[jboss-cvs] JBossAS SVN: r76862 - in projects/security/security-negotiation/trunk: jboss-negotiation-common/src/main/java/org/jboss/security/negotiation and 4 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Sun Aug 10 09:59:06 EDT 2008
Author: darran.lofthouse at jboss.com
Date: 2008-08-10 09:59:04 -0400 (Sun, 10 Aug 2008)
New Revision: 76862
Added:
projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/DelegatingMessageFactory.java
projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/NegotiationException.java
projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/NegotiationMessage.java
projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/NTLMAuthenticator.java
projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/NTLMMessageFactory.java
projects/security/security-negotiation/trunk/jboss-negotiation-spnego/src/main/java/org/jboss/security/negotiation/spnego/SPNEGOMessageFactory.java
Modified:
projects/security/security-negotiation/trunk/jboss-negotiation-common/.classpath
projects/security/security-negotiation/trunk/jboss-negotiation-common/pom.xml
projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/MessageFactory.java
projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/NegotiateMessage.java
projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/NegotiateMessageDecoder.java
projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/src/main/java/org/jboss/security/negotiation/toolkit/NTLMNegotiationServlet.java
Log:
[SECURITY-270] Moving to a MessageFactory style architecture for message identification and parsing.
Modified: projects/security/security-negotiation/trunk/jboss-negotiation-common/.classpath
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-common/.classpath 2008-08-10 13:13:41 UTC (rev 76861)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-common/.classpath 2008-08-10 13:59:04 UTC (rev 76862)
@@ -5,6 +5,7 @@
<classpathentry kind="output" path="target/classes"/>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
<classpathentry kind="var" path="M2_REPO/apache-log4j/log4j/1.2.14/log4j-1.2.14.jar"/>
+ <classpathentry kind="var" path="M2_REPO/jboss/jboss-common/4.2.2.GA/jboss-common-4.2.2.GA.jar"/>
<classpathentry kind="var" path="M2_REPO/jboss/web/jbossweb/2.1.0.GA/jbossweb-2.1.0.GA.jar"/>
<classpathentry kind="var" path="M2_REPO/jboss/web/servlet-api/2.1.0.GA/servlet-api-2.1.0.GA.jar"/>
</classpath>
\ No newline at end of file
Modified: projects/security/security-negotiation/trunk/jboss-negotiation-common/pom.xml
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-common/pom.xml 2008-08-10 13:13:41 UTC (rev 76861)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-common/pom.xml 2008-08-10 13:59:04 UTC (rev 76862)
@@ -38,6 +38,10 @@
<artifactId>log4j</artifactId>
</dependency>
<dependency>
+ <groupId>jboss</groupId>
+ <artifactId>jboss-common</artifactId>
+ </dependency>
+ <dependency>
<groupId>jboss.web</groupId>
<artifactId>jbossweb</artifactId>
</dependency>
Added: projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/DelegatingMessageFactory.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/DelegatingMessageFactory.java (rev 0)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/DelegatingMessageFactory.java 2008-08-10 13:59:04 UTC (rev 76862)
@@ -0,0 +1,68 @@
+/*
+ * Copyright © 2008 Red Hat Middleware, LLC. or third-party contributors as indicated
+ * by the @author tags or express copyright attribution statements applied by the
+ * authors. All third-party contributions are distributed under license by Red Hat
+ * Middleware LLC.
+ *
+ * This copyrighted material is made available to anyone wishing to use, modify, copy,
+ * or redistribute it subject to the terms and conditions of the GNU Lesser General
+ * Public License, v. 2.1. This program is distributed in the hope that it will be
+ * useful, but WITHOUT A WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for
+ * more details. You should have received a copy of the GNU Lesser General Public License,
+ * v.2.1 along with this distribution; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+package org.jboss.security.negotiation;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.List;
+
+/**
+ * A message factory to delegate to a list of sub message factories.
