You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@commons.apache.org by ad...@apache.org on 2003/08/16 02:41:24 UTC
cvs commit: jakarta-commons/httpclient/src/java/org/apache/commons/httpclient NTCredentials.java
adrian 2003/08/15 17:41:24
Modified: httpclient/src/java/org/apache/commons/httpclient/auth
NTLMScheme.java NTLM.java
httpclient/xdocs authentication.xml
httpclient/src/java/org/apache/commons/httpclient
NTCredentials.java
Log:
Removed auto-configuration of JCE and updated documentation relating to NTLM.
PR: Bug 22073 and Bug 22424
Reviewed by: Oleg Kalnichevski and Michael Becke
Revision Changes Path
1.11 +10 -8 jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/NTLMScheme.java
Index: NTLMScheme.java
===================================================================
RCS file: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/NTLMScheme.java,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- NTLMScheme.java 13 Aug 2003 19:57:10 -0000 1.10
+++ NTLMScheme.java 16 Aug 2003 00:41:24 -0000 1.11
@@ -68,10 +68,9 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-/**
- * <p>
- * Microsoft proprietary NTLM authentication scheme.
- * </p>
+/** An implementation of the Microsoft proprietary NTLM authentication scheme. For a detailed
+ * explanation of the NTLM scheme please see <a href="http://davenport.sourceforge.net/ntlm.html">
+ * http://davenport.sourceforge.net/ntlm.html</a>.
*
* @author <a href="mailto:remm@apache.org">Remy Maucherat</a>
* @author Rodney Waldhoff
@@ -154,7 +153,10 @@
/**
- * Returns authentication parameter with the given name, if available.
+ * Returns the authentication parameter with the given name, if available.
+ *
+ * <p>There are no valid parameters for NTLM authentication so this method always returns
+ * <tt>null</tt>.</p>
*
* @param name The name of the parameter to be returned
*
1.4 +24 -39 jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/NTLM.java
Index: NTLM.java
===================================================================
RCS file: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/NTLM.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- NTLM.java 22 Jul 2003 18:10:25 -0000 1.3
+++ NTLM.java 16 Aug 2003 00:41:24 -0000 1.4
@@ -66,7 +66,6 @@
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
-import java.security.Security;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
@@ -88,6 +87,12 @@
* exists for it. This class is based upon the reverse engineering
* efforts of a wide range of people.</p>
*
+ * <p>Please note that an implementation of JCE must be correctly installed and configured when
+ * using NTLM support.</p>
+ *
+ * <p>This class should not be used externally to HttpClient as it's API is specifically
+ * designed to work with HttpClient's use case, in particular it's connection management.</p>
+ *
* @author <a href="mailto:adrian@ephox.com">Adrian Sutton</a>
* @author <a href="mailto:jsdever@apache.org">Jeff Dever</a>
* @author <a href="mailto:mbowler@GargoyleSoftware.com">Mike Bowler</a>
@@ -109,31 +114,6 @@
/** Character encoding */
public static final String DEFAULT_CHARSET = "ASCII";
- //Initialize the security provider
- static {
- //TODO: do not use System properties
- final String secProviderName
- = System.getProperty("httpclient.security.provider",
- "com.sun.crypto.provider.SunJCE");
- try {
- java.security.Provider secProvider = (java.security.Provider)
- Class.forName(secProviderName).newInstance();
- Security.addProvider(secProvider);
- } catch (ClassNotFoundException e) {
- LOG.error("Specified security provider " + secProviderName
- + " could not be found by the class loader", e);
- } catch (ClassCastException e) {
- LOG.error("Specified security provider " + secProviderName
- + " is not of type java.security.Provider", e);
- } catch (InstantiationException e) {
- LOG.error("Specified security provider " + secProviderName
- + " could not be instantiated", e);
- } catch (IllegalAccessException e) {
- LOG.error("Specified security provider " + secProviderName
- + " does not allow access to the constructor", e);
- }
- }
-
/**
* Returns the response for the given message.
*
@@ -278,10 +258,12 @@
}
/**
- * TODO: Figure out what this method really does.
- * @param host The host
- * @param domain The domain
- * @return String
+ * Creates the first message (type 1 message) in the NTLM authentication sequence.
+ * This message includes the user name, domain and host for the authentication session.
+ *
+ * @param host the computer name of the host requesting authentication.
+ * @param domain The domain to authenticate with.
+ * @return String the message to add to the HTTP request header.
*/
private String getType1Message(String host, String domain) {
host = host.toUpperCase();
@@ -370,11 +352,14 @@
}
/**
- * Creates the type 3 message using the given server nonce.
