View Javadoc
1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License.
18   *
19   */
20  package org.apache.directory.server.ldap.handlers.sasl.ntlm;
21  
22  
23  import javax.security.sasl.SaslServer;
24  
25  import org.apache.directory.api.ldap.model.message.BindRequest;
26  import org.apache.directory.server.ldap.LdapSession;
27  import org.apache.directory.server.ldap.handlers.sasl.AbstractMechanismHandler;
28  import org.apache.directory.server.ldap.handlers.sasl.SaslConstants;
29  
30  
31  /**
32   * A handler for the NTLM Sasl and GSS-SPNEGO mechanism. Note that both
33   * mechanisms require an NTLM mechanism provider which could be implemented
34   * using jCIFS or native Win32 system calls via a JNI wrapper.
35   *
36   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
37   */
38  public class NtlmMechanismHandler extends AbstractMechanismHandler
39  {
40      private String providerFqcn;
41      private NtlmProvider provider;
42  
43  
44      public void setNtlmProvider( NtlmProvider provider )
45      {
46          this.provider = provider;
47      }
48  
49  
50      public void setNtlmProviderFqcn( String fqcnProvider )
51      {
52          this.providerFqcn = fqcnProvider;
53      }
54  
55  
56      public SaslServer handleMechanism( LdapSession ldapSession, BindRequest bindRequest ) throws Exception
57      {
58          SaslServer ss = ( SaslServer ) ldapSession.getSaslProperty( SaslConstants.SASL_SERVER );
59  
60          if ( ss == null )
61          {
62              if ( provider == null )
63              {
64                  initProvider();
65              }
66  
67              ss = new NtlmSaslServer( provider, bindRequest, ldapSession, ldapSession.getLdapServer()
68                  .getDirectoryService().getAdminSession() );
69              ldapSession.putSaslProperty( SaslConstants.SASL_SERVER, ss );
70          }
71  
72          return ss;
73      }
74  
75  
76      private void initProvider() throws Exception
77      {
78          provider = ( NtlmProvider ) Class.forName( providerFqcn ).newInstance();
79      }
80  
81  
82      /**
83       * {@inheritDoc}
84       */
85      public void init( LdapSession ldapSession )
86      {
87          // Store the host in the ldap session
88          String saslHost = ldapSession.getLdapServer().getSaslHost();
89          ldapSession.putSaslProperty( SaslConstants.SASL_HOST, saslHost );
90      }
91  
92  
93      /**
94       * Remove the Host, UserBaseDn, props and Mechanism property.
95       * 
96       * @param ldapSession the LdapSession instance
97       */
98      public void cleanup( LdapSession ldapSession )
99      {
100         ldapSession.removeSaslProperty( SaslConstants.SASL_HOST );
101         ldapSession.removeSaslProperty( SaslConstants.SASL_USER_BASE_DN );
102         ldapSession.removeSaslProperty( SaslConstants.SASL_MECH );
103         ldapSession.removeSaslProperty( SaslConstants.SASL_PROPS );
104         ldapSession.removeSaslProperty( SaslConstants.SASL_AUTHENT_USER );
105     }
106 }