+ *
+ * @author darran.lofthouse at jboss.com
+ * @since 10th August 2008
+ * @version $Revision$
+ */
+class DelegatingMessageFactory extends MessageFactory
+{
+
+ private List<MessageFactory> delegates;
+
+ DelegatingMessageFactory(final List<MessageFactory> delegates)
+ {
+ this.delegates = delegates;
+ }
+
+ @Override
+ public boolean accepts(final InputStream in) throws IOException
+ {
+ for (MessageFactory current : delegates)
+ {
+ if (current.accepts(in) == true)
+ {
+ return true;
+ }
+ }
+
+ return false;
+ }
+
+ @Override
+ public NegotiationMessage createMessage(final InputStream in) throws IOException
+ {
+ for (MessageFactory current : delegates)
+ {
+ if (current.accepts(in) == true)
+ {
+ return current.createMessage(in);
+ }
+ }
+
+ throw new IllegalStateException("No suitable MessageFactory found for message.");
+ }
+
+}
Property changes on: projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/DelegatingMessageFactory.java
___________________________________________________________________
Name: svn:keywords
+ Id Revision
Name: svn:eol-style
+ LF
Modified: projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/MessageFactory.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/MessageFactory.java 2008-08-10 13:13:41 UTC (rev 76861)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/MessageFactory.java 2008-08-10 13:59:04 UTC (rev 76862)
@@ -16,8 +16,13 @@
package org.jboss.security.negotiation;
+import java.io.IOException;
import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.List;
+import org.apache.log4j.Logger;
+
/**
* The base message factory for reading messages from InputStreams and
* creating the Java representation of the message.
@@ -29,24 +34,101 @@
public abstract class MessageFactory
{
+ private static final Logger log = Logger.getLogger(MessageFactory.class);
+
+ private static final String NTLM_MESSAGE_FACTORY_NAME = "org.jboss.security.negotiation.ntlm.NTLMMessageFactory";
+
+ private static final String SPNEGO_MESSAGE_FACTORY_NAME = "org.jboss.security.negotiation.spnego.SPNEGOMessageFactory";
+
+ private static final Class<MessageFactory> NTLM_MESSAGE_FACTORY;
+
+ private static final Class<MessageFactory> SPNEGO_MESSAGE_FACTORY;
+
+ static
+ {
+ NTLM_MESSAGE_FACTORY = loadClass(NTLM_MESSAGE_FACTORY_NAME);
+ SPNEGO_MESSAGE_FACTORY = loadClass(SPNEGO_MESSAGE_FACTORY_NAME);
+ }
+
/**
+ * Return the specified class or null if it can not be loaded.
+ */
+ @SuppressWarnings("unchecked")
+ private static Class<MessageFactory> loadClass(final String classname)
+ {
+ ClassLoader classLoader = Thread.currentThread().getContextClassLoader();
+ Class<MessageFactory> clazz = null;
+
+ try
+ {
+ clazz = (Class<MessageFactory>) classLoader.loadClass(classname);
+ }
+ catch (Exception e)
+ {
+ log.trace("Unable to load class '" + classname + "'", e);
+ }
+
+ return clazz;
+ }
+
+ /**
* @return a new MessageFactory to process a message available from an InputStream.
*/
- public static MessageFactory newInstance()
+ public static MessageFactory newInstance() throws NegotiationException
{
- return null;
+ MessageFactory ntlm = newInstance(NTLM_MESSAGE_FACTORY);
+ MessageFactory spnego = newInstance(SPNEGO_MESSAGE_FACTORY);
+
+ if (ntlm != null && spnego != null)
+ {
+ List<MessageFactory> delegates = new ArrayList<MessageFactory>(2);
+ delegates.add(spnego);
+ delegates.add(ntlm);
+
+ return new DelegatingMessageFactory(delegates);
+ }
+ else if (ntlm != null)
+ {
+ return ntlm;
+ }
+ else if (spnego != null)
+ {
+ return spnego;
+ }
+
+ throw new IllegalStateException("No MessageFactories available to instantiate");
}
+ private static MessageFactory newInstance(final Class<MessageFactory> clazz) throws NegotiationException
+ {
+ MessageFactory response = null;
+
+ if (clazz != null)
+ {
+ try
+ {
+ response = clazz.newInstance();
+ }
+ catch (Exception e)
+ {
+ throw new NegotiationException("Unable to instantiate '" + clazz.getName() + "'", e);
+ }
+
+ }
+
+ return response;
+ }
+
/**
* Peek at the data in the InputStream and return true if this
* MessageFactory can handle the data.