- * @param user The user.
+ * Creates the type 3 message using the given server nonce. The type 3 message includes all the
+ * information for authentication, host, domain, username and the result of encrypting the
+ * nonce sent by the server using the user's password as the key.
+ *
+ * @param user The user name. This should not include the domain name.
* @param password The password.
- * @param host The host.
- * @param domain The domain.
+ * @param host The host that is originating the authentication request.
+ * @param domain The domain to authenticate within.
* @param nonce the 8 byte array the server sent.
* @return The type 3 message.
* @throws AuthenticationException If {@encrypt(byte[],byte[])} fails.
@@ -583,7 +568,7 @@
/**
* Converts a given number to a two byte array in little endian order.
* @param num the number to convert.
- * @return The new array.
+ * @return The byte representation of <i>num</i> in little endian order.
*/
private byte[] convertShort(int num) {
byte[] val = new byte[2];
1.8 +12 -3 jakarta-commons/httpclient/xdocs/authentication.xml
Index: authentication.xml
===================================================================
RCS file: /home/cvs/jakarta-commons/httpclient/xdocs/authentication.xml,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- authentication.xml 14 Aug 2003 00:09:51 -0000 1.7
+++ authentication.xml 16 Aug 2003 00:41:24 -0000 1.8
@@ -159,9 +159,18 @@
<section name="Troubleshooting">
<p>Some authentication schemes may use cryptographic algorithms. It is recommended to include the
<a href="http://java.sun.com/products/jce/" target="_blank">Java Cryptography Extension</a> in
- your runtime environment prior to JDK 1.4.
-
+ your runtime environment prior to JDK 1.4. Also note that you must register the JCE
+ implementation manually as HttpClient will not do so automatically. For instance to
+ register the Sun JCE implementation, you should execute the following code before attempting
+ to use HttpClient.
</p>
+
+ <source>
+String secProviderName = "com.sun.crypto.provider.SunJCE");
+java.security.Provider secProvider =
+ (java.security.Provider)Class.forName(secProviderName).newInstance();
+Security.addProvider(secProvider);
+ </source>
</section>
</body>
1.7 +19 -18 jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/NTCredentials.java
Index: NTCredentials.java
===================================================================
RCS file: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/NTCredentials.java,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- NTCredentials.java 30 Jan 2003 05:01:54 -0000 1.6
+++ NTCredentials.java 16 Aug 2003 00:41:24 -0000 1.7
@@ -63,8 +63,8 @@
package org.apache.commons.httpclient;
-/**
- * <p>Username and password {@link Credentials}.</p>
+/** {@link Credentials} for use with the NTLM authentication scheme which requires additional
+ * information.
*
* @author <a href="mailto:adrian@ephox.com">Adrian Sutton</a>
* @author <a href="mailto:mbowler@GargoyleSoftware.com">Mike Bowler</a>
@@ -77,10 +77,10 @@
// ----------------------------------------------------- Instance Variables
- /** The Domain. */
+ /** The Domain to authenticate with. */
private String domain;
- /** The Host. */
+ /** The host the authentication request is originating from. */
private String host;
@@ -95,10 +95,12 @@
/**
* Constructor.
- * @param userName The user name.
+ * @param userName The user name. This should not include the domain to authenticate with.
+ * For example: "user" is correct whereas "DOMAIN\\user" is not.
* @param password The password.
- * @param host The host.
- * @param domain The domain.
+ * @param host The host the authentication request is originating from. Essentially, the
+ * computer name for this machine.
+ * @param domain The domain to authenticate within.
*/
public NTCredentials(String userName, String password, String host,
String domain) {
@@ -110,7 +112,7 @@
/**
- * Domain property setter.
+ * Sets the domain to authenticate with.
*
* @param domain the NT domain to authenticate in.
*
@@ -122,9 +124,9 @@
}
/**
- * Domain property getter.
+ * Retrieves the name to authenticate with.
*
- * @return String domain
+ * @return String the domain these credentials are intended to authenticate with.
*
* @see #setDomain(String)
*
@@ -133,8 +135,7 @@
return domain;
}
- /**
- * Host property setter.
+ /** Sets the host name of the computer originating the request.
*
* @param host the Host the user is logged into.
*/
@@ -143,9 +144,9 @@
}
/**
- * Host property getter.
+ * Retrieves the host name of the computer originating the request.
*
- * @return String host.
+ * @return String the host the user is logged into.
*/
public String getHost() {
return this.host;
---------------------------------------------------------------------
To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-dev-help@jakarta.apache.org