/** * Create a NTLM authorization string for the given * challenge and NT credentials. * * @param challenge The challenge. * @param credentials {@link NTCredentials} * @param charset The charset to use for encoding the credentials * * @return a ntlm authorization string * @throws AuthenticationException is thrown if authentication fails * * @deprecated Use non-static {@link #authenticate(Credentials, HttpMethod)} * * @since 3.0 */ public static String authenticate( final NTCredentials credentials, final String challenge, String charset ) throws AuthenticationException { LOG.trace("enter NTLMScheme.authenticate(NTCredentials, String)"); if (credentials == null) { throw new IllegalArgumentException("Credentials may not be null"); } NTLM ntlm = new NTLM(); ntlm.setCredentialCharset(charset); String s = ntlm.getResponseFor( challenge, credentials.getUserName(), credentials.getPassword(), credentials.getHost(), credentials.getDomain()); return "NTLM " + s; }
public void testNTLMAuthenticationResponse2() throws Exception { String challenge = "NTLM TlRMTVNTUAACAAAACgAKADAAAAAGgoEAPc4kP4LtCV8AAAAAAAAAAJ4AngA" + "6AAAASU5UUkFFUEhPWAIAFABJAE4AVABSAEEARQBQAEgATwBYAAEAEgBCAE8AQQB" + "SAEQAUgBPAE8ATQAEACgAaQBuAHQAcgBhAGUAcABoAG8AeAAuAGUAcABoAG8AeAA" + "uAGMAbwBtAAMAPABCAG8AYQByAGQAcgBvAG8AbQAuAGkAbgB0AHIAYQBlAHAAaAB" + "vAHgALgBlAHAAaABvAHgALgBjAG8AbQAAAAAA"; String expected = "NTLM TlRMTVNTUAADAAAAGAAYAFIAAAAAAAAAagAAAAYABgB" + "AAAAACAAIAEYAAAAEAAQATgAAAAAAAABqAAAABlIAAERPTUFJTlVTRVJOQU1FSE" + "9TVAaC+vLxUEHnUtpItj9Dp4kzwQfd61Lztg=="; NTCredentials cred = new NTCredentials("username","password", "host", "domain"); FakeHttpMethod method = new FakeHttpMethod(); AuthScheme authscheme = new NTLMScheme(challenge); authscheme.processChallenge(challenge); String response = authscheme.authenticate(cred, method); assertEquals(expected, response); assertTrue(authscheme.isComplete()); }
public void testNTLMAuthenticationRetry() throws Exception { this.server.setHttpService(new NTLMAuthService()); // configure the client this.client.getHostConfiguration().setHost( server.getLocalAddress(), server.getLocalPort(), Protocol.getProtocol("http")); this.client.getState().setCredentials(AuthScope.ANY, new NTCredentials("username", "password", "host", "domain")); FakeHttpMethod httpget = new FakeHttpMethod("/"); try { client.executeMethod(httpget); } finally { httpget.releaseConnection(); } assertNull(httpget.getResponseHeader("WWW-Authenticate")); assertEquals(200, httpget.getStatusCode()); }
/** * Make sure preemptive authorization works when the server requires NLM. * @throws Exception */ public void testPreemptiveAuthorization() throws Exception { NTCredentials creds = new NTCredentials("testuser", "testpass", "host", "domain"); HttpState state = new HttpState(); state.setCredentials(AuthScope.ANY, creds); this.client.setState(state); this.client.getParams().setAuthenticationPreemptive(true); this.server.setHttpService(new PreemptiveNTLMAuthService()); GetMethod httpget = new GetMethod("/test/"); try { this.client.executeMethod(httpget); } finally { httpget.releaseConnection(); } assertNotNull(httpget.getStatusLine()); assertEquals(HttpStatus.SC_OK, httpget.getStatusLine().getStatusCode()); }
private void initExternalProxy(ExternalProxySettings ep) { if (externalProxy != null) { String proxyServer = externalProxy.getProxyServer(); String proxyUsername = externalProxy.getUsername(); if (proxyUsername != null) { String proxyPassword = externalProxy.getPassword(); String proxyDomain = externalProxy.getNTDomain(); if (proxyDomain != null) { proxyCredentials = new NTCredentials(proxyUsername, proxyPassword, proxyServer, proxyDomain); } else { proxyCredentials = new UsernamePasswordCredentials(proxyUsername, proxyPassword); } } } }