*/
- public abstract boolean accepts(final InputStream in);
+ public abstract boolean accepts(final InputStream in) throws IOException;
/**
* Read the message from the InputStream and create the Java
* representation of the message.
*/
- public abstract Object createMessage(final InputStream in);
+ public abstract NegotiationMessage createMessage(final InputStream in) throws IOException;
}
Added: projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/NegotiationException.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/NegotiationException.java (rev 0)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/NegotiationException.java 2008-08-10 13:59:04 UTC (rev 76862)
@@ -0,0 +1,49 @@
+/*
+ * Copyright © 2008 Red Hat Middleware, LLC. or third-party contributors as indicated
+ * by the @author tags or express copyright attribution statements applied by the
+ * authors. All third-party contributions are distributed under license by Red Hat
+ * Middleware LLC.
+ *
+ * This copyrighted material is made available to anyone wishing to use, modify, copy,
+ * or redistribute it subject to the terms and conditions of the GNU Lesser General
+ * Public License, v. 2.1. This program is distributed in the hope that it will be
+ * useful, but WITHOUT A WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for
+ * more details. You should have received a copy of the GNU Lesser General Public License,
+ * v.2.1 along with this distribution; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+package org.jboss.security.negotiation;
+
+/**
+ * A negotiation exception for when a checked exception is required.
+ *
+ * @author darran.lofthouse at jboss.com
+ * @since 10th August 2008
+ * @version $Revision$
+ */
+public class NegotiationException extends Exception
+{
+
+ public NegotiationException()
+ {
+ super();
+ }
+
+ public NegotiationException(String message, Throwable cause)
+ {
+ super(message, cause);
+ }
+
+ public NegotiationException(String message)
+ {
+ super(message);
+ }
+
+ public NegotiationException(Throwable cause)
+ {
+ super(cause);
+ }
+
+}
Property changes on: projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/NegotiationException.java
___________________________________________________________________
Name: svn:keywords
+ Id Revision
Name: svn:eol-style
+ LF
Added: projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/NegotiationMessage.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/NegotiationMessage.java (rev 0)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/NegotiationMessage.java 2008-08-10 13:59:04 UTC (rev 76862)
@@ -0,0 +1,60 @@
+/*
+ * Copyright © 2008 Red Hat Middleware, LLC. or third-party contributors as indicated
+ * by the @author tags or express copyright attribution statements applied by the
+ * authors. All third-party contributions are distributed under license by Red Hat
+ * Middleware LLC.
+ *
+ * This copyrighted material is made available to anyone wishing to use, modify, copy,
+ * or redistribute it subject to the terms and conditions of the GNU Lesser General
+ * Public License, v. 2.1. This program is distributed in the hope that it will be
+ * useful, but WITHOUT A WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for
+ * more details. You should have received a copy of the GNU Lesser General Public License,
+ * v.2.1 along with this distribution; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+package org.jboss.security.negotiation;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.OutputStream;
+
+import org.jboss.util.Base64;
+
+/**
+ * The common base type for all negotiation messages.
+ *
+ * @author darran.lofthouse at jboss.com
+ * @since 10th August 2008
+ * @version $Revision$
+ */
+public abstract class NegotiationMessage
+{
+
+ /**
+ * Write the message to the provided output stream in
+ * it's raw form.
+ */
+ public abstract void writeTo(final OutputStream os) throws IOException;
+
+ /**
+ * Write the message to the provided output stream, if base64 is set the
+ * output should be base64 encoded.
+ */
+ public void writeTo(final OutputStream os, final boolean base64) throws IOException
+ {
+ if (base64 == true)
+ {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ writeTo(baos);
+ String encoded = Base64.encodeBytes(baos.toByteArray());
+ os.write(encoded.getBytes());
+ }
+ else
+ {
+ writeTo(os);
+ }
+ }
+
+}
Property changes on: projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/NegotiationMessage.java
___________________________________________________________________
Name: svn:keywords
+ Id Revision
Name: svn:eol-style
+ LF
Copied: projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/NTLMAuthenticator.java (from rev 76859, projects/security/security-negotiation/trunk/jboss-negotiation-spnego/src/main/java/org/jboss/security/negotiation/spnego/SPNEGOAuthenticator.java)
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/NTLMAuthenticator.java (rev 0)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/NTLMAuthenticator.java 2008-08-10 13:59:04 UTC (rev 76862)
@@ -0,0 +1,48 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ *
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.negotiation.ntlm;
+
+import org.jboss.security.negotiation.NegotiationAuthenticator;
+
+/**
+ * The NTLMAuthenticator to be used when only NTLM is required.
