diff options
-rw-r--r-- | include/axis2_http_header.h | 11 | ||||
-rw-r--r-- | include/axis2_http_transport.h | 25 | ||||
-rw-r--r-- | include/axis2_ntlm.h | 235 | ||||
-rw-r--r-- | include/axis2_options.h | 47 | ||||
-rw-r--r-- | src/core/clientapi/options.c | 155 | ||||
-rw-r--r-- | src/core/transport/http/common/http_header.c | 15 | ||||
-rw-r--r-- | src/core/transport/http/sender/http_sender.c | 464 |
7 files changed, 940 insertions, 12 deletions
diff --git a/include/axis2_http_header.h b/include/axis2_http_header.h index c79ab50..5e3dab0 100644 --- a/include/axis2_http_header.h +++ b/include/axis2_http_header.h @@ -69,6 +69,17 @@ extern "C" axis2_http_header_get_value( const axis2_http_header_t * header, const axutil_env_t * env); + + /** + * @param header pointer to header + * @param env pointer to environment struct + * @param value header value + */ + AXIS2_EXTERN void AXIS2_CALL + axis2_http_header_set_value( + axis2_http_header_t * header, + const axutil_env_t * env, + const axis2_char_t *value); /** * @param header pointer to header diff --git a/include/axis2_http_transport.h b/include/axis2_http_transport.h index 25f6e97..7bf5c53 100644 --- a/include/axis2_http_transport.h +++ b/include/axis2_http_transport.h @@ -964,6 +964,21 @@ extern "C" * Proxy authentication password property name */ #define AXIS2_PROXY_AUTH_PASSWD "PROXY_AUTH_PASSWD" + + /** + * NTLM authentication domain property name + */ + #define AXIS2_NTLM_AUTH_DOMAIN "NTLM_AUTH_DOMAIN" + + /** + * NTLM authentication workstation property name + */ + #define AXIS2_NTLM_AUTH_WORKSTATION "NTLM_AUTH_WORKSTATION" + + /** + * NTLM authentication flags property name + */ + #define AXIS2_NTLM_AUTH_FLAGS "NTLM_AUTH_FLAGS" /* #define AXIS2_HTTP_AUTH_TYPE "HTTP_AUTH_TYPE"*/ @@ -977,6 +992,11 @@ extern "C" * HTTP "Digest" authentication */ #define AXIS2_HTTP_AUTH_TYPE_DIGEST "Digest" + + /** + * "NTLM" authentication + */ + #define AXIS2_HTTP_AUTH_TYPE_NTLM "NTLM" /** * Proxy "Basic" authentication @@ -987,6 +1007,11 @@ extern "C" * Proxy "Digest" authentication */ #define AXIS2_PROXY_AUTH_TYPE_DIGEST "Digest" + + /** + * Proxy "NTLM" authentication + */ + #define AXIS2_PROXY_AUTH_TYPE_NTLM "NTLM" /** diff --git a/include/axis2_ntlm.h b/include/axis2_ntlm.h new file mode 100644 index 0000000..0e78bc5 --- /dev/null +++ b/include/axis2_ntlm.h @@ -0,0 +1,235 @@ + +/* + * Copyright 2004,2005 The Apache Software Foundation. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef AXIS2_NTLM_H +#define AXIS2_NTLM_H + +/** + *@file axis2_ntlm.h + *@brief this is the ntlm authentication abstraction layer for axis2 + */ + +#include <axutil_env.h> +#include <axutil_utils.h> + +#ifdef __cplusplus +extern "C" +{ +#endif + + typedef struct axis2_ntlm_ops axis2_ntlm_ops_t; + typedef struct axis2_ntlm axis2_ntlm_t; + + /** + * @defgroup axis2_ntlm ntlm + * @ingroup axiom + * @{ + * @} + */ + + /** + * @defgroup axis2_ntlm ntlm + * @ingroup axis2_ntlm + * @{ + */ + + /** + * \brief AXIS2_NTLM ops + * Encapsulator struct for ops of axiis2_ntlm + */ + + struct axis2_ntlm_ops + { + /** + * free pull_ntlm + * @param ntlm axis2_ntlm struct + * @param env axutil_environment MUST NOT be NULL + * @returns axis2_status_code + */ + + void ( + AXIS2_CALL + * free)( + axis2_ntlm_t * ntlm, + const axutil_env_t * env); + + /** + * Create Type1 NTLM message. This will create a type1 message and assign + * it to the return type. + * @param ntlm axis2_ntlm + * @param env axutil_environment, MUST NOT be NULL. + * @param encoded_message return type passed by caller. + * @param encoded_len length of the encoded message + * @param uname user name + * @param passwd password + * @param flags NTLM flags + * @param domain domain + * @param workstation + * @returns status , AXIS2_FAILURE on error + */ + + axis2_status_t ( + AXIS2_CALL + * create_type1_message)( + axis2_ntlm_t * ntlm, + const axutil_env_t * env, + axis2_char_t **encoded_message, + int *encoded_len, + const axis2_char_t *uname, + const axis2_char_t *passwd, + const int flags, + const axis2_char_t *domain); + + /** + * Create