Class PassthruCifsAuthenticator

  • All Implemented Interfaces:
    org.alfresco.jlan.server.auth.ICifsAuthenticator, org.alfresco.jlan.server.SessionListener, ActivateableBean, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean

    public class PassthruCifsAuthenticator
    extends CifsAuthenticatorBase
    implements org.alfresco.jlan.server.SessionListener
    Passthru Authenticator Class

    Authenticate users accessing the CIFS server by validating the user against a domain controller or other server on the network.

    Author:
    GKSpencer
    • Field Summary

      Fields 
      Modifier and Type Field Description
      static int DefaultSessionTmo  
      static int MaxCheckInterval  
      static int MaxSessionTmo  
      static int MinCheckInterval  
      static int MinSessionTmo  
      static long PassthruKeepAliveInterval  
      • Fields inherited from class org.alfresco.jlan.server.auth.CifsAuthenticator

        GUEST_USERNAME, m_config, m_random
      • Fields inherited from interface org.alfresco.jlan.server.auth.ICifsAuthenticator

        AUTH_ACCDISABLED, AUTH_ALLOW, AUTH_BADPASSWORD, AUTH_BADUSER, AUTH_DISALLOW, AUTH_GUEST, AUTH_PASSEXPIRED, LANMAN, NoAccess, NTLM1, NTLM2, ReadOnly, SHARE_MODE, STANDARD_CHALLENGE_LEN, STANDARD_PASSWORD_LEN, USER_MODE, Writeable
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      int authenticateShareConnect​(org.alfresco.jlan.server.auth.ClientInfo client, org.alfresco.jlan.server.core.SharedDevice share, java.lang.String sharePwd, org.alfresco.jlan.server.SrvSession sess)
      Authenticate the connection to a particular share, called when the SMB server is in share security mode
      int authenticateUser​(org.alfresco.jlan.server.auth.ClientInfo client, org.alfresco.jlan.server.SrvSession sess, int alg)
      Authenticate a session setup by a user
      void closeAuthenticator()
      Close the authenticator, perform cleanup
      void generateNegotiateResponse​(org.alfresco.jlan.smb.server.SMBSrvSession sess, org.alfresco.jlan.smb.server.SMBSrvPacket respPkt, boolean extendedSecurity)
      Generate the CIFS negotiate response packet, the authenticator should add authentication specific fields to the response.
      org.alfresco.jlan.server.auth.AuthContext getAuthContext​(org.alfresco.jlan.smb.server.SMBSrvSession sess)
      Return an authentication context for the new session
      int getServerCapabilities()
      Return the server capability flags
      java.util.Hashtable<java.lang.String,​org.alfresco.jlan.server.auth.passthru.PassthruDetails> getSessions()  
      void initialize​(org.alfresco.jlan.server.config.ServerConfiguration config, org.springframework.extensions.config.ConfigElement params)
      Initialize the authenticator via the config service
      void processAlfrescoSessionSetup​(org.alfresco.jlan.smb.server.SMBSrvSession sess, org.alfresco.jlan.smb.server.SMBSrvPacket reqPkt)
      Process the CIFS session setup request packet and build the session setup response
      void processSessionSetup​(org.alfresco.jlan.smb.server.SMBSrvSession sess, org.alfresco.jlan.smb.server.SMBSrvPacket reqPkt)
      Process the CIFS session setup request packet and build the session setup response.
      void sessionClosed​(org.alfresco.jlan.server.SrvSession sess)
      SMB server session closed notification
      void sessionCreated​(org.alfresco.jlan.server.SrvSession sess)
      SMB server session created notification
      void sessionLoggedOn​(org.alfresco.jlan.server.SrvSession sess)
      User successfully logged on notification
      void setPassthruServers​(org.alfresco.jlan.server.auth.passthru.PassthruServers servers)  
      protected boolean validateAuthenticationMode()
      Validate that the authentication component supports the required mode.
      • Methods inherited from class org.alfresco.jlan.server.auth.CifsAuthenticator

        allowGuest, authenticateUserPlainText, convertPassword, generateEncryptedPassword, getAccessMode, getCIFSConfig, getEnabledDialects, getEncryptionKeyLength, getEncryptor, getGuestUserName, getsecurityConfig, getSecurityMode, getStatusAsString, getUserDetails, hasDebug, hasExtendedSecurity, hasSessionCleanup, mapClientAddressToDomain, mapUnknownUserToGuest, setAccessMode, setAllowGuest, setConfig, setDebug, setExtendedSecurity, setGuestUserName, setMapToGuest, setSecurityMode, setSessionCleanup, toString, validatePassword
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
    • Constructor Detail

      • PassthruCifsAuthenticator

        public PassthruCifsAuthenticator()
        Passthru Authenticator Constructor

        Default to user mode security with encrypted password support.