+ *
+ * The authenticator sents the response header to 'WWW-Authenticate NTLM'
+ * so reducing the negotiation options.
+ *
+ * @author darran.lofthouse at jboss.com
+ * @since 10th August 2008
+ * @version $Revision$
+ */
+public class NTLMAuthenticator extends NegotiationAuthenticator
+{
+
+ private static final String NTLM = "NTLM";
+
+ @Override
+ protected String getNegotiateScheme()
+ {
+ return NTLM;
+ }
+
+}
Added: projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/NTLMMessageFactory.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/NTLMMessageFactory.java (rev 0)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/NTLMMessageFactory.java 2008-08-10 13:59:04 UTC (rev 76862)
@@ -0,0 +1,70 @@
+/*
+ * Copyright © 2008 Red Hat Middleware, LLC. or third-party contributors as indicated
+ * by the @author tags or express copyright attribution statements applied by the
+ * authors. All third-party contributions are distributed under license by Red Hat
+ * Middleware LLC.
+ *
+ * This copyrighted material is made available to anyone wishing to use, modify, copy,
+ * or redistribute it subject to the terms and conditions of the GNU Lesser General
+ * Public License, v. 2.1. This program is distributed in the hope that it will be
+ * useful, but WITHOUT A WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for
+ * more details. You should have received a copy of the GNU Lesser General Public License,
+ * v.2.1 along with this distribution; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+package org.jboss.security.negotiation.ntlm;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Arrays;
+
+import org.jboss.security.negotiation.MessageFactory;
+import org.jboss.security.negotiation.NegotiationMessage;
+import org.jboss.security.negotiation.ntlm.encoding.NegotiateMessageDecoder;
+
+/**
+ * The message factory for reading NTLM messages from InputStreams and
+ * creating the Java representation of the message.
+ *
+ * @author darran.lofthouse at jboss.com
+ * @since 10th August 2008
+ * @version $Revision$
+ */
+public class NTLMMessageFactory extends MessageFactory
+{
+
+ @Override
+ public boolean accepts(final InputStream in) throws IOException
+ {
+ if (in.markSupported() == false)
+ {
+ throw new IllegalArgumentException("The passed in InputStream needs to support mark/reset.");
+ }
+
+ byte[] expected = Constants.SIGNATURE;
+ byte[] dataRead = new byte[expected.length];
+
+ in.mark(dataRead.length);
+ in.read(dataRead);
+ in.reset();
+
+ return Arrays.equals(expected, dataRead);
+ }
+
+ @Override
+ public NegotiationMessage createMessage(final InputStream in) throws IOException
+ {
+ if (accepts(in) == true)
+ {
+ return NegotiateMessageDecoder.decode(in);
+ }
+ else
+ {
+ throw new IllegalArgumentException("InputStream does not contain NTLM message.");
+ }
+
+ }
+
+}
Property changes on: projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/NTLMMessageFactory.java
___________________________________________________________________
Name: svn:keywords
+ Id Revision
Name: svn:eol-style
+ LF
Modified: projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/NegotiateMessage.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/NegotiateMessage.java 2008-08-10 13:13:41 UTC (rev 76861)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/NegotiateMessage.java 2008-08-10 13:59:04 UTC (rev 76862)
@@ -16,13 +16,19 @@
package org.jboss.security.negotiation.ntlm.encoding;
+import java.io.IOException;
+import java.io.OutputStream;
+
+import org.jboss.security.negotiation.NegotiationMessage;
+import org.jboss.util.NotImplementedException;