Type3 NTLM message. This will create a type3 message and assign + * it to the return type. + * @param ntlm axis2_ntlm + * @param env axutil_environment, MUST NOT be NULL. + * @param header_value Header value extracted from the type2 message + * @param encoded_message return type passed by caller. + * @param encoded_len length of the encoded message + * @param uname user name + * @param passwd password + * @param flags NTLM flags + * @param domain domain + * @param workstation + * @returns status , AXIS2_FAILURE on error + */ + + axis2_status_t( + AXIS2_CALL + * create_type3_message)( + axis2_ntlm_t * ntlm, + const axutil_env_t * env, + axis2_char_t *header_value, + axis2_char_t **encoded_message, + int *encoded_len, + const axis2_char_t *uname, + const axis2_char_t *passwd, + const axis2_char_t *domain, + const axis2_char_t *workstation); + + + }; + + /** + * @brief axis2_ntlm struct + * Axis2 NTLM + */ + struct axis2_ntlm + { + const axis2_ntlm_ops_t *ops; + }; + + /** + * Creates an instance of axis2_ntlm that would be used to + * authorize NTLM + * @param env environment struct, must not be null + * @returns a pointer to axis2_ntlm_t struct + * NULL on error with error code set in the environment's error + */ + AXIS2_EXTERN axis2_ntlm_t *AXIS2_CALL + axis2_ntlm_create( + const axutil_env_t * env); + + + /** + * free method for ntlm + * @param ntlm pointer to the NTLM struct + * @param env environment struct, must not be null + * + * @return + */ + AXIS2_EXTERN void AXIS2_CALL + axis2_ntlm_free( + axis2_ntlm_t * ntlm, + const axutil_env_t * env); + + /** + * Create Type1 NTLM message. This will create a type1 message and assign + * it to the return type. + * @param ntlm axis2_ntlm + * @param env axutil_environment, MUST NOT be NULL. + * @param encoded_message return type passed by caller. + * @param encoded_len length of the encoded message + * @param uname user name + * @param passwd password + * @param flags NTLM flags + * @param domain domain + * @param workstation + * @returns status , AXIS2_FAILURE on error + */ + AXIS2_EXTERN axis2_status_t AXIS2_CALL + axis2_ntlm_auth_create_type1_message( + axis2_ntlm_t * ntlm, + const axutil_env_t * env, + axis2_char_t **encoded_message, + int *encoded_len, + const axis2_char_t *uname, + const axis2_char_t *passwd, + const int flags, + const axis2_char_t *domain); + + /** + * Create Type3 NTLM message. This will create a type3 message and assign + * it to the return type. + * @param ntlm axis2_ntlm + * @param env axutil_environment, MUST NOT be NULL. + * @param header_value Header value extracted from the type2 message + * @param encoded_message return type passed by caller. + * @param encoded_len length of the encoded message + * @param uname user name + * @param passwd password + * @param flags NTLM flags + * @param domain domain + * @param workstation + * @returns status , AXIS2_FAILURE on error + */ + AXIS2_EXTERN axis2_status_t AXIS2_CALL + axis2_ntlm_auth_create_type3_message( + axis2_ntlm_t * ntlm, + const axutil_env_t * env, + axis2_char_t *header_value, + axis2_char_t **encoded_message, + int *encoded_len, + const axis2_char_t *uname, + const axis2_char_t *passwd, + const axis2_char_t *domain, + const axis2_char_t *workstation); + + /** @} */ + +#ifdef __cplusplus +} +#endif + +#endif /* AXIS2_NTLM_H */ + + + + + + + + + + + + + + diff --git a/include/axis2_options.h b/include/axis2_options.h index 4ed2185..3c320a0 100644 --- a/include/axis2_options.h +++ b/include/axis2_options.h @@ -840,6 +840,53 @@ extern "C" const axis2_char_t * password, const axis2_char_t * auth_type); + /** + * Sets ntlm http authentication information. + * @param env pointer to environment struct + * @param parent pointer to parent struct + * @param username string representing username + * @param password string representing password + * @param flags int pointer representing flags + * @param domain string representing domain + * @param workstation string representing workstation + * @param auth_type use "NTLM" to force ntlm http authentication + * or NULL for not forcing authentication + * @return AXIS2_SUCCESS on success, else AXIS2_FAILURE + */ + AXIS2_EXTERN axis2_status_t AXIS2_CALL + axis2_options_set_ntlm_http_auth_info( + axis2_options_t * options, + const axutil_env_t * env, + const axis2_char_t * username, + const axis2_char_t * password, + const int * flags, + const axis2_char_t * domain, + const axis2_char_t * workstation, + const axis2_char_t * auth_type); + + /** + * Sets ntlm proxy authentication information. + * @param env pointer to environment struct + * @param parent pointer to parent struct + * @param username string representing username + * @param password string representing password + * @param flags int pointer representing flags + * @param domain string representing domain + * @param workstation string representing workstation + * @param auth_type use "NTLM" to force ntlm proxy authentication + * or NULL for not forcing authentication + * @return AXIS2_SUCCESS on success, else AXIS2_FAILURE + */ + AXIS2_EXTERN axis2_status_t AXIS2_CALL + axis2_options_set_ntlm_proxy_auth_info( + axis2_options_t * options, + const axutil_env_t * env, + const axis2_char_t * username, + const axis2_char_t * password, + const int * flags, + const axis2_char_t * domain, + const axis2_char_t * workstation, + const axis2_char_t * auth_type); /** @} */ #ifdef __cplusplus } diff --git a/src/core/clientapi/options.c b/src/core/clientapi/options.c index 26c5d33..28ce453 100644 --- a/src/core/clientapi/options.c +++ b/src/core/clientapi/options.c @@ -1063,6 +1063,161 @@ axis2_options_set_http_auth_info( axutil_property_set_value(http_auth_property, env, axutil_strdup(env, AXIS2_VALUE_FALSE)); axis2_options_set_property(options, env, AXIS2_FORCE_HTTP_AUTH, http_auth_property); } + + return AXIS2_SUCCESS; +} + +AXIS2_EXTERN axis2_status_t AXIS2_CALL +axis2_options_set_ntlm_proxy_auth_info( + axis2_options_t * options, + const axutil_env_t * env, + const axis2_char_t * username, + const axis2_char_t * password, + const int * flags, + const axis2_char_t * domain, + const axis2_char_t * workstation, + const axis2_char_t * auth_type) +{ + axis2_bool_t force_proxy_auth = AXIS2_FALSE; + axutil_property_t *prop_pw = NULL; + axutil_property_t *prop_un = NULL; + axutil_property_t *prop_fg = NULL; + axutil_property_t *prop_do = NULL; + axutil_property_t *prop_wo = NULL; + + prop_un = axutil_property_create(env); + axutil_property_set_value(prop_un, env, axutil_strdup(env, username)); + axis2_options_set_property(options, env, AXIS2_PROXY_AUTH_UNAME, prop_un); + + prop_pw = axutil_property_create(env); + axutil_property_set_value(prop_pw, env, axutil_strdup(env, password)); + axis2_options_set_property(options, env, AXIS2_PROXY_AUTH_PASSWD, prop_pw); + + if(flags) + { + axis2_char_t temp_str[4]; + sprintf(temp_str, "%d", *flags); + prop_fg = axutil_property_create(env); + axutil_property_set_value(prop_fg, env, axutil_strdup(env, temp_str)); + axis2_options_set_property(options, env, AXIS2_NTLM_AUTH_FLAGS, prop_fg); + } + + if(domain) + { + prop_do = axutil_property_create(env); + axutil_property_set_value(prop_do, env, axutil_strdup(env, domain)); + axis2_options_set_property(options, env, AXIS2_NTLM_AUTH_DOMAIN, prop_do); + } + + if(workstation) + { + prop_wo = axutil_property_create(env); + axutil_property_set_value(prop_wo, env, axutil_strdup(env, workstation)); + axis2_options_set_property(options, env, AXIS2_NTLM_AUTH_WORKSTATION, prop_wo); + } + + if(auth_type) + { + if(axutil_strcasecmp(auth_type, AXIS2_HTTP_AUTH_TYPE_NTLM) == 0) + { + force_proxy_auth = AXIS2_TRUE; + } + } + if(force_proxy_auth) + { + axutil_property_t *proxy_auth_property = axutil_property_create(env); + axutil_property_t *proxy_auth_type_property = axutil_property_create(env); + + axutil_property_set_value(proxy_auth_property, env, axutil_strdup(env, AXIS2_VALUE_TRUE)); + axis2_options_set_property(options, env, AXIS2_FORCE_PROXY_AUTH, proxy_auth_property); + + axutil_property_set_value(proxy_auth_type_property, env, axutil_strdup(env, auth_type)); + axis2_options_set_property(options, env, AXIS2_PROXY_AUTH_TYPE, proxy_auth_type_property); + } + else + { + axutil_property_t *proxy_auth_property = axutil_property_create(env); + axutil_property_set_value(proxy_auth_property, env, axutil_strdup(env, AXIS2_VALUE_FALSE)); + axis2_options_set_property(options, env, AXIS2_FORCE_PROXY_AUTH, proxy_auth_property); + } + return AXIS2_SUCCESS; +} + +AXIS2_EXTERN axis2_status_t AXIS2_CALL +axis2_options_set_ntlm_http_auth_info( + axis2_options_t * options, + const axutil_env_t * env, + const axis2_char_t * username, + const axis2_char_t * password, + const int * flags, + const axis2_char_t * domain, + const axis2_char_t * workstation, + const axis2_char_t * auth_type) +{ + axis2_bool_t force_http_auth = AXIS2_FALSE; + axutil_property_t *prop_un = NULL; + axutil_property_t *prop_pw = NULL; + axutil_property_t *prop_fg = NULL; + axutil_property_t *prop_do = NULL; + axutil_property_t *prop_wo = NULL; + + prop_un = axutil_property_create(env); + axutil_property_set_value(prop_un, env, axutil_strdup(env, username)); + axis2_options_set_property(options, env, AXIS2_HTTP_AUTH_UNAME, prop_un); + + prop_pw = axutil_property_create(env); + axutil_property_set_value(prop_pw, env, axutil_strdup(env, password)); + axis2_options_set_property(options, env, AXIS2_HTTP_AUTH_PASSWD, prop_pw); + + if(flags) + { + axis2_char_t temp_str[4]; + sprintf(temp_str, "%d", *flags); + prop_fg = axutil_property_create(env); + axutil_property_set_value(prop_fg, env, axutil_strdup(env, temp_str)); + axis2_options_set_property(options, env, AXIS2_NTLM_AUTH_FLAGS, prop_fg); + } + + if(domain) + { + prop_do = axutil_property_create(env); + axutil_property_set_value(prop_do, env, axutil_strdup(env, domain)); + axis2_options_set_property(options, env, AXIS2_NTLM_AUTH_DOMAIN, prop_do); + } + + if(workstation) + { + prop_wo = axutil_property_create(env); + axutil_property_set_value(prop_wo, env, axutil_strdup(env, workstation)); + axis2_options_set_property(options, env, AXIS2_NTLM_AUTH_WORKSTATION, prop_wo); + } + + + if(auth_type) + { + if(axutil_strcasecmp(auth_type, AXIS2_HTTP_AUTH_TYPE_NTLM) == 0) + { + force_http_auth = AXIS2_TRUE; + } + } + if(force_http_auth) + { + axutil_property_t *http_auth_property = axutil_property_create(env); + axutil_property_t *http_auth_type_property = axutil_property_create(env); + + axutil_property_set_value(http_auth_property, env, axutil_strdup(env, AXIS2_VALUE_TRUE)); + axis2_options_set_property(options, env, AXIS2_FORCE_HTTP_AUTH, http_auth_property); + + axutil_property_set_value(http_auth_type_property, env, axutil_strdup(env, auth_type)); + axis2_options_set_property(options, env, AXIS2_HTTP_AUTH_TYPE, http_auth_type_property); + } + else + { + axutil_property_t *http_auth_property = axutil_property_create(env); + axutil_property_set_value(http_auth_property, env, axutil_strdup(env, AXIS2_VALUE_FALSE)); + axis2_options_set_property(options, env, AXIS2_FORCE_HTTP_AUTH, http_auth_property); + } + return AXIS2_SUCCESS; } diff --git a/src/core/transport/http/common/http_header.c b/src/core/transport/http/common/http_header.c index bd461e3..e98bbf3 100644 --- a/src/core/transport/http/common/http_header.c +++ b/src/core/transport/http/common/http_header.c @@ -166,3 +166,18 @@ axis2_http_header_get_value( { return http_header->value; } + +AXIS2_EXTERN void AXIS2_CALL +axis2_http_header_set_value( + axis2_http_header_t * http_header, + const axutil_env_t * env, + const axis2_char_t *value) +{ + if(http_header->value) + { + AXIS2_FREE(env->allocator, http_header->value); + http_header->value = NULL; + } + http_header->value = (axis2_char_t *)axutil_strdup(env, value); +} + diff --git a/src/core/transport/http/sender/http_sender.c b/src/core/transport/http/sender/http_sender.c index f899a9e..e7cf495 100644 --- a/src/core/transport/http/sender/http_sender.c +++ b/src/core/transport/http/sender/http_sender.c @@ -37,6 +37,7 @@ #include <axiom_soap.h> #include <axutil_version.h> #include "ssl/ssl_stream.h" +#include <axis2_ntlm.h> #ifdef AXIS2_LIBCURL_ENABLED #include "libcurl/axis2_libcurl.h" @@ -133,6 +134,14 @@ axis2_http_sender_configure_http_digest_auth( axis2_char_t * header_data); static axis2_status_t +axis2_http_sender_configure_http_ntlm_auth( + axis2_http_sender_t * sender, + const axutil_env_t * env, + axis2_msg_ctx_t * msg_ctx, + axis2_http_simple_request_t * request, + axis2_char_t * header_data); + +static axis2_status_t axis2_http_sender_configure_proxy_digest_auth( axis2_http_sender_t * sender, const axutil_env_t * env, @@ -140,6 +149,13 @@ axis2_http_sender_configure_proxy_digest_auth( axis2_http_simple_request_t * request, axis2_char_t * header_data); +static axis2_status_t +axis2_http_sender_configure_proxy_ntlm_auth( + axis2_http_sender_t * sender, + const axutil_env_t * env, + axis2_msg_ctx_t * msg_ctx, + axis2_http_simple_request_t * request, + axis2_char_t * header_data); #endif @@ -973,8 +989,9 @@ axis2_http_sender_send( env); } - if(proxy_auth_property_value && 0 == axutil_strcmp(proxy_auth_property_value, - AXIS2_PROXY_AUTH_TYPE_DIGEST)) + if(proxy_auth_property_value && (0 == axutil_strcmp(proxy_auth_property_value, + AXIS2_PROXY_AUTH_TYPE_DIGEST) || 0 == axutil_strcmp(proxy_auth_property_value, + AXIS2_HTTP_AUTH_TYPE_NTLM))) { force_proxy_auth = AXIS2_FALSE; force_proxy_auth_with_head = AXIS2_TRUE; @@ -1012,8 +1029,9 @@ axis2_http_sender_send( env); } - if(http_auth_property_value && 0 == axutil_strcmp(http_auth_property_value, - AXIS2_HTTP_AUTH_TYPE_DIGEST)) + if(http_auth_property_value && (0 == axutil_strcmp(http_auth_property_value, + AXIS2_HTTP_AUTH_TYPE_DIGEST) || 0 == axutil_strcmp(http_auth_property_value, + AXIS2_HTTP_AUTH_TYPE_NTLM))) { force_http_auth = AXIS2_FALSE; force_http_auth_with_head = AXIS2_TRUE; @@ -2391,6 +2409,193 @@ axis2_http_sender_configure_http_digest_auth( } static axis2_status_t +axis2_http_sender_configure_http_ntlm_auth( + axis2_http_sender_t * sender, + const axutil_env_t * env, + axis2_msg_ctx_t * msg_ctx, + axis2_http_simple_request_t * request, + axis2_char_t * header_data) +{ + axutil_property_t *http_auth_un = NULL; + axutil_property_t *http_auth_pw = NULL; + axutil_property_t *ntlm_auth_dm = NULL; + axutil_property_t *ntlm_auth_wo = NULL; + axutil_property_t *ntlm_auth_fg = NULL; + axis2_char_t *uname = NULL; + axis2_char_t *passwd = NULL; + int flags = 0; + axis2_char_t *domain = NULL; + axis2_char_t *workstation = NULL; + +#ifndef AXIS2_NTLM_ENABLED + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "NTLM is not enabled. Please consider building "\ + "Axis2/C enabling a ntlm client library"); + return AXIS2_FAILURE; +#endif + + http_auth_un = axis2_msg_ctx_get_property(msg_ctx, env, AXIS2_HTTP_AUTH_UNAME); + http_auth_pw = axis2_msg_ctx_get_property(msg_ctx, env, AXIS2_HTTP_AUTH_PASSWD); + ntlm_auth_dm = axis2_msg_ctx_get_property(msg_ctx, env, AXIS2_NTLM_AUTH_DOMAIN); + ntlm_auth_wo = axis2_msg_ctx_get_property(msg_ctx, env, AXIS2_NTLM_AUTH_WORKSTATION); + ntlm_auth_fg = axis2_msg_ctx_get_property(msg_ctx, env, AXIS2_NTLM_AUTH_FLAGS); + if(http_auth_un && http_auth_pw) + { + uname = (axis2_char_t *)axutil_property_get_value(http_auth_un, env); + passwd = (axis2_char_t *)axutil_property_get_value(http_auth_pw, env); + } + if(!uname || !passwd) + { + axis2_conf_ctx_t *conf_ctx = NULL; + axis2_conf_t *conf = NULL; + axis2_transport_out_desc_t *trans_desc = NULL; + axutil_param_t *http_auth_param = NULL; + axutil_hash_t *transport_attrs = NULL; + + conf_ctx = axis2_msg_ctx_get_conf_ctx(msg_ctx, env); + if(conf_ctx) + { + conf = axis2_conf_ctx_get_conf(conf_ctx, env); + if(conf) + { + trans_desc = axis2_conf_get_transport_out(conf, env, AXIS2_TRANSPORT_ENUM_HTTP); + } + } + if(trans_desc) + { + http_auth_param = axutil_param_container_get_param( + axis2_transport_out_desc_param_container(trans_desc, env), env, + AXIS2_HTTP_AUTHENTICATION); + if(http_auth_param) + { + transport_attrs = axutil_param_get_attributes(http_auth_param, env); + if(transport_attrs) + { + axutil_generic_obj_t *obj = NULL; + axiom_attribute_t *username_attr = NULL; + axiom_attribute_t *password_attr = NULL; + + obj = axutil_hash_get(transport_attrs, AXIS2_HTTP_AUTHENTICATION_USERNAME, + AXIS2_HASH_KEY_STRING); + if(obj) + { + username_attr = (axiom_attribute_t *)axutil_generic_obj_get_value(obj, env); + } + if(username_attr) + { + uname = axiom_attribute_get_value(username_attr, env); + } + obj = NULL; + + obj = axutil_hash_get(transport_attrs, AXIS2_HTTP_AUTHENTICATION_PASSWORD, + AXIS2_HASH_KEY_STRING); + if(obj) + { + password_attr = (axiom_attribute_t *)axutil_generic_obj_get_value(obj, env); + } + if(password_attr) + { + passwd = axiom_attribute_get_value(password_attr, env); + } + } + } + } + } + if(ntlm_auth_fg) + { + axis2_char_t *temp_flags = (axis2_char_t *) axutil_property_get_value(ntlm_auth_fg, env); + if(temp_flags) + { + flags = atoi(temp_flags); + } + else + { + flags = 0; + } + } + else + { + flags = 0; + } + if(ntlm_auth_dm) + { + domain = (axis2_char_t *)axutil_property_get_value(ntlm_auth_dm, env); + } + if(ntlm_auth_wo) + { + workstation = (axis2_char_t *)axutil_property_get_value(ntlm_auth_wo, env); + } + if(uname && passwd) + { + int elen = 0; + axis2_char_t *auth_str = NULL; + axis2_char_t *encoded_message = NULL; + axis2_http_header_t *tmp_header = NULL; + axis2_ntlm_t *ntlm = NULL; + axis2_status_t status = AXIS2_FAILURE; + + ntlm = axis2_ntlm_create(env); + if(!header_data || !*header_data) /* NTLM unauthorized received */ + { + /* Ceate type 1(negotiation) header message */ + status = axis2_ntlm_auth_create_type1_message(ntlm, env, &encoded_message, &elen, uname, + passwd, flags, domain); + /*status = axis2_ntlm_auth_create_type1_message(ntlm, env, &encoded_message, &elen, "nandika", + "nandika", 0, "mydomain", "workstation");*/ + } + else /* NTLM challange received */ + { + /* Create Type3 (authentication) header message */ + status = axis2_ntlm_auth_create_type3_message(ntlm, env, header_data, + &encoded_message, &elen, uname, passwd, domain, workstation); + } + if(status != AXIS2_SUCCESS) + { + if(encoded_message) + { + AXIS2_FREE(env->allocator, encoded_message); + encoded_message = NULL; + } + if(ntlm) + { + axis2_ntlm_free(ntlm, env); + } + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "axis2_ntlm_auth_create_type3_message call failed"); + return status; + } + AXIS2_LOG_DEBUG(env->log, AXIS2_LOG_SI, "encoded_message:%s", encoded_message); + + auth_str + = (axis2_char_t *)(AXIS2_MALLOC(env->allocator, sizeof(axis2_char_t) * (elen + 6))); + sprintf(auth_str, "%s %s", AXIS2_HTTP_AUTH_TYPE_NTLM, encoded_message); + tmp_header = axis2_http_simple_request_get_first_header(request, env, + AXIS2_HTTP_HEADER_AUTHORIZATION); + if(tmp_header) + { + axis2_char_t *tmp_header_val = axis2_http_header_get_value(tmp_header, env); + if(tmp_header_val) + { + axis2_http_header_set_value(tmp_header, env, auth_str); + } + } + else + { + axis2_http_sender_util_add_header(env, request, AXIS2_HTTP_HEADER_AUTHORIZATION, auth_str); + } + + + AXIS2_FREE(env->allocator, encoded_message); + encoded_message = NULL; + axis2_ntlm_free(ntlm, env); + AXIS2_FREE(env->allocator, auth_str); + auth_str = NULL; + + return AXIS2_SUCCESS; + } + return AXIS2_FAILURE; +} /* axis2_http_sender_configure_http_ntlm_auth */ + +static axis2_status_t axis2_http_sender_configure_proxy_digest_auth( axis2_http_sender_t * sender, const axutil_env_t * env, @@ -2722,6 +2927,215 @@ axis2_http_sender_configure_proxy_digest_auth( } return AXIS2_FAILURE; } + +static axis2_status_t +axis2_http_sender_configure_proxy_ntlm_auth( + axis2_http_sender_t * sender, + const axutil_env_t * env, + axis2_msg_ctx_t * msg_ctx, + axis2_http_simple_request_t * request, + axis2_char_t * header_data) +{ + axutil_property_t *proxy_auth_un = NULL; + axutil_property_t *proxy_auth_pw = NULL; + axutil_property_t *ntlm_auth_dm = NULL; + axutil_property_t *ntlm_auth_wo = NULL; + axutil_property_t *ntlm_auth_fg = NULL; + axis2_char_t *uname = NULL; + axis2_char_t *passwd = NULL; + int flags = 0; + axis2_char_t *domain = NULL; + axis2_char_t *workstation = NULL; + +#ifndef AXIS2_NTLM_ENABLED + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "NTLM is not enabled. Please consider building "\ + "Axis2/C enabling a ntlm client library"); + return AXIS2_FAILURE; +#endif + + if(!header_data || !