001
014
015 package com.liferay.portal.security.ntlm;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019 import com.liferay.portal.security.ntlm.msrpc.NetlogonAuthenticator;
020 import com.liferay.portal.security.ntlm.msrpc.NetlogonIdentityInfo;
021 import com.liferay.portal.security.ntlm.msrpc.NetlogonNetworkInfo;
022 import com.liferay.portal.security.ntlm.msrpc.NetlogonValidationSamInfo;
023 import com.liferay.portal.security.ntlm.msrpc.NetrLogonSamLogon;
024
025 import java.io.IOException;
026
027 import java.security.NoSuchAlgorithmException;
028 import java.security.SecureRandom;
029
030 import jcifs.dcerpc.DcerpcBinding;
031 import jcifs.dcerpc.DcerpcHandle;
032 import jcifs.dcerpc.UnicodeString;
033
034
038 public class Netlogon {
039
040 static {
041 DcerpcBinding.addInterface(
042 "netlogon", "12345678-1234-abcd-ef00-01234567cffb:1.0");
043 }
044
045 public NtlmUserAccount logon(
046 String domain, String userName, String workstation,
047 byte[] serverChallenge, byte[] ntResponse, byte[] lmResponse)
048 throws NtlmLogonException {
049
050 NetlogonConnection netlogonConnection = new NetlogonConnection();
051
052 try {
053
054 netlogonConnection.connect(
055 _domainController,_domainControllerName, _ntlmServiceAccount,
056 _secureRandom);
057
058 NetlogonAuthenticator netlogonAuthenticator =
059 netlogonConnection.computeNetlogonAuthenticator();
060
061 NetlogonIdentityInfo netlogonIdentityInfo =
062 new NetlogonIdentityInfo(
063 domain, 0x00000820, 0, 0, userName, workstation);
064
065 NetlogonNetworkInfo netlogonNetworkInfo = new NetlogonNetworkInfo(
066 netlogonIdentityInfo, serverChallenge, ntResponse, lmResponse);
067
068 NetrLogonSamLogon netrLogonSamLogon = new NetrLogonSamLogon(
069 _domainControllerName, _ntlmServiceAccount.getComputerName(),
070 netlogonAuthenticator, new NetlogonAuthenticator(), 2,
071 netlogonNetworkInfo, 2, new NetlogonValidationSamInfo(), 0);
072
073 DcerpcHandle dcerpcHandle = netlogonConnection.getDcerpcHandle();
074
075 dcerpcHandle.sendrecv(netrLogonSamLogon);
076
077 if (netrLogonSamLogon.getStatus() == 0) {
078 NetlogonValidationSamInfo netlogonValidationSamInfo =
079 netrLogonSamLogon.getNetlogonValidationSamInfo();
080
081 UnicodeString name = new UnicodeString(
082 netlogonValidationSamInfo.getEffectiveName(), false);
083
084 return new NtlmUserAccount(name.toString());
085 }
086 else {
087 throw new NtlmLogonException(
088 "Unable to authenticate due to status " +
089 netrLogonSamLogon.getStatus());
090 }
091 }
092 catch (NoSuchAlgorithmException e) {
093 throw new NtlmLogonException(
094 "Unable to authenticate due to invalid encryption algorithm",
095 e);
096 }
097 catch (IOException e) {
098 throw new NtlmLogonException(
099 "Unable to authenticate due to communication failure with " +
100 "server",
101 e);
102 }
103 finally {
104 try {
105 netlogonConnection.disconnect();
106 }
107 catch (Exception e) {
108 _log.error("Unable to disconnect Netlogon connection", e);
109 }
110 }
111 }
112
113 public void setConfiguration(
114 String domainController, String domainControllerName,
115 NtlmServiceAccount ntlmServiceAccount) {
116
117 _domainController = domainController;
118 _domainControllerName = domainControllerName;
119 _ntlmServiceAccount = ntlmServiceAccount;
120 }
121
122 private static Log _log = LogFactoryUtil.getLog(Netlogon.class);
123
124 private String _domainController;
125 private String _domainControllerName;
126 private NtlmServiceAccount _ntlmServiceAccount;
127 private SecureRandom _secureRandom = new SecureRandom();
128
129 }