+
/**
* Representation of an NTLM NEGOTIATIE_MESSAGE
*
* @author darran.lofthouse at jboss.com
* @since 7th August 2008
*/
-public class NegotiateMessage
+public class NegotiateMessage extends NegotiationMessage
{
private NegotiateFlags negotiateFlags;
@@ -110,4 +116,10 @@
return sb.toString();
}
+ @Override
+ public void writeTo(OutputStream os) throws IOException
+ {
+ throw new NotImplementedException();
+ }
+
}
Modified: projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/NegotiateMessageDecoder.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/NegotiateMessageDecoder.java 2008-08-10 13:13:41 UTC (rev 76861)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/src/main/java/org/jboss/security/negotiation/ntlm/encoding/NegotiateMessageDecoder.java 2008-08-10 13:59:04 UTC (rev 76862)
@@ -145,19 +145,25 @@
}
- public static NegotiateMessage decode(final byte[] token) throws IOException
+ public static NegotiateMessage decode(final InputStream is) throws IOException
{
DecoderData data = new DecoderData();
- ByteArrayInputStream bais = new ByteArrayInputStream(token);
- readVerifySignature(bais, data);
- readVerifyMessageType(bais, data);
- NegotiateFlagsDecoder.readNegotiateFlags(bais, data);
- data.message.setDomainNameFields(FieldDecoder.readFieldLengths(bais, data));
- data.message.setWorkstationFields(FieldDecoder.readFieldLengths(bais, data));
- readVersion(bais, data);
- readPayload(bais, data);
+ readVerifySignature(is, data);
+ readVerifyMessageType(is, data);
+ NegotiateFlagsDecoder.readNegotiateFlags(is, data);
+ data.message.setDomainNameFields(FieldDecoder.readFieldLengths(is, data));
+ data.message.setWorkstationFields(FieldDecoder.readFieldLengths(is, data));
+ readVersion(is, data);
+ readPayload(is, data);
return data.message;
}
+
+ public static NegotiateMessage decode(final byte[] token) throws IOException
+ {
+ ByteArrayInputStream bais = new ByteArrayInputStream(token);
+
+ return decode(bais);
+ }
}
Added: projects/security/security-negotiation/trunk/jboss-negotiation-spnego/src/main/java/org/jboss/security/negotiation/spnego/SPNEGOMessageFactory.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-spnego/src/main/java/org/jboss/security/negotiation/spnego/SPNEGOMessageFactory.java (rev 0)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-spnego/src/main/java/org/jboss/security/negotiation/spnego/SPNEGOMessageFactory.java 2008-08-10 13:59:04 UTC (rev 76862)
@@ -0,0 +1,58 @@
+/*
+ * Copyright © 2008 Red Hat Middleware, LLC. or third-party contributors as indicated
+ * by the @author tags or express copyright attribution statements applied by the
+ * authors. All third-party contributions are distributed under license by Red Hat
+ * Middleware LLC.
+ *
+ * This copyrighted material is made available to anyone wishing to use, modify, copy,
+ * or redistribute it subject to the terms and conditions of the GNU Lesser General
+ * Public License, v. 2.1. This program is distributed in the hope that it will be
+ * useful, but WITHOUT A WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for
+ * more details. You should have received a copy of the GNU Lesser General Public License,
+ * v.2.1 along with this distribution; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+package org.jboss.security.negotiation.spnego;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import org.jboss.security.negotiation.MessageFactory;
+import org.jboss.security.negotiation.NegotiationMessage;
+
+/**
+ * The message factory for reading SPNEGO messages from InputStreams and
+ * creating the Java representation of the message.
