Class EnterpriseCifsAuthenticator

  • All Implemented Interfaces:
    CallbackHandler, org.alfresco.jlan.server.auth.ICifsAuthenticator, ActivateableBean, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean

    public class EnterpriseCifsAuthenticator
    extends CifsAuthenticatorBase
    implements CallbackHandler
    Enterprise CIFS Authenticator Class

    CIFS authenticator that supports NTLMSSP and Kerberos logins.

    Author:
    gkspencer
    • Field Detail

      • logger

        protected static final org.apache.commons.logging.Log logger
    • Constructor Detail

      • EnterpriseCifsAuthenticator

        public EnterpriseCifsAuthenticator()
        Class constructor
    • Method Detail

      • setPassword

        public void setPassword​(String password)
        Sets the HTTP service account password. (the Principal should be configured in java.login.config)
        Parameters:
        password - the password to set
      • setRealm

        public void setRealm​(String realm)
        Sets the HTTP service account realm.
        Parameters:
        realm - the realm to set
      • setJaasConfigEntryName

        public void setJaasConfigEntryName​(String jaasConfigEntryName)
        Sets the HTTP service login configuration entry name.
        Parameters:
        jaasConfigEntryName - the loginEntryName to set
      • setKerberosDebug

        public void setKerberosDebug​(boolean kerberosDebug)
      • setDisableNTLM

        public void setDisableNTLM​(boolean disableNTLM)
      • setUseSPNEGO

        public void setUseSPNEGO​(boolean useSPNEGO)
      • setDisallowNTLMv1

        public void setDisallowNTLMv1​(boolean disallowNTLMv1)
      • setStripKerberosUsernameSuffix

        public void setStripKerberosUsernameSuffix​(boolean stripKerberosUsernameSuffix)
      • setEnableTicketCracking

        public void setEnableTicketCracking​(boolean enaTktCracking)
        Enable Kerbeors ticket cracking code that is required for Java5
        Parameters:
        enaTktCracking - boolean
      • initialize

        public void initialize​(org.alfresco.jlan.server.config.ServerConfiguration config,
                               org.springframework.extensions.config.ConfigElement params)
                        throws org.alfresco.jlan.server.config.InvalidConfigurationException
        Initialize the authenticator (via the config service)
        Overrides:
        initialize in class CifsAuthenticatorBase
        Parameters:
        config - ServerConfiguration
        params - ConfigElement
        Throws:
        org.alfresco.jlan.server.config.InvalidConfigurationException
      • initialize

        public void initialize()
                        throws org.alfresco.jlan.server.config.InvalidConfigurationException
        Initialize the authenticator (after properties have been set)
        Overrides:
        initialize in class CifsAuthenticatorBase
        Throws:
        org.alfresco.jlan.server.config.InvalidConfigurationException
      • getEncryptionKeyLength

        public int getEncryptionKeyLength()
        Return the encryption key/challenge length
        Specified by:
        getEncryptionKeyLength in interface org.alfresco.jlan.server.auth.ICifsAuthenticator
        Overrides:
        getEncryptionKeyLength in class org.alfresco.jlan.server.auth.CifsAuthenticator
        Returns:
        int
      • getServerCapabilities

        public int getServerCapabilities()
        Return the server capability flags
        Specified by:
        getServerCapabilities in interface org.alfresco.jlan.server.auth.ICifsAuthenticator
        Overrides:
        getServerCapabilities in class org.alfresco.jlan.server.auth.CifsAuthenticator
        Returns:
        int
      • generateNegotiateResponse

        public void generateNegotiateResponse​(org.alfresco.jlan.smb.server.SMBSrvSession sess,
                                              org.alfresco.jlan.smb.server.SMBSrvPacket respPkt,
                                              boolean extendedSecurity)
                                       throws org.alfresco.jlan.server.auth.AuthenticatorException
        Generate the CIFS negotiate response packet, the authenticator should add authentication specific fields to the response.
        Specified by:
        generateNegotiateResponse in interface org.alfresco.jlan.server.auth.ICifsAuthenticator
        Overrides:
        generateNegotiateResponse in class org.alfresco.jlan.server.auth.CifsAuthenticator
        Parameters:
        sess - SMBSrvSession
        respPkt - SMBSrvPacket
        extendedSecurity - boolean
        Throws:
        org.alfresco.jlan.server.auth.AuthenticatorException
      • processSessionSetup

        public void processSessionSetup​(org.alfresco.jlan.smb.server.SMBSrvSession sess,
                                        org.alfresco.jlan.smb.server.SMBSrvPacket reqPkt)
                                 throws org.alfresco.jlan.smb.server.SMBSrvException
        Process the CIFS session setup request packet and build the session setup response.

        This is the boundary between alfresco and JLAN. So is responsible for logging and ensuring that the exceptions are correct for JLAN.

        Specified by:
        processSessionSetup in interface org.alfresco.jlan.server.auth.ICifsAuthenticator
        Overrides:
        processSessionSetup in class org.alfresco.jlan.server.auth.CifsAuthenticator
        Parameters:
        sess - SMBSrvSession
        reqPkt - SMBSrvPacket
        Throws:
        org.alfresco.jlan.smb.server.SMBSrvException