Package org.alfresco.filesys.auth.cifs
Class EnterpriseCifsAuthenticator
- java.lang.Object
-
- org.alfresco.jlan.server.auth.CifsAuthenticator
-
- org.alfresco.filesys.auth.cifs.CifsAuthenticatorBase
-
- org.alfresco.filesys.auth.cifs.EnterpriseCifsAuthenticator
-
- All Implemented Interfaces:
CallbackHandler,org.alfresco.jlan.server.auth.ICifsAuthenticator,ActivateableBean,org.springframework.beans.factory.DisposableBean,org.springframework.beans.factory.InitializingBean
public class EnterpriseCifsAuthenticator extends CifsAuthenticatorBase implements CallbackHandler
Enterprise CIFS Authenticator ClassCIFS authenticator that supports NTLMSSP and Kerberos logins.
- Author:
- gkspencer
-
-
Field Summary
Fields Modifier and Type Field Description protected static org.apache.commons.logging.Loglogger-
Fields inherited from class org.alfresco.filesys.auth.cifs.CifsAuthenticatorBase
m_md4Encoder
-
Fields inherited from class org.alfresco.jlan.server.auth.CifsAuthenticator
GUEST_USERNAME, m_config, m_random
-
Fields inherited from interface org.alfresco.jlan.server.auth.ICifsAuthenticator
AUTH_ACCDISABLED, AUTH_ALLOW, AUTH_BADPASSWORD, AUTH_BADUSER, AUTH_DISALLOW, AUTH_GUEST, AUTH_PASSEXPIRED, LANMAN, NoAccess, NTLM1, NTLM2, ReadOnly, SHARE_MODE, STANDARD_CHALLENGE_LEN, STANDARD_PASSWORD_LEN, USER_MODE, Writeable
-
-
Constructor Summary
Constructors Constructor Description EnterpriseCifsAuthenticator()Class constructor
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidgenerateNegotiateResponse(org.alfresco.jlan.smb.server.SMBSrvSession sess, org.alfresco.jlan.smb.server.SMBSrvPacket respPkt, boolean extendedSecurity)Generate the CIFS negotiate response packet, the authenticator should add authentication specific fields to the response.intgetEncryptionKeyLength()Return the encryption key/challenge lengthintgetServerCapabilities()Return the server capability flagsvoidhandle(Callback[] callbacks)JAAS callback handlervoidinitialize()Initialize the authenticator (after properties have been set)voidinitialize(org.alfresco.jlan.server.config.ServerConfiguration config, org.springframework.extensions.config.ConfigElement params)Initialize the authenticator (via the config service)voidprocessSessionSetup(org.alfresco.jlan.smb.server.SMBSrvSession sess, org.alfresco.jlan.smb.server.SMBSrvPacket reqPkt)Process the CIFS session setup request packet and build the session setup response.voidsetDisableNTLM(boolean disableNTLM)voidsetDisallowNTLMv1(boolean disallowNTLMv1)voidsetEnableTicketCracking(boolean enaTktCracking)Enable Kerbeors ticket cracking code that is required for Java5voidsetJaasConfigEntryName(String jaasConfigEntryName)Sets the HTTP service login configuration entry name.voidsetKerberosDebug(boolean kerberosDebug)voidsetPassword(String password)Sets the HTTP service account password.voidsetRealm(String realm)Sets the HTTP service account realm.voidsetStripKerberosUsernameSuffix(boolean stripKerberosUsernameSuffix)voidsetUseSPNEGO(boolean useSPNEGO)-
Methods inherited from class org.alfresco.filesys.auth.cifs.CifsAuthenticatorBase
afterPropertiesSet, checkForAdminUserName, destroy, doGuestLogon, doInTransaction, getAuthenticationComponent, getAuthenticationService, getAuthorityService, getHomeFolderForUser, getNodeService, getNTLMAuthenticator, getPersonService, isActive, mapUserNameToPerson, setActive, setAuthenticationComponent, setAuthenticationService, setAuthorityService, setCurrentUser, setDiskInterface, setNodeService, setPersonService, setTransactionService, validateAuthenticationMode
-
Methods inherited from class org.alfresco.jlan.server.auth.CifsAuthenticator
allowGuest, authenticateShareConnect, authenticateUser, authenticateUserPlainText, closeAuthenticator, convertPassword, generateEncryptedPassword, getAccessMode, getAuthContext, getCIFSConfig, getEnabledDialects, getEncryptor, getGuestUserName, getsecurityConfig, getSecurityMode, getStatusAsString, getUserDetails, hasDebug, hasExtendedSecurity, hasSessionCleanup, mapClientAddressToDomain, mapUnknownUserToGuest, setAccessMode, setAllowGuest, setConfig, setDebug, setExtendedSecurity, setGuestUserName, setMapToGuest, setSecurityMode, setSessionCleanup, toString, validatePassword