private Socket AuthenticateProxy(ConnectMethod method, ProxyClient client, String proxyHost, int proxyPort, String proxyUsername, String proxyPassword) throws IOException { if(method.getProxyAuthState().getAuthScheme().getSchemeName().equalsIgnoreCase("ntlm")) { // If Auth scheme is NTLM, set NT credentials with blank host and domain name client.getState().setProxyCredentials(new AuthScope(proxyHost, proxyPort), new NTCredentials(proxyUsername, proxyPassword,"","")); } else { // If Auth scheme is Basic/Digest, set regular Credentials client.getState().setProxyCredentials(new AuthScope(proxyHost, proxyPort), new UsernamePasswordCredentials(proxyUsername, proxyPassword)); } ProxyClient.ConnectResponse response = client.connect(); Socket socket = response.getSocket(); if (socket == null) { method = response.getConnectMethod(); throw new ProtocolException("Proxy Authentication failed. Socket not created: " + method.getStatusLine()); } return socket; }
public static void setNTLMCredentials(HttpClient httpClient, UsernamePasswordCredentials credentials, String domain) { initNTLMv2(); String localHostName; try { localHostName = Inet4Address.getLocalHost().getHostName(); } catch (Exception e) { localHostName = ""; } AuthScope authscope = new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT); httpClient.getState().setCredentials( authscope, new NTCredentials( credentials.getUserName(), credentials.getPassword(), localHostName, domain)); }
@Nullable private static Credentials getCredentials(String login, String password, String host) { int domainIndex = login.indexOf("\\"); if(domainIndex > 0) { // if the username is in the form "user\domain" // then use NTCredentials instead of UsernamePasswordCredentials String domain = login.substring(0, domainIndex); if(login.length() > domainIndex + 1) { String user = login.substring(domainIndex + 1); return new NTCredentials(user, password, host, domain); } else { return null; } } else { return new UsernamePasswordCredentials(login, password); } }
public void setNtlmAuth(HttpState httpState) { // Setting NTLM authentication for proxy int indexSlash = this.proxyUser.indexOf("\\"); String domain = this.proxyUser.substring(0, indexSlash); String username = this.proxyUser.substring(indexSlash + 1); Engine.logProxyManager.debug("(ProxyManager) Using NTLM authentication on domain: " + domain); httpState.setProxyCredentials( new AuthScope(this.proxyServer, -1, AuthScope.ANY_REALM), new NTCredentials(username, this.proxyPassword, this.proxyServer, domain)); }
/** * Create a NTLM authorization string for the given * challenge and NT credentials. * * @param challenge The challenge. * @param credentials {@link NTCredentials} * * @return a ntlm authorization string * @throws AuthenticationException is thrown if authentication fails * * @deprecated Use non-static {@link #authenticate(Credentials, HttpMethod)} */ public static String authenticate( final NTCredentials credentials, final String challenge) throws AuthenticationException { LOG.trace("enter NTLMScheme.authenticate(NTCredentials, String)"); if (credentials == null) { throw new IllegalArgumentException("Credentials may not be null"); } NTLM ntlm = new NTLM(); String s = ntlm.getResponseFor(challenge, credentials.getUserName(), credentials.getPassword(), credentials.getHost(), credentials.getDomain()); return "NTLM " + s; }
public void testNTLMAuthenticationResponse1() throws Exception { String challenge = "NTLM"; String expected = "NTLM TlRMTVNTUAABAAAABlIAAAYABgAkAAAABAAEACAAAABIT" + "1NURE9NQUlO"; NTCredentials cred = new NTCredentials("username","password", "host", "domain"); FakeHttpMethod method = new FakeHttpMethod(); AuthScheme authscheme = new NTLMScheme(challenge); authscheme.processChallenge(challenge); String response = authscheme.authenticate(cred, method); assertEquals(expected, response); assertFalse(authscheme.isComplete()); }
