse = type3.getLMResponse();
            if ( lmResponse == null )
                lmResponse = new byte[0];
            byte[] ntResponse = type3.getNTResponse();
            if ( ntResponse == null )
                ntResponse = new byte[0];
            return new NtlmPasswordAuthentication(type3.getDomain(), type3.getUser(), challenge, lmResponse, ntResponse);
        }
    }
    else {
        resp.setHeader("WWW-Authenticate", "NTLM");
    }
    resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
    resp.setContentLength(0);
    resp.flushBuffer();
    return null;
}
 
Example #8
Source File: NtlmSsp.java    From jcifs-ng with GNU Lesser General Public License v2.1 4 votes vote down vote up
/**
 * Performs NTLM authentication for the servlet request.
 * 
 * @param tc
 *            context to use
 *
 * @param req
 *            The request being serviced.
 * @param resp
 *            The response.
 * @param challenge
 *            The domain controller challenge.
 * @return credentials passed in the servlet request
 * @throws IOException
 *             If an IO error occurs.
 */
public static NtlmPasswordAuthentication authenticate ( CIFSContext tc, HttpServletRequest req, HttpServletResponse resp, byte[] challenge )
        throws IOException {
    String msg = req.getHeader("Authorization");
    if ( msg != null && msg.startsWith("NTLM ") ) {
        byte[] src = Base64.decode(msg.substring(5));
        if ( src[ 8 ] == 1 ) {
            Type1Message type1 = new Type1Message(src);
            Type2Message type2 = new Type2Message(tc, type1, challenge, null);
            msg = new String(Base64.encode(type2.toByteArray()), "US-ASCII");
            resp.setHeader("WWW-Authenticate", "NTLM " + msg);
        }
        else if ( src[ 8 ] == 3 ) {
            Type3Message type3 = new Type3Message(src);
            byte[] lmResponse = type3.getLMResponse();
            if ( lmResponse == null )
                lmResponse = new byte[0];
            byte[] ntResponse = type3.getNTResponse();
            if ( ntResponse == null )
                ntResponse = new byte[0];
            return new NtlmPasswordAuthentication(type3.getDomain(), type3.getUser(), challenge, lmResponse, ntResponse);
        }
    }
    else {
        resp.setHeader("WWW-Authenticate", "NTLM");
    }
    resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
    resp.setContentLength(0);
    resp.flushBuffer();
    return null;
}
 
Example #9
Source File: NTLMSchemeFactory.java    From Pushjet-Android with BSD 2-Clause "Simplified" License 4 votes vote down vote up
public String generateType3Msg(String username, String password, String domain, String workstation, String challenge) throws NTLMEngineException {
    Type2Message type2Message = decodeType2Message(challenge);
    Type3Message type3Message = new Type3Message(type2Message, password, domain, username, workstation, Type3Message.getDefaultFlags());
    return Base64.encode(type3Message.toByteArray());
}
 
Example #10
Source File: NTLMSchemeFactory.java    From Pushjet-Android with BSD 2-Clause "Simplified" License 4 votes vote down vote up
public String generateType3Msg(String username, String password, String domain, String workstation, String challenge) throws NTLMEngineException {
    Type2Message type2Message = decodeType2Message(challenge);
    Type3Message type3Message = new Type3Message(type2Message, password, domain, username, workstation, Type3Message.getDefaultFlags());
    return Base64.encode(type3Message.toByteArray());
}