001    /**
002     * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.ntlm;
016    
017    import com.liferay.portal.kernel.log.Log;
018    import com.liferay.portal.kernel.log.LogFactoryUtil;
019    import com.liferay.portal.security.ntlm.msrpc.NetlogonAuthenticator;
020    import com.liferay.portal.security.ntlm.msrpc.NetlogonIdentityInfo;
021    import com.liferay.portal.security.ntlm.msrpc.NetlogonNetworkInfo;
022    import com.liferay.portal.security.ntlm.msrpc.NetlogonValidationSamInfo;
023    import com.liferay.portal.security.ntlm.msrpc.NetrLogonSamLogon;
024    
025    import java.io.IOException;
026    
027    import java.security.NoSuchAlgorithmException;
028    import java.security.SecureRandom;
029    
030    import jcifs.dcerpc.DcerpcBinding;
031    import jcifs.dcerpc.DcerpcHandle;
032    import jcifs.dcerpc.UnicodeString;
033    
034    /**
035     * @author Marcellus Tavares
036     * @author Michael C. Han
037     */
038    public class Netlogon {
039    
040            static {
041                    DcerpcBinding.addInterface(
042                            "netlogon", "12345678-1234-abcd-ef00-01234567cffb:1.0");
043            }
044    
045            public NtlmUserAccount logon(
046                            String domain, String userName, String workstation,
047                            byte[] serverChallenge,    byte[] ntResponse, byte[] lmResponse)
048                    throws NtlmLogonException {
049    
050                    NetlogonConnection netlogonConnection = new NetlogonConnection();
051    
052                    try {
053    
054                            netlogonConnection.connect(
055                                    _domainController,_domainControllerName, _ntlmServiceAccount,
056                                    _secureRandom);
057    
058                            NetlogonAuthenticator netlogonAuthenticator =
059                                    netlogonConnection.computeNetlogonAuthenticator();
060    
061                            NetlogonIdentityInfo netlogonIdentityInfo =
062                                    new NetlogonIdentityInfo(
063                                            domain, 0x00000820, 0, 0, userName, workstation);
064    
065                            NetlogonNetworkInfo netlogonNetworkInfo = new NetlogonNetworkInfo(
066                                    netlogonIdentityInfo, serverChallenge,  ntResponse, lmResponse);
067    
068                            NetrLogonSamLogon netrLogonSamLogon = new NetrLogonSamLogon(
069                                    _domainControllerName, _ntlmServiceAccount.getComputerName(),
070                                    netlogonAuthenticator, new NetlogonAuthenticator(), 2,
071                                    netlogonNetworkInfo, 2, new NetlogonValidationSamInfo(), 0);
072    
073                            DcerpcHandle dcerpcHandle = netlogonConnection.getDcerpcHandle();
074    
075                            dcerpcHandle.sendrecv(netrLogonSamLogon);
076    
077                            if (netrLogonSamLogon.getStatus() == 0) {
078                                    NetlogonValidationSamInfo netlogonValidationSamInfo =
079                                            netrLogonSamLogon.getNetlogonValidationSamInfo();
080    
081                                    UnicodeString name = new UnicodeString(
082                                            netlogonValidationSamInfo.getEffectiveName(), false);
083    
084                                    return new NtlmUserAccount(name.toString());
085                            }
086                            else {
087                                    throw new NtlmLogonException(
088                                            "Unable to authenticate due to status " +
089                                                    netrLogonSamLogon.getStatus());
090                            }
091                    }
092                    catch (NoSuchAlgorithmException e) {
093                            throw new NtlmLogonException(
094                                    "Unable to authenticate due to invalid encryption algorithm",
095                                    e);
096                    }
097                    catch (IOException e) {
098                            throw new NtlmLogonException(
099                                    "Unable to authenticate due to communication failure with " +
100                                            "server",
101                                    e);
102                    }
103                    finally {
104                            try {
105                                    netlogonConnection.disconnect();
106                            }
107                            catch (Exception e) {
108                                    _log.error("Unable to disconnect Netlogon connection", e);
109                            }
110                    }
111            }
112    
113            public void setConfiguration(
114                    String domainController, String domainControllerName,
115                    NtlmServiceAccount ntlmServiceAccount) {
116    
117                    _domainController = domainController;
118                    _domainControllerName = domainControllerName;
119                    _ntlmServiceAccount = ntlmServiceAccount;
120            }
121    
122            private static Log _log = LogFactoryUtil.getLog(Netlogon.class);
123    
124            private String _domainController;
125            private String _domainControllerName;
126            private NtlmServiceAccount _ntlmServiceAccount;
127            private SecureRandom _secureRandom = new SecureRandom();
128    
129    }