private static Credentials getCredentials(final String username, final String password, final InetAddress address) { int i = username.indexOf("\\"); if (i > 0 && i < username.length() - 1 && address != null) { return new NTCredentials(username.substring(i + 1), password, address.getHostName(), username.substring(0, i)); } else { return new UsernamePasswordCredentials(username, password); } }
/** * Extracts all the required authorization for that particular URL request * and sets it in the <code>HttpMethod</code> passed in. * * @param client the HttpClient object * * @param u * <code>URL</code> of the URL request * @param authManager * the <code>AuthManager</code> containing all the authorisations for * this <code>UrlConfig</code> */ private void setConnectionAuthorization(HttpClient client, URL u, AuthManager authManager) { HttpState state = client.getState(); if (authManager != null) { HttpClientParams params = client.getParams(); Authorization auth = authManager.getAuthForURL(u); if (auth != null) { String username = auth.getUser(); String realm = auth.getRealm(); String domain = auth.getDomain(); if (log.isDebugEnabled()){ log.debug(username + " > D="+ username + " D="+domain+" R="+realm); } state.setCredentials( new AuthScope(u.getHost(),u.getPort(), realm.length()==0 ? null : realm //"" is not the same as no realm ,AuthScope.ANY_SCHEME), // NT Includes other types of Credentials new NTCredentials( username, auth.getPass(), localHost, domain )); // We have credentials - should we set pre-emptive authentication? if (canSetPreEmptive){ log.debug("Setting Pre-emptive authentication"); params.setAuthenticationPreemptive(true); } } else { state.clearCredentials(); if (canSetPreEmptive){ params.setAuthenticationPreemptive(false); } } } else { state.clearCredentials(); } }
public void configureHttpClient(HttpClient client) { Credentials credentials = new NTCredentials(username, password, host, domain); if (proxy) { client.getState().setProxyCredentials(AuthScope.ANY, credentials); } else { client.getState().setCredentials(AuthScope.ANY, credentials); } }
@Override protected String getType1MessageResponse(NTCredentials ntcredentials, HttpMethodParams params) { if (!params.getBooleanParameter(WebServiceHelper.USE_NATIVE_CREDENTIALS, false) || myAuthSequenceObject == null) { return super.getType1MessageResponse(ntcredentials, params); } try { return (String)myGetAuthHeaderMethod.invoke(myAuthSequenceObject, new Object[]{null}); } catch (Throwable t) { LOG.warn("Native authentication failed", t); return ""; } }
@Override protected String getType3MessageResponse(String type2message, NTCredentials ntcredentials, HttpMethodParams params) throws AuthenticationException { if (!params.getBooleanParameter(WebServiceHelper.USE_NATIVE_CREDENTIALS, false) || myAuthSequenceObject == null) { return super.getType3MessageResponse(type2message, ntcredentials, params); } try { return (String)myGetAuthHeaderMethod.invoke(myAuthSequenceObject, new Object[]{type2message}); } catch (Throwable t) { LOG.warn("Native authentication failed", t); return ""; } }
/** * Prepare asynchronous connection. * * @throws EWSHttpException * throws EWSHttpException */ public void prepareAsyncConnection() throws EWSHttpException { try { if(trustManger != null) { EwsSSLProtocolSocketFactory.trustManager = trustManger; } Protocol.registerProtocol("https", new Protocol("https", new EwsSSLProtocolSocketFactory(), 443)); AuthPolicy.registerAuthScheme(AuthPolicy.NTLM, EwsJCIFSNTLMScheme.class); client = new HttpClient(this.simpleHttpConnMng); List authPrefs = new