BaseNTLMAuthenticationFilter (Alfresco Remote API 6.20-stackTrace API)

java.lang.Object
- org.alfresco.repo.webdav.auth.BaseAuthenticationFilter
- - org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter
  - - org.alfresco.repo.webdav.auth.BaseNTLMAuthenticationFilter

All Implemented Interfaces:

org.alfresco.repo.management.subsystems.ActivateableBean, DependencyInjectedFilter, AuthenticationDriver, org.springframework.beans.factory.InitializingBean

Direct Known Subclasses:

NTLMAuthenticationFilter
```
public abstract class BaseNTLMAuthenticationFilter
extends BaseSSOAuthenticationFilter
```
Base class with common code and initialisation for NTLM authentication filters.

Field Summary

Fields
Modifier and Type	Field and Description
`protected static String`	`AUTH_NTLM`
`protected static String`	`AUTHORIZATION`
`static String`	`NTLM_AUTH_DETAILS`
`static String`	`NTLM_AUTH_SESSION`
`protected static String`	`WWW_AUTHENTICATE`

Fields inherited from class org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter
loginPageLink, MIME_HTML_TEXT

Fields inherited from class org.alfresco.repo.webdav.auth.BaseAuthenticationFilter
ARG_TICKET, AUTHENTICATION_USER, authenticationComponent, authenticationListener, authenticationService, NO_AUTH_REQUIRED, nodeService, personService, remoteUserMapper, transactionService

Fields inherited from interface org.alfresco.repo.webdav.auth.AuthenticationDriver
AUTHENTICATION_USER

Constructor Summary

Constructors
Constructor and Description

BaseNTLMAuthenticationFilter()

Constructors
Constructor and Description
`BaseNTLMAuthenticationFilter()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`boolean`	`authenticateRequest(javax.servlet.ServletContext context, javax.servlet.http.HttpServletRequest sreq, javax.servlet.http.HttpServletResponse sresp)` Authenticate user based on information in http request such as Authorization header or cached session information.
`protected boolean`	`checkNTLMv1(String md4hash, byte[] challenge, org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg, boolean checkLMHash)` Perform an NTLMv1 hashed password check
`protected boolean`	`checkNTLMv2(String md4hash, byte[] challenge, org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg)` Perform an NTLMv2 check
`protected boolean`	`checkNTLMv2SessionKey(String md4hash, byte[] challenge, org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg)` Perform an NTLMv2 session key check
`protected void`	`disableNTLMv2()` Disable NTLMv2 support, must be called from the implementation constructor
`protected String`	`getMD4Hash(String userName)` Get the stored MD4 hashed password for the user, or null if the user does not exist
`protected void`	`init()` Initializes the filter.
`protected void`	`processType1(org.alfresco.jlan.server.auth.ntlm.Type1NTLMMessage type1Msg, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res)` Process a type 1 NTLM message
`protected boolean`	`processType3(org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg, javax.servlet.ServletContext context, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res)` Process a type 3 NTLM message
`void`	`restartLoginChallenge(javax.servlet.ServletContext context, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res)` Restart the NTLM logon process
`void`	`setMapUnknownUserToGuest(boolean mapUnknownUserToGuest)`
`protected boolean`	`validateLocalHashedPassword(org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg, org.alfresco.jlan.server.auth.ntlm.NTLMLogonDetails ntlmDetails, boolean authenticated, String md4hash)` Validate the MD4 hash against local password

Methods inherited from class org.alfresco.repo.webdav.auth.BaseAuthenticationFilter
createUserEnvironment, createUserEnvironment, createUserObject, doInSystemTransaction, getLogger, getSessionUser, getUserAttributeName, handleLoginForm, invalidateSession, setAuthenticationComponent, setAuthenticationListener, setAuthenticationService, setNodeService, setPersonService, setRemoteUserMapper, setTransactionService, setUserAttributeName

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

NTLM_AUTH_SESSION

public static final String NTLM_AUTH_SESSION

See Also:: Constant Field Values

NTLM_AUTH_DETAILS

public static final String NTLM_AUTH_DETAILS

See Also:: Constant Field Values

WWW_AUTHENTICATE

protected static final String WWW_AUTHENTICATE

See Also:: Constant Field Values

AUTHORIZATION

protected static final String AUTHORIZATION

See Also:: Constant Field Values

AUTH_NTLM

protected static final String AUTH_NTLM

See Also:: Constant Field Values

Constructor Detail
- BaseNTLMAuthenticationFilter
```
public BaseNTLMAuthenticationFilter()
```

Method Detail

setMapUnknownUserToGuest
```
public void setMapUnknownUserToGuest(boolean mapUnknownUserToGuest)
```
Parameters:

mapUnknownUserToGuest - should an unknown user be mapped to guest?

init
```
protected void init()
             throws javax.servlet.ServletException
```
Description copied from class: BaseSSOAuthenticationFilter

Initializes the filter. Only called if the filter is active, as indicated by BaseSSOAuthenticationFilter.isActive(). Subclasses should override.

