001/*
002 * (C) Copyright 2010 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 *
016 * Contributors:
017 *     Nuxeo - initial API and implementation
018 */
019
020package org.nuxeo.ecm.platform.ui.web.auth.ntlm;
021
022import java.io.IOException;
023
024import javax.servlet.Filter;
025import javax.servlet.FilterChain;
026import javax.servlet.FilterConfig;
027import javax.servlet.ServletException;
028import javax.servlet.ServletRequest;
029import javax.servlet.ServletResponse;
030import javax.servlet.http.HttpServletRequest;
031import javax.servlet.http.HttpServletResponse;
032
033/**
034 * Manage NTLM "Protected POST" see : http://jcifs.samba.org/src/docs/ntlmhttpauth.html
035 * http://curl.haxx.se/rfc/ntlm.html
036 *
037 * @author Thierry Delprat
038 */
039public class NTLMPostFilter implements Filter {
040
041    @Override
042    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException,
043            ServletException {
044
045        if (request instanceof HttpServletRequest) {
046            HttpServletRequest httpRequest = (HttpServletRequest) request;
047
048            if ("POST".equals(httpRequest.getMethod())) {
049                String ntlmHeader = httpRequest.getHeader("Authorization");
050                if (ntlmHeader != null && ntlmHeader.startsWith("NTLM") && httpRequest.getContentLength() == 0) {
051                    handleNtlmPost(httpRequest, (HttpServletResponse) response, ntlmHeader);
052                    return;
053                }
054            }
055        }
056        chain.doFilter(request, response);
057    }
058
059    protected void handleNtlmPost(HttpServletRequest httpRequest, HttpServletResponse httpResponse, String ntlmHeader)
060            throws IOException, ServletException {
061        NTLMAuthenticator.negotiate(httpRequest, httpResponse, true);
062    }
063
064    @Override
065    public void init(FilterConfig filterConfig) throws ServletException {
066        // NOP
067    }
068
069    @Override
070    public void destroy() {
071        // NOP
072    }
073
074}