+ *
+ * @author darran.lofthouse at jboss.com
+ * @since 10th August 2008
+ * @version $Revision$
+ */
+public class SPNEGOMessageFactory extends MessageFactory
+{
+
+ @Override
+ public boolean accepts(InputStream in) throws IOException
+ {
+ if (in.markSupported() == false)
+ {
+ throw new IllegalArgumentException("The passed in InputStream needs to support mark/reset.");
+ }
+
+ in.mark(1);
+ int dataRead = in.read();
+ in.reset();
+
+ return (dataRead == 0x60) || (dataRead == 0xa1);
+ }
+
+ @Override
+ public NegotiationMessage createMessage(InputStream in) throws IOException
+ {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+}
Property changes on: projects/security/security-negotiation/trunk/jboss-negotiation-spnego/src/main/java/org/jboss/security/negotiation/spnego/SPNEGOMessageFactory.java
___________________________________________________________________
Name: svn:keywords
+ Id Revision
Name: svn:eol-style
+ LF
Modified: projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/src/main/java/org/jboss/security/negotiation/toolkit/NTLMNegotiationServlet.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/src/main/java/org/jboss/security/negotiation/toolkit/NTLMNegotiationServlet.java 2008-08-10 13:13:41 UTC (rev 76861)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/src/main/java/org/jboss/security/negotiation/toolkit/NTLMNegotiationServlet.java 2008-08-10 13:59:04 UTC (rev 76862)
@@ -22,9 +22,9 @@
*/
package org.jboss.security.negotiation.toolkit;
+import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.PrintWriter;
-import java.util.Arrays;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
@@ -32,10 +32,10 @@
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
-import org.jboss.security.negotiation.ntlm.Constants;
+import org.jboss.security.negotiation.MessageFactory;
+import org.jboss.security.negotiation.NegotiationException;
import org.jboss.security.negotiation.ntlm.encoding.NTLMField;
import org.jboss.security.negotiation.ntlm.encoding.NegotiateMessage;
-import org.jboss.security.negotiation.ntlm.encoding.NegotiateMessageDecoder;
import org.jboss.util.Base64;
/**
@@ -134,41 +134,45 @@
byte[] reqToken = Base64.decode(requestHeader);
- byte[] ntlmSignature = Constants.SIGNATURE;
- if (reqToken.length > 8)
+ MessageFactory messageFactory = null;
+
+ try
{
- byte[] reqHeader = new byte[8];
- System.arraycopy(reqToken, 0, reqHeader, 0, 8);
+ messageFactory = MessageFactory.newInstance();
+ }
+ catch (NegotiationException e)
+ {
+ writer.println("<p><b>Unable to obtain MessageFactory '" + e.getMessage() + "'</b></p>");
+ }
- if (Arrays.equals(ntlmSignature, reqHeader))
- {
- NegotiateMessage message = NegotiateMessageDecoder.decode(reqToken);
- writer.println("<h3>NTLM - Negotiate_Message</h3>");
+ ByteArrayInputStream bais = new ByteArrayInputStream(reqToken);
+ if (messageFactory != null && messageFactory.accepts(bais))
+ {
+ NegotiateMessage message = (NegotiateMessage) messageFactory.createMessage(bais);
+ writer.println("<h3>NTLM - Negotiate_Message</h3>");
- writer.write("<h4><font color='red'>"
- + "Warning, this is NTLM, please verify that you were not expecting SPNEGO!</font></h4>");
+ writer.write("<h4><font color='red'>"
+ + "Warning, this is NTLM, please verify that you were not expecting SPNEGO!</font></h4>");
- writer.write("<b>Negotiate Flags</b> - ");
- writer.write(String.valueOf(message.getNegotiateFlags()));
- writer.write("<br>");
+ writer.write("<b>Negotiate Flags</b> - ");
+ writer.write(String.valueOf(message.getNegotiateFlags()));
+ writer.write("<br>");
- writeNTLMField("Domain Name", message.getDomainName(), message.getDomainNameFields(), writer);
- writeNTLMField("Workstation Name", message.getWorkstationName(), message.getWorkstationFields(), writer);
+ writeNTLMField("Domain Name", message.getDomainName(), message.getDomainNameFields(), writer);
+ writeNTLMField("Workstation Name", message.getWorkstationName(), message.getWorkstationFields(), writer);
- if (message.getVersion() != null && message.getVersion().length > 0)
- {
- writer.write("<b>Version </b> - ");
- writer.write(new String(message.getVersion()));
- writer.write("<br>");
- }
-
- }
- else
+ if (message.getVersion() != null && message.getVersion().length > 0)
{
- writer.println("<p><b>Unsupported negotiation mechanism</b></p>");
+ writer.write("<b>Version </b> - ");
+ writer.write(new String(message.getVersion()));
+ writer.write("<br>");
}
}
+ else
+ {
+ writer.println("<p><b>Unsupported negotiation mechanism</b></p>");
+ }
}
More information about the jboss-cvs-commits
mailing list