001
014
015 package com.liferay.portal.security.ntlm;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019 import com.liferay.portal.security.ntlm.msrpc.NetlogonAuthenticator;
020 import com.liferay.portal.security.ntlm.msrpc.NetlogonIdentityInfo;
021 import com.liferay.portal.security.ntlm.msrpc.NetlogonNetworkInfo;
022 import com.liferay.portal.security.ntlm.msrpc.NetlogonValidationSamInfo;
023 import com.liferay.portal.security.ntlm.msrpc.NetrLogonSamLogon;
024
025 import java.io.IOException;
026
027 import java.security.NoSuchAlgorithmException;
028 import java.security.SecureRandom;
029
030 import jcifs.dcerpc.DcerpcBinding;
031 import jcifs.dcerpc.DcerpcHandle;
032 import jcifs.dcerpc.UnicodeString;
033
034 import jcifs.smb.SmbException;
035
036
040 public class Netlogon {
041
042 public NtlmUserAccount logon(
043 String domain, String userName, String workstation,
044 byte[] serverChallenge, byte[] ntResponse, byte[] lmResponse)
045 throws NtlmLogonException {
046
047 NetlogonConnection netlogonConnection = new NetlogonConnection();
048
049 try {
050
051 netlogonConnection.connect(
052 _domainController, _domainControllerName, _ntlmServiceAccount,
053 _secureRandom);
054
055 NetlogonAuthenticator netlogonAuthenticator =
056 netlogonConnection.computeNetlogonAuthenticator();
057
058 NetlogonIdentityInfo netlogonIdentityInfo =
059 new NetlogonIdentityInfo(
060 domain, 0x00000820, 0, 0, userName, workstation);
061
062 NetlogonNetworkInfo netlogonNetworkInfo = new NetlogonNetworkInfo(
063 netlogonIdentityInfo, serverChallenge, ntResponse, lmResponse);
064
065 NetrLogonSamLogon netrLogonSamLogon = new NetrLogonSamLogon(
066 _domainControllerName, _ntlmServiceAccount.getComputerName(),
067 netlogonAuthenticator, new NetlogonAuthenticator(), 2,
068 netlogonNetworkInfo, 2, new NetlogonValidationSamInfo(), 0);
069
070 DcerpcHandle dcerpcHandle = netlogonConnection.getDcerpcHandle();
071
072 dcerpcHandle.sendrecv(netrLogonSamLogon);
073
074 if (netrLogonSamLogon.getStatus() == 0) {
075 NetlogonValidationSamInfo netlogonValidationSamInfo =
076 netrLogonSamLogon.getNetlogonValidationSamInfo();
077
078 UnicodeString name = new UnicodeString(
079 netlogonValidationSamInfo.getEffectiveName(), false);
080
081 return new NtlmUserAccount(name.toString());
082 }
083 else {
084 SmbException smbe = new SmbException(
085 netrLogonSamLogon.getStatus(), false);
086
087 throw new NtlmLogonException(
088 "Unable to authenticate user: " + smbe.getMessage());
089 }
090 }
091 catch (NoSuchAlgorithmException e) {
092 throw new NtlmLogonException(
093 "Unable to authenticate due to invalid encryption algorithm",
094 e);
095 }
096 catch (IOException e) {
097 throw new NtlmLogonException(
098 "Unable to authenticate due to communication failure with " +
099 "server",
100 e);
101 }
102 finally {
103 try {
104 netlogonConnection.disconnect();
105 }
106 catch (Exception e) {
107 _log.error("Unable to disconnect Netlogon connection", e);
108 }
109 }
110 }
111
112 public void setConfiguration(
113 String domainController, String domainControllerName,
114 NtlmServiceAccount ntlmServiceAccount) {
115
116 _domainController = domainController;
117 _domainControllerName = domainControllerName;
118 _ntlmServiceAccount = ntlmServiceAccount;
119 }
120
121 private static Log _log = LogFactoryUtil.getLog(Netlogon.class);
122
123 private String _domainController;
124 private String _domainControllerName;
125 private NtlmServiceAccount _ntlmServiceAccount;
126 private SecureRandom _secureRandom = new SecureRandom();
127
128 static {
129 DcerpcBinding.addInterface(
130 "netlogon", "12345678-1234-abcd-ef00-01234567cffb:1.0");
131 }
132
133 }