001 /*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements. See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership. The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License. You may obtain a copy of the License at
009 *
010 * http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing,
013 * software distributed under the License is distributed on an
014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015 * KIND, either express or implied. See the License for the
016 * specific language governing permissions and limitations
017 * under the License.
018 *
019 */
020 package org.apache.directory.server.ldap.handlers.bind.ntlm;
021
022
023 import org.apache.directory.server.ldap.LdapSession;
024 import org.apache.directory.server.ldap.handlers.bind.AbstractMechanismHandler;
025 import org.apache.directory.server.ldap.handlers.bind.SaslConstants;
026 import org.apache.directory.shared.ldap.message.InternalBindRequest;
027
028 import javax.security.sasl.SaslServer;
029
030
031 /**
032 * A handler for the NTLM Sasl and GSS-SPNEGO mechanism. Note that both
033 * mechanisms require an NTLM mechanism provider which could be implemented
034 * using jCIFS or native Win32 system calls via a JNI wrapper.
035 *
036 * @org.apache.xbean.XBean
037 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
038 * @version $Rev$, $Date$
039 */
040 public class NtlmMechanismHandler extends AbstractMechanismHandler
041 {
042 private String providerFqcn;
043 private NtlmProvider provider;
044
045
046 public void setNtlmProvider( NtlmProvider provider )
047 {
048 this.provider = provider;
049 }
050
051
052 public void setNtlmProviderFqcn( String fqcnProvider )
053 {
054 this.providerFqcn = fqcnProvider;
055 }
056
057
058 public SaslServer handleMechanism( LdapSession ldapSession, InternalBindRequest bindRequest ) throws Exception
059 {
060 SaslServer ss = ( SaslServer ) ldapSession.getSaslProperty( SaslConstants.SASL_SERVER );
061
062 if ( ss == null )
063 {
064 if ( provider == null )
065 {
066 initProvider();
067 }
068
069 ss = new NtlmSaslServer( provider, bindRequest, ldapSession );
070 ldapSession.putSaslProperty( SaslConstants.SASL_SERVER, ss );
071 }
072
073 return ss;
074 }
075
076
077 private void initProvider() throws Exception
078 {
079 provider = ( NtlmProvider ) Class.forName( providerFqcn ).newInstance();
080 }
081
082
083 /**
084 * {@inheritDoc}
085 */
086 public void init( LdapSession ldapSession )
087 {
088 // Store the host in the ldap session
089 String saslHost = ldapSession.getLdapServer().getSaslHost();
090 ldapSession.putSaslProperty( SaslConstants.SASL_HOST, saslHost );
091 }
092
093
094 /**
095 * Remove the Host, UserBaseDn, props and Mechanism property.
096 *
097 * @param ldapSession the LdapSession instance
098 */
099 public void cleanup( LdapSession ldapSession )
100 {
101 ldapSession.removeSaslProperty( SaslConstants.SASL_HOST );
102 ldapSession.removeSaslProperty( SaslConstants.SASL_USER_BASE_DN );
103 ldapSession.removeSaslProperty( SaslConstants.SASL_MECH );
104 ldapSession.removeSaslProperty( SaslConstants.SASL_PROPS );
105 ldapSession.removeSaslProperty( SaslConstants.SASL_AUTHENT_USER );
106 }
107 }