ArrayList(); authPrefs.add(AuthPolicy.NTLM); authPrefs.add(AuthPolicy.BASIC); authPrefs.add(AuthPolicy.DIGEST); client.getParams().setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, authPrefs); client.getState().setCredentials(AuthScope.ANY, new NTCredentials(getUserName(),getPassword(),"",getDomain())); client.getHttpConnectionManager().getParams().setSoTimeout(getTimeout()); client.getHttpConnectionManager().getParams().setConnectionTimeout(20000); httpMethod = new GetMethod(getUrl().toString()); httpMethod.setFollowRedirects(isAllowAutoRedirect()); int status = client.executeMethod(httpMethod); } catch (IOException e) { client = null; httpMethod = null; throw new EWSHttpException("Unable to open connection to " + this.getUrl()); } }
@Override protected void configureHttpClient(HttpClient client) { super.configureHttpClient(client); if (isUseNTLM()) { client.getParams().setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, Arrays.asList(AuthPolicy.NTLM)); AuthScope authScope = new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT); Credentials credentials = new NTCredentials(getUsername(), getPassword(), getHost(), getDomain()); client.getState().setCredentials(authScope, credentials); } }
/** * Configures the HTTP client */ private void configureClient() { // Set up an HTTPS socket factory that accepts self-signed certs. // ProtocolSocketFactory factory = new SSLProtocolSocketFactory(); ProtocolSocketFactory factory = new DummySSLProtocolSocketFactory(); Protocol https = new Protocol("https", factory, 443); Protocol.registerProtocol("https", https); HttpConnectionManagerParams params = connectionManager.getParams(); params.setConnectionTimeout(timeout); params.setSoTimeout(timeout); params.setSendBufferSize(BUFFER_SIZE); params.setReceiveBufferSize(BUFFER_SIZE); // -------------------------------------------------------------------------------- // NUTCH-1836: Modification to increase the number of available connections // for multi-threaded crawls. // -------------------------------------------------------------------------------- params.setMaxTotalConnections(conf.getInt( "mapred.tasktracker.map.tasks.maximum", 5) * conf.getInt("fetcher.threads.fetch", maxThreadsTotal)); // Also set max connections per host to maxThreadsTotal since all threads // might be used to fetch from the same host - otherwise timeout errors can // occur params.setDefaultMaxConnectionsPerHost(conf.getInt( "fetcher.threads.fetch", maxThreadsTotal)); // executeMethod(HttpMethod) seems to ignore the connection timeout on the // connection manager. // set it explicitly on the HttpClient. client.getParams().setConnectionManagerTimeout(timeout); HostConfiguration hostConf = client.getHostConfiguration(); ArrayList<Header> headers = new ArrayList<Header>(); // Set the User Agent in the header // headers.add(new Header("User-Agent", userAgent)); //NUTCH-1941 // prefer English headers.add(new Header("Accept-Language", acceptLanguage)); // prefer UTF-8 headers.add(new Header("Accept-Charset", "utf-8,ISO-8859-1;q=0.7,*;q=0.7")); // prefer understandable formats headers .add(new Header( "Accept", "text/html,application/xml;q=0.9,application/xhtml+xml,text/xml;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5")); // accept gzipped content headers.add(new Header("Accept-Encoding", "x-gzip, gzip, deflate")); hostConf.getParams().setParameter("http.default-headers", headers); // HTTP proxy server details if (useProxy) { hostConf.setProxy(proxyHost, proxyPort); if (proxyUsername.length() > 0) { AuthScope proxyAuthScope = getAuthScope(this.proxyHost, this.proxyPort, this.proxyRealm); NTCredentials proxyCredentials = new NTCredentials(this.proxyUsername, this.proxyPassword, Http.agentHost, this.proxyRealm); client.getState().setProxyCredentials(proxyAuthScope, proxyCredentials); } } }