    • Method Detail

      • getSessions

        public java.util.Hashtable<java.lang.String,​org.alfresco.jlan.server.auth.passthru.PassthruDetails> getSessions()
      • setPassthruServers

        public void setPassthruServers​(org.alfresco.jlan.server.auth.passthru.PassthruServers servers)
      • authenticateShareConnect

        public int authenticateShareConnect​(org.alfresco.jlan.server.auth.ClientInfo client,
                                            org.alfresco.jlan.server.core.SharedDevice share,
                                            java.lang.String sharePwd,
                                            org.alfresco.jlan.server.SrvSession sess)
        Authenticate the connection to a particular share, called when the SMB server is in share security mode
        Specified by:
        authenticateShareConnect in interface org.alfresco.jlan.server.auth.ICifsAuthenticator
        Overrides:
        authenticateShareConnect in class org.alfresco.jlan.server.auth.CifsAuthenticator
        Parameters:
        client - ClientInfo
        share - SharedDevice
        sharePwd - String
        sess - SrvSession
        Returns:
        int
      • authenticateUser

        public int authenticateUser​(org.alfresco.jlan.server.auth.ClientInfo client,
                                    org.alfresco.jlan.server.SrvSession sess,
                                    int alg)
        Authenticate a session setup by a user
        Specified by:
        authenticateUser in interface org.alfresco.jlan.server.auth.ICifsAuthenticator
        Overrides:
        authenticateUser in class org.alfresco.jlan.server.auth.CifsAuthenticator
        Parameters:
        client - ClientInfo
        sess - SrvSession
        alg - int
        Returns:
        int
      • getAuthContext

        public org.alfresco.jlan.server.auth.AuthContext getAuthContext​(org.alfresco.jlan.smb.server.SMBSrvSession sess)
        Return an authentication context for the new session
        Overrides:
        getAuthContext in class org.alfresco.jlan.server.auth.CifsAuthenticator
        Returns:
        AuthContext
      • generateNegotiateResponse

        public void generateNegotiateResponse​(org.alfresco.jlan.smb.server.SMBSrvSession sess,
                                              org.alfresco.jlan.smb.server.SMBSrvPacket respPkt,
                                              boolean extendedSecurity)
                                       throws org.alfresco.jlan.server.auth.AuthenticatorException
        Generate the CIFS negotiate response packet, the authenticator should add authentication specific fields to the response.
        Specified by:
        generateNegotiateResponse in interface org.alfresco.jlan.server.auth.ICifsAuthenticator
        Overrides:
        generateNegotiateResponse in class org.alfresco.jlan.server.auth.CifsAuthenticator
        Parameters:
        sess - SMBSrvSession
        respPkt - SMBSrvPacket
        extendedSecurity - boolean
        Throws:
        org.alfresco.jlan.server.auth.AuthenticatorException
      • processSessionSetup

        public void processSessionSetup​(org.alfresco.jlan.smb.server.SMBSrvSession sess,
                                        org.alfresco.jlan.smb.server.SMBSrvPacket reqPkt)
                                 throws org.alfresco.jlan.smb.server.SMBSrvException
        Process the CIFS session setup request packet and build the session setup response.

        This is the boundary between alfresco and JLAN. So is responsible for logging and ensuring that the exceptions are correct for JLAN.

        Specified by:
        processSessionSetup in interface org.alfresco.jlan.server.auth.ICifsAuthenticator
        Overrides:
        processSessionSetup in class org.alfresco.jlan.server.auth.CifsAuthenticator
        Parameters:
        sess - SMBSrvSession
        reqPkt - SMBSrvPacket
        Throws:
        org.alfresco.jlan.smb.server.SMBSrvException
      • processAlfrescoSessionSetup

        public void processAlfrescoSessionSetup​(org.alfresco.jlan.smb.server.SMBSrvSession sess,
                                                org.alfresco.jlan.smb.server.SMBSrvPacket reqPkt)
                                         throws org.alfresco.jlan.smb.server.SMBSrvException
        Process the CIFS session setup request packet and build the session setup response
        Parameters:
        sess - SMBSrvSession
        reqPkt - SMBSrvPacket
        Throws:
        org.alfresco.jlan.smb.server.SMBSrvException
      • initialize

        public void initialize​(org.alfresco.jlan.server.config.ServerConfiguration config,
                               org.springframework.extensions.config.ConfigElement params)
                        throws org.alfresco.jlan.server.config.InvalidConfigurationException
        Initialize the authenticator via the config service
        Overrides:
        initialize in class CifsAuthenticatorBase
        Parameters:
        config - ServerConfiguration
        params - ConfigElement
        Throws:
        org.alfresco.jlan.server.config.InvalidConfigurationException
      • getServerCapabilities

        public int getServerCapabilities()
        Return the server capability flags
        Specified by:
        getServerCapabilities in interface org.alfresco.jlan.server.auth.ICifsAuthenticator
        Overrides:
        getServerCapabilities in class org.alfresco.jlan.server.auth.CifsAuthenticator
        Returns:
        int
      • closeAuthenticator

        public void closeAuthenticator()
        Close the authenticator, perform cleanup
        Specified by:
        closeAuthenticator in interface org.alfresco.jlan.server.auth.ICifsAuthenticator
        Overrides:
        closeAuthenticator in class org.alfresco.jlan.server.auth.CifsAuthenticator
      • sessionClosed

        public void sessionClosed​(org.alfresco.jlan.server.SrvSession sess)
        SMB server session closed notification
        Specified by:
        sessionClosed in interface org.alfresco.jlan.server.SessionListener
        Parameters:
        sess - SrvSession
      • sessionCreated

        public void sessionCreated​(org.alfresco.jlan.server.SrvSession sess)
        SMB server session created notification
        Specified by:
        sessionCreated in interface org.alfresco.jlan.server.SessionListener
        Parameters:
        sess - SrvSession
      • sessionLoggedOn

        public void sessionLoggedOn​(org.alfresco.jlan.server.SrvSession sess)
        User successfully logged on notification
        Specified by:
        sessionLoggedOn in interface org.alfresco.jlan.server.SessionListener
        Parameters:
        sess - SrvSession