001
014
015 package com.liferay.portal.servlet.filters.sso.ntlm;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019 import com.liferay.portal.kernel.servlet.BrowserSnifferUtil;
020 import com.liferay.portal.kernel.servlet.HttpHeaders;
021 import com.liferay.portal.kernel.servlet.HttpMethods;
022 import com.liferay.portal.kernel.util.GetterUtil;
023 import com.liferay.portal.kernel.util.PropsKeys;
024 import com.liferay.portal.servlet.filters.BasePortalFilter;
025 import com.liferay.portal.util.PortalInstances;
026 import com.liferay.portal.util.PrefsPropsUtil;
027 import com.liferay.portal.util.PropsValues;
028
029 import javax.servlet.FilterChain;
030 import javax.servlet.http.HttpServletRequest;
031 import javax.servlet.http.HttpServletResponse;
032
033 import jcifs.ntlmssp.Type1Message;
034 import jcifs.ntlmssp.Type2Message;
035
036 import jcifs.util.Base64;
037
038
041 public class NtlmPostFilter extends BasePortalFilter {
042
043 @Override
044 protected Log getLog() {
045 return _log;
046 }
047
048 @Override
049 protected void processFilter(
050 HttpServletRequest request, HttpServletResponse response,
051 FilterChain filterChain)
052 throws Exception {
053
054 long companyId = PortalInstances.getCompanyId(request);
055
056 if (PrefsPropsUtil.getBoolean(
057 companyId, PropsKeys.NTLM_AUTH_ENABLED,
058 PropsValues.NTLM_AUTH_ENABLED) &&
059 BrowserSnifferUtil.isIe(request) &&
060 request.getMethod().equals(HttpMethods.POST)) {
061
062 String authorization = GetterUtil.getString(
063 request.getHeader(HttpHeaders.AUTHORIZATION));
064
065 if (authorization.startsWith("NTLM ")) {
066 byte[] src = Base64.decode(authorization.substring(5));
067
068 if (src[8] == 1) {
069 Type1Message type1 = new Type1Message(src);
070 Type2Message type2 = new Type2Message(
071 type1, new byte[8], null);
072
073 authorization = Base64.encode(type2.toByteArray());
074
075 response.setHeader(
076 HttpHeaders.WWW_AUTHENTICATE, "NTLM " + authorization);
077 response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
078 response.setContentLength(0);
079
080 response.flushBuffer();
081
082 return;
083 }
084 }
085 }
086
087 processFilter(NtlmPostFilter.class, request, response, filterChain);
088 }
089
090 private static final Log _log = LogFactoryUtil.getLog(NtlmPostFilter.class);
091
092 }