*header_data) + return AXIS2_FAILURE; + + proxy_auth_un = axis2_msg_ctx_get_property(msg_ctx, env, AXIS2_PROXY_AUTH_UNAME); + proxy_auth_pw = axis2_msg_ctx_get_property(msg_ctx, env, AXIS2_PROXY_AUTH_PASSWD); + ntlm_auth_dm = axis2_msg_ctx_get_property(msg_ctx, env, AXIS2_NTLM_AUTH_DOMAIN); + ntlm_auth_wo = axis2_msg_ctx_get_property(msg_ctx, env, AXIS2_NTLM_AUTH_WORKSTATION); + ntlm_auth_fg = axis2_msg_ctx_get_property(msg_ctx, env, AXIS2_NTLM_AUTH_FLAGS); + + if(proxy_auth_un && proxy_auth_pw) + { + uname = (axis2_char_t *)axutil_property_get_value(proxy_auth_un, env); + passwd = (axis2_char_t *)axutil_property_get_value(proxy_auth_pw, env); + } + if(!uname || !passwd) + { + axis2_conf_ctx_t *conf_ctx = NULL; + axis2_conf_t *conf = NULL; + axis2_transport_out_desc_t *trans_desc = NULL; + axutil_param_t *proxy_param = NULL; + axutil_hash_t *transport_attrs = NULL; + + conf_ctx = axis2_msg_ctx_get_conf_ctx(msg_ctx, env); + if(conf_ctx) + { + conf = axis2_conf_ctx_get_conf(conf_ctx, env); + if(conf) + { + trans_desc = axis2_conf_get_transport_out(conf, env, AXIS2_TRANSPORT_ENUM_HTTP); + } + } + if(trans_desc) + { + proxy_param = axutil_param_container_get_param( + axis2_transport_out_desc_param_container(trans_desc, env), env, + AXIS2_HTTP_PROXY_API); + if(!proxy_param) + { + proxy_param = axutil_param_container_get_param( + axis2_transport_out_desc_param_container(trans_desc, env), env, + AXIS2_HTTP_PROXY); + } + if(proxy_param) + { + transport_attrs = axutil_param_get_attributes(proxy_param, env); + + if(transport_attrs) + { + axutil_generic_obj_t *obj = NULL; + axiom_attribute_t *username_attr = NULL; + axiom_attribute_t *password_attr = NULL; + + obj = axutil_hash_get(transport_attrs, AXIS2_HTTP_PROXY_USERNAME, + AXIS2_HASH_KEY_STRING); + if(obj) + { + username_attr = (axiom_attribute_t *)axutil_generic_obj_get_value(obj, env); + } + if(username_attr) + { + uname = axiom_attribute_get_value(username_attr, env); + } + + obj = NULL; + obj = axutil_hash_get(transport_attrs, AXIS2_HTTP_PROXY_PASSWORD, + AXIS2_HASH_KEY_STRING); + if(obj) + { + password_attr = (axiom_attribute_t *)axutil_generic_obj_get_value(obj, env); + } + if(password_attr) + { + passwd = axiom_attribute_get_value(password_attr, env); + } + } + } + } + } + if(ntlm_auth_fg) + { + axis2_char_t *temp_flags = (axis2_char_t *) axutil_property_get_value(ntlm_auth_fg, env); + if(temp_flags) + { + flags = atoi(temp_flags); + } + else + { + flags = 0; + } + } + else + { + flags = 0; + } + if(ntlm_auth_dm) + { + domain = (axis2_char_t *)axutil_property_get_value(ntlm_auth_dm, env); + } + if(ntlm_auth_wo) + { + workstation = (axis2_char_t *)axutil_property_get_value(ntlm_auth_wo, env); + } + if(uname && passwd) + { + int *elen = NULL; + axis2_char_t *auth_str = NULL; + axis2_char_t *encoded_message = NULL; + axis2_http_header_t *tmp_header = NULL; + axis2_ntlm_t *ntlm = NULL; + axis2_status_t status = AXIS2_FAILURE; + + ntlm = axis2_ntlm_create(env); + if(!header_data || !*header_data) /* NTLM unauthorized received */ + { + /* Ceate type 1(negotiation) header message */ + status = axis2_ntlm_auth_create_type1_message(ntlm, env, &encoded_message, elen, uname, + passwd, flags, domain); + if(status != AXIS2_SUCCESS) + { + if(encoded_message) + { + AXIS2_FREE(env->allocator, encoded_message); + encoded_message = NULL; + } + if(ntlm) + { + axis2_ntlm_free(ntlm, env); + } + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "axis2_ntlm_auth_create_type1_message call failed"); + return status; + } + } + else /* NTLM challange received */ + { + /* Create Type3 (authentication) header message */ + status = axis2_ntlm_auth_create_type3_message(ntlm, env, header_data, &encoded_message, + elen, uname, passwd, domain, workstation); + if(status != AXIS2_SUCCESS) + { + if(encoded_message) + { + AXIS2_FREE(env->allocator, encoded_message); + encoded_message = NULL; + } + if(ntlm) + { + axis2_ntlm_free(ntlm, env); + } + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "axis2_ntlm_auth_create_type3_message call failed"); + return status; + } + } + auth_str + = (axis2_char_t *)(AXIS2_MALLOC(env->allocator, sizeof(axis2_char_t) * (*elen + 6))); + sprintf(auth_str, "%s %s", AXIS2_HTTP_AUTH_TYPE_NTLM, encoded_message); + tmp_header = axis2_http_simple_request_get_first_header(request, env, + AXIS2_HTTP_HEADER_AUTHORIZATION); + if(tmp_header) + { + axis2_char_t *tmp_header_val = axis2_http_header_get_value(tmp_header, env); + if(tmp_header_val) + { + axis2_http_header_set_value(tmp_header, env, auth_str); + } + } + else + { + axis2_http_sender_util_add_header(env, request, AXIS2_HTTP_HEADER_AUTHORIZATION, auth_str); + } + + AXIS2_FREE(env->allocator, encoded_message); + encoded_message = NULL; + axis2_ntlm_free(ntlm, env); + AXIS2_FREE(env->allocator, auth_str); + auth_str = NULL; + + return AXIS2_SUCCESS; + } + return AXIS2_FAILURE; +} /* configure_proxy_ntlm_auth */ + #endif #ifndef AXIS2_LIBCURL_ENABLED @@ -2769,7 +3183,8 @@ axis2_http_sender_configure_http_auth( auth_type = http_auth_type_property_value; } } - if(!force_http_auth || axutil_strcasecmp(auth_type, AXIS2_HTTP_AUTH_TYPE_DIGEST) == 0) + if(!force_http_auth || axutil_strcasecmp(auth_type, AXIS2_HTTP_AUTH_TYPE_DIGEST) == 0 || + axutil_strcasecmp(auth_type, AXIS2_HTTP_AUTH_TYPE_NTLM) == 0) { axis2_http_header_t *auth_header = NULL; axis2_http_simple_response_t *response = NULL; @@ -2790,11 +3205,15 @@ axis2_http_sender_configure_http_auth( if(auth_type) { auth_type_end = axutil_strchr(auth_type, ' '); - *auth_type_end = AXIS2_ESC_NULL; - auth_type_end++; - /*Read the realm and the rest stuff now from auth_type_end */ + if(auth_type_end) + { + *auth_type_end = AXIS2_ESC_NULL; + auth_type_end++; + /*Read the realm and the rest stuff now from auth_type_end */ + } } - if(force_http_auth && axutil_strcasecmp(auth_type, AXIS2_HTTP_AUTH_TYPE_DIGEST) != 0) + if(force_http_auth && (axutil_strcasecmp(auth_type, AXIS2_HTTP_AUTH_TYPE_DIGEST) != 0 && + axutil_strcasecmp(auth_type, AXIS2_HTTP_AUTH_TYPE_NTLM) != 0)) { auth_type = NULL; } @@ -2810,6 +3229,11 @@ axis2_http_sender_configure_http_auth( status = axis2_http_sender_configure_http_digest_auth(sender, env, msg_ctx, request, auth_type_end); } + else if(axutil_strcasecmp(auth_type, AXIS2_HTTP_AUTH_TYPE_NTLM) == 0) + { + status = axis2_http_sender_configure_http_ntlm_auth(sender, env, msg_ctx, request, + auth_type_end); + } else { AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "Authtype %s is not" @@ -2905,6 +3329,11 @@ axis2_http_sender_configure_proxy_auth( status = axis2_http_sender_configure_proxy_digest_auth(sender, env, msg_ctx, request, auth_type_end); } + else if(axutil_strcasecmp(auth_type, AXIS2_PROXY_AUTH_TYPE_NTLM) == 0) + { + status = axis2_http_sender_configure_proxy_ntlm_auth(sender, env, msg_ctx, request, + auth_type_end); + } else { AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "Authtype %s is not supported", auth_type); @@ -2949,9 +3378,12 @@ axis2_http_sender_set_http_auth_type( if(auth_type) { auth_type_end = axutil_strchr(auth_type, ' '); - *auth_type_end = AXIS2_ESC_NULL; - auth_type_end++; - /*Read the realm and the rest stuff now from auth_type_end */ + if(auth_type_end) + { + *auth_type_end = AXIS2_ESC_NULL; + auth_type_end++; + /*Read the realm and the rest stuff now from auth_type_end */ + } } if(auth_type) @@ -2964,6 +3396,10 @@ axis2_http_sender_set_http_auth_type( { status = axis2_msg_ctx_set_auth_type(msg_ctx, env, AXIS2_HTTP_AUTH_TYPE_DIGEST); } + if(axutil_strcasecmp(auth_type, AXIS2_HTTP_AUTH_TYPE_NTLM) == 0) + { + status = axis2_msg_ctx_set_auth_type(msg_ctx, env, AXIS2_HTTP_AUTH_TYPE_NTLM); + } else { AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "Authtype %s is not supported", auth_type); @@ -3020,6 +3456,10 @@ axis2_http_sender_set_proxy_auth_type( { status = axis2_msg_ctx_set_auth_type(msg_ctx, env, AXIS2_PROXY_AUTH_TYPE_DIGEST); } + if(axutil_strcasecmp(auth_type, AXIS2_PROXY_AUTH_TYPE_NTLM) == 0) + { + status = axis2_msg_ctx_set_auth_type(msg_ctx, env, AXIS2_PROXY_AUTH_TYPE_NTLM); + } else { AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "Authtype %s is not supported", auth_type); |