001/*
002 * (C) Copyright 2010 Nuxeo SAS (http://nuxeo.com/) and contributors.
003 *
004 * All rights reserved. This program and the accompanying materials
005 * are made available under the terms of the GNU Lesser General Public License
006 * (LGPL) version 2.1 which accompanies this distribution, and is available at
007 * http://www.gnu.org/licenses/lgpl.html
008 *
009 * This library is distributed in the hope that it will be useful,
010 * but WITHOUT ANY WARRANTY; without even the implied warranty of
011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
012 * Lesser General Public License for more details.
013 *
014 * Contributors:
015 *     Nuxeo - initial API and implementation
016 */
017
018package org.nuxeo.ecm.platform.ui.web.auth.ntlm;
019
020import java.io.IOException;
021
022import javax.servlet.Filter;
023import javax.servlet.FilterChain;
024import javax.servlet.FilterConfig;
025import javax.servlet.ServletException;
026import javax.servlet.ServletRequest;
027import javax.servlet.ServletResponse;
028import javax.servlet.http.HttpServletRequest;
029import javax.servlet.http.HttpServletResponse;
030
031/**
032 * Manage NTLM "Protected POST" see : http://jcifs.samba.org/src/docs/ntlmhttpauth.html
033 * http://curl.haxx.se/rfc/ntlm.html
034 *
035 * @author Thierry Delprat
036 */
037public class NTLMPostFilter implements Filter {
038
039    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException,
040            ServletException {
041
042        if (request instanceof HttpServletRequest) {
043            HttpServletRequest httpRequest = (HttpServletRequest) request;
044
045            if ("POST".equals(httpRequest.getMethod())) {
046                String ntlmHeader = httpRequest.getHeader("Authorization");
047                if (ntlmHeader != null && ntlmHeader.startsWith("NTLM") && httpRequest.getContentLength() == 0) {
048                    handleNtlmPost(httpRequest, (HttpServletResponse) response, ntlmHeader);
049                    return;
050                }
051            }
052        }
053        chain.doFilter(request, response);
054    }
055
056    protected void handleNtlmPost(HttpServletRequest httpRequest, HttpServletResponse httpResponse, String ntlmHeader)
057            throws IOException, ServletException {
058        NTLMAuthenticator.negotiate(httpRequest, httpResponse, true);
059    }
060
061    public void init(FilterConfig filterConfig) throws ServletException {
062        // NOP
063    }
064
065    public void destroy() {
066        // NOP
067    }
068
069}