-
-
-
-
Method Detail
-
setPassword
public void setPassword(String password)
Sets the HTTP service account password. (the Principal should be configured in java.login.config)- Parameters:
password- the password to set
-
setRealm
public void setRealm(String realm)
Sets the HTTP service account realm.- Parameters:
realm- the realm to set
-
setJaasConfigEntryName
public void setJaasConfigEntryName(String jaasConfigEntryName)
Sets the HTTP service login configuration entry name.- Parameters:
jaasConfigEntryName- the loginEntryName to set
-
setKerberosDebug
public void setKerberosDebug(boolean kerberosDebug)
-
setDisableNTLM
public void setDisableNTLM(boolean disableNTLM)
-
setUseSPNEGO
public void setUseSPNEGO(boolean useSPNEGO)
-
setDisallowNTLMv1
public void setDisallowNTLMv1(boolean disallowNTLMv1)
-
setStripKerberosUsernameSuffix
public void setStripKerberosUsernameSuffix(boolean stripKerberosUsernameSuffix)
-
setEnableTicketCracking
public void setEnableTicketCracking(boolean enaTktCracking)
Enable Kerbeors ticket cracking code that is required for Java5- Parameters:
enaTktCracking- boolean
-
initialize
public void initialize(org.alfresco.jlan.server.config.ServerConfiguration config, org.springframework.extensions.config.ConfigElement params) throws org.alfresco.jlan.server.config.InvalidConfigurationExceptionInitialize the authenticator (via the config service)- Overrides:
initializein classCifsAuthenticatorBase- Parameters:
config- ServerConfigurationparams- ConfigElement- Throws:
org.alfresco.jlan.server.config.InvalidConfigurationException
-
initialize
public void initialize() throws org.alfresco.jlan.server.config.InvalidConfigurationExceptionInitialize the authenticator (after properties have been set)- Overrides:
initializein classCifsAuthenticatorBase- Throws:
org.alfresco.jlan.server.config.InvalidConfigurationException
-
handle
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
JAAS callback handler- Specified by:
handlein interfaceCallbackHandler- Parameters:
callbacks- Callback[]- Throws:
IOExceptionUnsupportedCallbackException
-
getEncryptionKeyLength
public int getEncryptionKeyLength()
Return the encryption key/challenge length- Specified by:
getEncryptionKeyLengthin interfaceorg.alfresco.jlan.server.auth.ICifsAuthenticator- Overrides:
getEncryptionKeyLengthin classorg.alfresco.jlan.server.auth.CifsAuthenticator- Returns:
- int
-
getServerCapabilities
public int getServerCapabilities()
Return the server capability flags- Specified by:
getServerCapabilitiesin interfaceorg.alfresco.jlan.server.auth.ICifsAuthenticator- Overrides:
getServerCapabilitiesin classorg.alfresco.jlan.server.auth.CifsAuthenticator- Returns:
- int
-
generateNegotiateResponse
public void generateNegotiateResponse(org.alfresco.jlan.smb.server.SMBSrvSession sess, org.alfresco.jlan.smb.server.SMBSrvPacket respPkt, boolean extendedSecurity) throws org.alfresco.jlan.server.auth.AuthenticatorExceptionGenerate the CIFS negotiate response packet, the authenticator should add authentication specific fields to the response.- Specified by:
generateNegotiateResponsein interfaceorg.alfresco.jlan.server.auth.ICifsAuthenticator- Overrides:
generateNegotiateResponsein classorg.alfresco.jlan.server.auth.CifsAuthenticator- Parameters:
sess- SMBSrvSessionrespPkt- SMBSrvPacketextendedSecurity- boolean- Throws:
org.alfresco.jlan.server.auth.AuthenticatorException
-
processSessionSetup
public void processSessionSetup(org.alfresco.jlan.smb.server.SMBSrvSession sess, org.alfresco.jlan.smb.server.SMBSrvPacket reqPkt) throws org.alfresco.jlan.smb.server.SMBSrvExceptionProcess the CIFS session setup request packet and build the session setup response.This is the boundary between alfresco and JLAN. So is responsible for logging and ensuring that the exceptions are correct for JLAN.
- Specified by:
processSessionSetupin interfaceorg.alfresco.jlan.server.auth.ICifsAuthenticator- Overrides:
processSessionSetupin classorg.alfresco.jlan.server.auth.CifsAuthenticator- Parameters:
sess- SMBSrvSessionreqPkt- SMBSrvPacket- Throws:
org.alfresco.jlan.smb.server.SMBSrvException
-
-