1 /*
2 * Licensed to the Apache Software Foundation (ASF) under one
3 * or more contributor license agreements. See the NOTICE file
4 * distributed with this work for additional information
5 * regarding copyright ownership. The ASF licenses this file
6 * to you under the Apache License, Version 2.0 (the
7 * "License"); you may not use this file except in compliance
8 * with the License. You may obtain a copy of the License at
9 *
10 * http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing,
13 * software distributed under the License is distributed on an
14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15 * KIND, either express or implied. See the License for the
16 * specific language governing permissions and limitations
17 * under the License.
18 */
19 package org.apache.chemistry.opencmis.client.bindings.spi;
20
21 import java.net.Authenticator;
22 import java.net.PasswordAuthentication;
23 import java.util.List;
24 import java.util.Map;
25
26 import org.w3c.dom.Element;
27
28 /**
29 * NTLM authentication provider class. USE WITH CARE!
30 *
31 * This authentication provider sets a {@link java.net.Authenticator} which will
32 * replace the current authenticator, if any. It will fail if this authenticator
33 * will be replaced by another part of the code.
34 *
35 * Since {@link java.net.Authenticator} is a system-wide authenticator, it will
36 * not reliably work in multi-user environments! To achieve that you have to
37 * wrap OpenCMIS into its own class loader.
38 */
39 public class NTLMAuthenticationProvider extends AbstractAuthenticationProvider {
40
41 private static final long serialVersionUID = 1L;
42
43 // java.net.Authenticator is static, so this can be static too
44 private static final OpenCMISAuthenticator authenticator = new OpenCMISAuthenticator();
45 static {
46 Authenticator.setDefault(authenticator);
47 }
48
49 @Override
50 public Map<String, List<String>> getHTTPHeaders(String url) {
51 // get user and password
52 String user = getUser();
53 String password = getPassword();
54
55 // if no user is set, reset the authenticator
56 if (user == null) {
57 authenticator.reset();
58 return null;
59 }
60
61 if (password == null) {
62 password = "";
63 }
64
65 // set user and password
66 authenticator.setPasswordAuthentication(user, password);
67
68 // OpenCMIS is not in charge of the authentication
69 // -> no HTTP header to set
70 return null;
71 }
72
73 @Override
74 public Element getSOAPHeaders(Object portObject) {
75 // no SOAP headers to set
76 return null;
77 }
78
79 /**
80 * OpenCMIS Authenticator class.
81 */
82 static class OpenCMISAuthenticator extends Authenticator {
83
84 private PasswordAuthentication passwordAuthentication;
85
86 /**
87 * Resets the user and password. The next request will not be
88 * authenticated.
89 */
90 public synchronized void reset() {
91 passwordAuthentication = null;
92 }
93
94 /**
95 * Sets a new user and password.
96 */
97 public synchronized void setPasswordAuthentication(String user, String password) {
98 passwordAuthentication = new PasswordAuthentication(user, password.toCharArray());
99 }
100
101 @Override
102 protected synchronized PasswordAuthentication getPasswordAuthentication() {
103 return passwordAuthentication;
104 }
105 }
106 }