/** * If credentials for the authentication scope determined from the specified * <code>url</code> is not already set in the HTTP client, then this method * sets the default credentials to fetch the specified <code>url</code>. If * credentials are found for the authentication scope, the method returns * without altering the client. * * @param url * URL to be fetched */ private void resolveCredentials(URL url) { if (formConfigurer != null) { HttpFormAuthentication formAuther = new HttpFormAuthentication( formConfigurer, client, this); try { formAuther.login(); } catch (Exception e) { throw new RuntimeException(e); } return; } if (defaultUsername != null && defaultUsername.length() > 0) { int port = url.getPort(); if (port == -1) { if ("https".equals(url.getProtocol())) port = 443; else port = 80; } AuthScope scope = new AuthScope(url.getHost(), port); if (client.getState().getCredentials(scope) != null) { if (LOG.isTraceEnabled()) LOG.trace("Pre-configured credentials with scope - host: " + url.getHost() + "; port: " + port + "; found for url: " + url); // Credentials are already configured, so do nothing and return return; } if (LOG.isTraceEnabled()) LOG.trace("Pre-configured credentials with scope - host: " + url.getHost() + "; port: " + port + "; not found for url: " + url); AuthScope serverAuthScope = getAuthScope(url.getHost(), port, defaultRealm, defaultScheme); NTCredentials serverCredentials = new NTCredentials(defaultUsername, defaultPassword, agentHost, defaultRealm); client.getState().setCredentials(serverAuthScope, serverCredentials); } }
public static HttpClientConfigurer ntlmAutenticationConfigurer(boolean proxy, String user, String pwd, String domain, String host) { return new AuthenticationHttpClientConfigurer(proxy, new NTCredentials(user, pwd, host, domain)); }
protected String getType1MessageResponse(NTCredentials ntcredentials, HttpMethodParams params) { // we cannot put local computer name into credentials, as HttpMethodDirector.authenticateHost() expects it to be server's name Type1Message t1m = new Type1Message(MESSAGE_1_DEFAULT_FLAGS, ntcredentials.getDomain(), Workstation.getComputerName()); return Base64.encode(t1m.toByteArray()); }
/** * Configures the HTTP client */ private void configureClient() { // Set up an HTTPS socket factory that accepts self-signed certs. Protocol https = new Protocol("https", new DummySSLProtocolSocketFactory(), 443); Protocol.registerProtocol("https", https); HttpConnectionManagerParams params = connectionManager.getParams(); params.setConnectionTimeout(timeout); params.setSoTimeout(timeout); params.setSendBufferSize(BUFFER_SIZE); params.setReceiveBufferSize(BUFFER_SIZE); params.setMaxTotalConnections(maxThreadsTotal); // executeMethod(HttpMethod) seems to ignore the connection timeout on the connection manager. // set it explicitly on the HttpClient. client.getParams().setConnectionManagerTimeout(timeout); HostConfiguration hostConf = client.getHostConfiguration(); ArrayList headers = new ArrayList(); // Set the User Agent in the header headers.add(new Header("User-Agent", userAgent)); // prefer English headers.add(new Header("Accept-Language", acceptLanguage)); // prefer UTF-8 headers.add(new Header("Accept-Charset", "utf-8,ISO-8859-1;q=0.7,*;q=0.7")); // prefer understandable formats headers.add(new Header("Accept", "text/html,application/xml;q=0.9,application/xhtml+xml,text/xml;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5")); // accept gzipped content headers.add(new Header("Accept-Encoding", "x-gzip, gzip, deflate")); hostConf.getParams().setParameter("http.default-headers", headers); // HTTP proxy server details if (useProxy) { hostConf.setProxy(proxyHost, proxyPort); if (proxyUsername.length() > 0) { AuthScope proxyAuthScope = getAuthScope( this.proxyHost, this.proxyPort, this.proxyRealm); NTCredentials proxyCredentials = new NTCredentials( this.proxyUsername, this.proxyPassword, this.agentHost, this.proxyRealm); client.getState().setProxyCredentials( proxyAuthScope, proxyCredentials); } } }