Overrides:

init in class BaseSSOAuthenticationFilter

Throws:

javax.servlet.ServletException

authenticateRequest

public boolean authenticateRequest(javax.servlet.ServletContext context,
                                   javax.servlet.http.HttpServletRequest sreq,
                                   javax.servlet.http.HttpServletResponse sresp)
                            throws IOException,
                                   javax.servlet.ServletException

Description copied from interface: AuthenticationDriver

Authenticate user based on information in http request such as Authorization header or cached session information.

Parameters:: context - the context; sreq - http request; sresp - http response
Returns:: true if authentication was successful
Throws:: IOException; javax.servlet.ServletException

processType1

protected void processType1(org.alfresco.jlan.server.auth.ntlm.Type1NTLMMessage type1Msg,
                            javax.servlet.http.HttpServletRequest req,
                            javax.servlet.http.HttpServletResponse res)
                     throws IOException

Process a type 1 NTLM message

Parameters:: type1Msg - Type1NTLMMessage; req - HttpServletRequest; res - HttpServletResponse
Throws:: IOException

processType3

protected boolean processType3(org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg,
                               javax.servlet.ServletContext context,
                               javax.servlet.http.HttpServletRequest req,
                               javax.servlet.http.HttpServletResponse res)
                        throws IOException,
                               javax.servlet.ServletException

Process a type 3 NTLM message

Parameters:: type3Msg - Type3NTLMMessage; req - HttpServletRequest; res - HttpServletResponse
Throws:: IOException; javax.servlet.ServletException

validateLocalHashedPassword

protected boolean validateLocalHashedPassword(org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg,
                                              org.alfresco.jlan.server.auth.ntlm.NTLMLogonDetails ntlmDetails,
                                              boolean authenticated,
                                              String md4hash)

Validate the MD4 hash against local password

Parameters:: type3Msg - Type3NTLMMessage; ntlmDetails - NTLMLogonDetails; authenticated - boolean; md4hash - String
Returns:: true if password hash is valid, false otherwise

checkNTLMv1

protected final boolean checkNTLMv1(String md4hash,
                                    byte[] challenge,
                                    org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg,
                                    boolean checkLMHash)

Perform an NTLMv1 hashed password check

Parameters:: md4hash - String; challenge - byte[]; type3Msg - Type3NTLMMessage; checkLMHash - boolean
Returns:: boolean

checkNTLMv2

protected final boolean checkNTLMv2(String md4hash,
                                    byte[] challenge,
                                    org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg)

Perform an NTLMv2 check

Parameters:: md4hash - String; challenge - byte[]; type3Msg - Type3NTLMMessage
Returns:: boolean

checkNTLMv2SessionKey

protected final boolean checkNTLMv2SessionKey(String md4hash,
                                              byte[] challenge,
                                              org.alfresco.jlan.server.auth.ntlm.Type3NTLMMessage type3Msg)

Perform an NTLMv2 session key check

Parameters:: md4hash - String; challenge - byte[]; type3Msg - Type3NTLMMessage
Returns:: boolean

getMD4Hash
```
protected String getMD4Hash(String userName)
```
Get the stored MD4 hashed password for the user, or null if the user does not exist

Parameters:

userName - String

Returns:

MD4 hash or null

restartLoginChallenge

public void restartLoginChallenge(javax.servlet.ServletContext context,
                                  javax.servlet.http.HttpServletRequest req,
                                  javax.servlet.http.HttpServletResponse res)
                           throws IOException

Restart the NTLM logon process

Parameters:: context - ServletContext; req - HttpServletRequest; res - SessHttpServletResponse
Throws:: IOException

disableNTLMv2
```
protected final void disableNTLMv2()
```
Disable NTLMv2 support, must be called from the implementation constructor

Class BaseNTLMAuthenticationFilter

Field Summary

Fields inherited from class org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter

Fields inherited from class org.alfresco.repo.webdav.auth.BaseAuthenticationFilter

Fields inherited from interface org.alfresco.repo.webdav.auth.AuthenticationDriver

Constructor Summary

Method Summary

Methods inherited from class org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter

Methods inherited from class org.alfresco.repo.webdav.auth.BaseAuthenticationFilter

Methods inherited from class java.lang.Object