001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.servlet.filters.sso.ntlm;
016    
017    import com.liferay.portal.kernel.log.Log;
018    import com.liferay.portal.kernel.log.LogFactoryUtil;
019    import com.liferay.portal.kernel.servlet.BrowserSnifferUtil;
020    import com.liferay.portal.kernel.servlet.HttpHeaders;
021    import com.liferay.portal.kernel.servlet.HttpMethods;
022    import com.liferay.portal.kernel.util.GetterUtil;
023    import com.liferay.portal.kernel.util.PropsKeys;
024    import com.liferay.portal.servlet.filters.BasePortalFilter;
025    import com.liferay.portal.util.PortalInstances;
026    import com.liferay.portal.util.PrefsPropsUtil;
027    import com.liferay.portal.util.PropsValues;
028    
029    import javax.servlet.FilterChain;
030    import javax.servlet.http.HttpServletRequest;
031    import javax.servlet.http.HttpServletResponse;
032    
033    import jcifs.ntlmssp.Type1Message;
034    import jcifs.ntlmssp.Type2Message;
035    
036    import jcifs.util.Base64;
037    
038    /**
039     * @author Brian Wing Shun Chan
040     */
041    public class NtlmPostFilter extends BasePortalFilter {
042    
043            @Override
044            protected Log getLog() {
045                    return _log;
046            }
047    
048            @Override
049            protected void processFilter(
050                            HttpServletRequest request, HttpServletResponse response,
051                            FilterChain filterChain)
052                    throws Exception {
053    
054                    long companyId = PortalInstances.getCompanyId(request);
055    
056                    if (PrefsPropsUtil.getBoolean(
057                                    companyId, PropsKeys.NTLM_AUTH_ENABLED,
058                                    PropsValues.NTLM_AUTH_ENABLED) &&
059                            BrowserSnifferUtil.isIe(request) &&
060                            request.getMethod().equals(HttpMethods.POST)) {
061    
062                            String authorization = GetterUtil.getString(
063                                    request.getHeader(HttpHeaders.AUTHORIZATION));
064    
065                            if (authorization.startsWith("NTLM ")) {
066                                    byte[] src = Base64.decode(authorization.substring(5));
067    
068                                    if (src[8] == 1) {
069                                            Type1Message type1 = new Type1Message(src);
070                                            Type2Message type2 = new Type2Message(
071                                                    type1, new byte[8], null);
072    
073                                            authorization = Base64.encode(type2.toByteArray());
074    
075                                            response.setHeader(
076                                                    HttpHeaders.WWW_AUTHENTICATE, "NTLM " + authorization);
077                                            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
078                                            response.setContentLength(0);
079    
080                                            response.flushBuffer();
081    
082                                            return;
083                                    }
084                            }
085                    }
086    
087                    processFilter(NtlmPostFilter.class, request, response, filterChain);
088            }
089    
090            private static final Log _log = LogFactoryUtil.getLog(NtlmPostFilter.class);
091    
092    }