001
014
015 package com.liferay.portal.security.ntlm;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019 import com.liferay.portal.security.ntlm.msrpc.NetlogonAuthenticator;
020 import com.liferay.portal.security.ntlm.msrpc.NetlogonIdentityInfo;
021 import com.liferay.portal.security.ntlm.msrpc.NetlogonNetworkInfo;
022 import com.liferay.portal.security.ntlm.msrpc.NetlogonValidationSamInfo;
023 import com.liferay.portal.security.ntlm.msrpc.NetrLogonSamLogon;
024
025 import java.io.IOException;
026
027 import java.security.NoSuchAlgorithmException;
028
029 import jcifs.dcerpc.DcerpcBinding;
030 import jcifs.dcerpc.DcerpcHandle;
031 import jcifs.dcerpc.UnicodeString;
032
033 import jcifs.smb.SmbException;
034
035
039 public class Netlogon {
040
041 public NtlmUserAccount logon(
042 String domain, String userName, String workstation,
043 byte[] serverChallenge, byte[] ntResponse, byte[] lmResponse)
044 throws NtlmLogonException {
045
046 NetlogonConnection netlogonConnection = new NetlogonConnection();
047
048 try {
049 netlogonConnection.connect(
050 _domainController, _domainControllerName, _ntlmServiceAccount);
051
052 NetlogonAuthenticator netlogonAuthenticator =
053 netlogonConnection.computeNetlogonAuthenticator();
054
055 NetlogonIdentityInfo netlogonIdentityInfo =
056 new NetlogonIdentityInfo(
057 domain, 0x00000820, 0, 0, userName, workstation);
058
059 NetlogonNetworkInfo netlogonNetworkInfo = new NetlogonNetworkInfo(
060 netlogonIdentityInfo, serverChallenge, ntResponse, lmResponse);
061
062 NetrLogonSamLogon netrLogonSamLogon = new NetrLogonSamLogon(
063 _domainControllerName, _ntlmServiceAccount.getComputerName(),
064 netlogonAuthenticator, new NetlogonAuthenticator(), 2,
065 netlogonNetworkInfo, 2, new NetlogonValidationSamInfo(), 0);
066
067 DcerpcHandle dcerpcHandle = netlogonConnection.getDcerpcHandle();
068
069 dcerpcHandle.sendrecv(netrLogonSamLogon);
070
071 if (netrLogonSamLogon.getStatus() == 0) {
072 NetlogonValidationSamInfo netlogonValidationSamInfo =
073 netrLogonSamLogon.getNetlogonValidationSamInfo();
074
075 UnicodeString name = new UnicodeString(
076 netlogonValidationSamInfo.getEffectiveName(), false);
077
078 return new NtlmUserAccount(name.toString());
079 }
080
081 SmbException smbe = new SmbException(
082 netrLogonSamLogon.getStatus(), false);
083
084 throw new NtlmLogonException(
085 "Unable to authenticate user: " + smbe.getMessage());
086 }
087 catch (NoSuchAlgorithmException nsae) {
088 throw new NtlmLogonException(
089 "Unable to authenticate due to invalid encryption algorithm",
090 nsae);
091 }
092 catch (IOException ioe) {
093 throw new NtlmLogonException(
094 "Unable to authenticate due to communication failure with " +
095 "server",
096 ioe);
097 }
098 finally {
099 try {
100 netlogonConnection.disconnect();
101 }
102 catch (Exception e) {
103 _log.error("Unable to disconnect Netlogon connection", e);
104 }
105 }
106 }
107
108 public void setConfiguration(
109 String domainController, String domainControllerName,
110 NtlmServiceAccount ntlmServiceAccount) {
111
112 _domainController = domainController;
113 _domainControllerName = domainControllerName;
114 _ntlmServiceAccount = ntlmServiceAccount;
115 }
116
117 private static Log _log = LogFactoryUtil.getLog(Netlogon.class);
118
119 private String _domainController;
120 private String _domainControllerName;
121 private NtlmServiceAccount _ntlmServiceAccount;
122
123 static {
124 DcerpcBinding.addInterface(
125 "netlogon", "12345678-1234-abcd-ef00-01234567cffb:1.0");
126 }
127
128 }