/** * If credentials for the authentication scope determined from the * specified <code>url</code> is not already set in the HTTP client, * then this method sets the default credentials to fetch the * specified <code>url</code>. If credentials are found for the * authentication scope, the method returns without altering the * client. * * @param url URL to be fetched */ private void resolveCredentials(URL url) { if (defaultUsername != null && defaultUsername.length() > 0) { int port = url.getPort(); if (port == -1) { if ("https".equals(url.getProtocol())) port = 443; else port = 80; } AuthScope scope = new AuthScope(url.getHost(), port); if (client.getState().getCredentials(scope) != null) { if (LOG.isTraceEnabled()) LOG.trace("Pre-configured credentials with scope - host: " + url.getHost() + "; port: " + port + "; found for url: " + url); // Credentials are already configured, so do nothing and return return; } if (LOG.isTraceEnabled()) LOG.trace("Pre-configured credentials with scope - host: " + url.getHost() + "; port: " + port + "; not found for url: " + url); AuthScope serverAuthScope = getAuthScope( url.getHost(), port, defaultRealm, defaultScheme); NTCredentials serverCredentials = new NTCredentials( defaultUsername, defaultPassword, agentHost, defaultRealm); client.getState().setCredentials( serverAuthScope, serverCredentials); } }
/** * Prepare connection * * @throws EWSHttpException * the eWS http exception */ @Override public void prepareConnection() throws EWSHttpException { if(trustManger != null) { EwsSSLProtocolSocketFactory.trustManager = trustManger; } Protocol.registerProtocol("https", new Protocol("https", new EwsSSLProtocolSocketFactory(), 443)); AuthPolicy.registerAuthScheme(AuthPolicy.NTLM, EwsJCIFSNTLMScheme.class); client = new HttpClient(this.simpleHttpConnMng); List authPrefs = new ArrayList(); authPrefs.add(AuthPolicy.NTLM); authPrefs.add(AuthPolicy.BASIC); authPrefs.add(AuthPolicy.DIGEST); client.getParams().setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, authPrefs); if(getProxy() != null) { client.getHostConfiguration().setProxy(getProxy().getHost(),getProxy().getPort()); if (HttpProxyCredentials.isProxySet()) { AuthScope authScope = new AuthScope(getProxy().getHost(), getProxy().getPort()); client.getState().setProxyCredentials(authScope, new NTCredentials(HttpProxyCredentials.getUserName(), HttpProxyCredentials.getPassword(), "",HttpProxyCredentials.getDomain())); //new AuthScope(AuthScope.ANY_HOST, 80, AuthScope.ANY_REALM) } } if(getUserName() != null) { client.getState().setCredentials(AuthScope.ANY, new NTCredentials(getUserName(),getPassword(),"",getDomain())); } client.getHttpConnectionManager().getParams().setSoTimeout(getTimeout()); client.getHttpConnectionManager().getParams().setConnectionTimeout(getTimeout()); httpMethod = new PostMethod(getUrl().toString()); httpMethod.setRequestHeader("Content-type", getContentType()); httpMethod.setDoAuthentication(true); httpMethod.setRequestHeader("User-Agent", getUserAgent()); httpMethod.setRequestHeader("Accept", getAccept()); httpMethod.setRequestHeader("Keep-Alive", "300"); httpMethod.setRequestHeader("Connection", "Keep-Alive"); if(this.cookies !=null && this.cookies.length > 0){ client.getState().addCookies(this.cookies); } //httpMethod.setFollowRedirects(isAllowAutoRedirect()); if (isAcceptGzipEncoding()) { httpMethod.setRequestHeader("Accept-Encoding", "gzip,deflate"); } if (getHeaders().size() > 0){ for (Map.Entry httpHeader : getHeaders().entrySet()) { httpMethod.setRequestHeader((String)httpHeader.getKey(), (String)httpHeader.getValue()); } } }
