From 0893c0b34450ccfa46463a71ad0fc588ef16abd7 Mon Sep 17 00:00:00 2001 From: damitha Date: Tue, 31 May 2011 09:16:01 +0000 Subject: Initial checkin of ntlm auth code git-svn-id: http://svn.apache.org/repos/asf/axis/axis2/c/core/trunk@1129586 13f79535-47bb-0310-9956-ffa450edef68 --- src/core/transport/http/sender/http_sender.c | 464 ++++++++++++++++++++++++++- 1 file changed, 452 insertions(+), 12 deletions(-) (limited to 'src/core/transport/http/sender') diff --git a/src/core/transport/http/sender/http_sender.c b/src/core/transport/http/sender/http_sender.c index f899a9e..e7cf495 100644 --- a/src/core/transport/http/sender/http_sender.c +++ b/src/core/transport/http/sender/http_sender.c @@ -37,6 +37,7 @@ #include #include #include "ssl/ssl_stream.h" +#include #ifdef AXIS2_LIBCURL_ENABLED #include "libcurl/axis2_libcurl.h" @@ -132,6 +133,14 @@ axis2_http_sender_configure_http_digest_auth( axis2_http_simple_request_t * request, axis2_char_t * header_data); +static axis2_status_t +axis2_http_sender_configure_http_ntlm_auth( + axis2_http_sender_t * sender, + const axutil_env_t * env, + axis2_msg_ctx_t * msg_ctx, + axis2_http_simple_request_t * request, + axis2_char_t * header_data); + static axis2_status_t axis2_http_sender_configure_proxy_digest_auth( axis2_http_sender_t * sender, @@ -140,6 +149,13 @@ axis2_http_sender_configure_proxy_digest_auth( axis2_http_simple_request_t * request, axis2_char_t * header_data); +static axis2_status_t +axis2_http_sender_configure_proxy_ntlm_auth( + axis2_http_sender_t * sender, + const axutil_env_t * env, + axis2_msg_ctx_t * msg_ctx, + axis2_http_simple_request_t * request, + axis2_char_t * header_data); #endif @@ -973,8 +989,9 @@ axis2_http_sender_send( env); } - if(proxy_auth_property_value && 0 == axutil_strcmp(proxy_auth_property_value, - AXIS2_PROXY_AUTH_TYPE_DIGEST)) + if(proxy_auth_property_value && (0 == axutil_strcmp(proxy_auth_property_value, + AXIS2_PROXY_AUTH_TYPE_DIGEST) || 0 == axutil_strcmp(proxy_auth_property_value, + AXIS2_HTTP_AUTH_TYPE_NTLM))) { force_proxy_auth = AXIS2_FALSE; force_proxy_auth_with_head = AXIS2_TRUE; @@ -1012,8 +1029,9 @@ axis2_http_sender_send( env); } - if(http_auth_property_value && 0 == axutil_strcmp(http_auth_property_value, - AXIS2_HTTP_AUTH_TYPE_DIGEST)) + if(http_auth_property_value && (0 == axutil_strcmp(http_auth_property_value, + AXIS2_HTTP_AUTH_TYPE_DIGEST) || 0 == axutil_strcmp(http_auth_property_value, + AXIS2_HTTP_AUTH_TYPE_NTLM))) { force_http_auth = AXIS2_FALSE; force_http_auth_with_head = AXIS2_TRUE; @@ -2390,6 +2408,193 @@ axis2_http_sender_configure_http_digest_auth( return AXIS2_FAILURE; } +static axis2_status_t +axis2_http_sender_configure_http_ntlm_auth( + axis2_http_sender_t * sender, + const axutil_env_t * env, + axis2_msg_ctx_t * msg_ctx, + axis2_http_simple_request_t * request, + axis2_char_t * header_data) +{ + axutil_property_t *http_auth_un = NULL; + axutil_property_t *http_auth_pw = NULL; + axutil_property_t *ntlm_auth_dm = NULL; + axutil_property_t *ntlm_auth_wo = NULL; + axutil_property_t *ntlm_auth_fg = NULL; + axis2_char_t *uname = NULL; + axis2_char_t *passwd = NULL; + int flags = 0; + axis2_char_t *domain = NULL; + axis2_char_t *workstation = NULL; + +#ifndef AXIS2_NTLM_ENABLED + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "NTLM is not enabled. Please consider building "\ + "Axis2/C enabling a ntlm client library"); + return AXIS2_FAILURE; +#endif + + http_auth_un = axis2_msg_ctx_get_property(msg_ctx, env, AXIS2_HTTP_AUTH_UNAME); + http_auth_pw = axis2_msg_ctx_get_property(msg_ctx, env, AXIS2_HTTP_AUTH_PASSWD); + ntlm_auth_dm = axis2_msg_ctx_get_property(msg_ctx, env, AXIS2_NTLM_AUTH_DOMAIN); + ntlm_auth_wo = axis2_msg_ctx_get_property(msg_ctx, env, AXIS2_NTLM_AUTH_WORKSTATION); + ntlm_auth_fg = axis2_msg_ctx_get_property(msg_ctx, env, AXIS2_NTLM_AUTH_FLAGS); + if(http_auth_un && http_auth_pw) + { + uname = (axis2_char_t *)axutil_property_get_value(http_auth_un, env); + passwd = (axis2_char_t *)axutil_property_get_value(http_auth_pw, env); + } + if(!uname || !passwd) + { + axis2_conf_ctx_t *conf_ctx = NULL; + axis2_conf_t *conf = NULL; + axis2_transport_out_desc_t *trans_desc = NULL; + axutil_param_t *http_auth_param = NULL; + axutil_hash_t *transport_attrs = NULL; + + conf_ctx = axis2_msg_ctx_get_conf_ctx(msg_ctx, env); + if(conf_ctx) + { + conf = axis2_conf_ctx_get_conf(conf_ctx, env); + if(conf) + { + trans_desc = axis2_conf_get_transport_out(conf, env, AXIS2_TRANSPORT_ENUM_HTTP); + } + } + if(trans_desc) + { + http_auth_param = axutil_param_container_get_param( + axis2_transport_out_desc_param_container(trans_desc, env), env, + AXIS2_HTTP_AUTHENTICATION); + if(http_auth_param) + { + transport_attrs = axutil_param_get_attributes(http_auth_param, env); + if(transport_attrs) + { + axutil_generic_obj_t *obj = NULL; + axiom_attribute_t *username_attr = NULL; + axiom_attribute_t *password_attr = NULL; + + obj = axutil_hash_get(transport_attrs, AXIS2_HTTP_AUTHENTICATION_USERNAME, + AXIS2_HASH_KEY_STRING); + if(obj) + { + username_attr = (axiom_attribute_t *)axutil_generic_obj_get_value(obj, env); + } + if(username_attr) + { + uname = axiom_attribute_get_value(username_attr, env); + } + obj = NULL; + + obj = axutil_hash_get(transport_attrs, AXIS2_HTTP_AUTHENTICATION_PASSWORD, + AXIS2_HASH_KEY_STRING); + if(obj) + { + password_attr = (axiom_attribute_t *)axutil_generic_obj_get_value(obj, env); + } + if(password_attr) + { + passwd = axiom_attribute_get_value(password_attr, env); + } + } + } + } + } + if(ntlm_auth_fg) + { + axis2_char_t *temp_flags = (axis2_char_t *) axutil_property_get_value(ntlm_auth_fg, env); + if(temp_flags) + { + flags = atoi(temp_flags); + } + else + { + flags = 0; + } + } + else + { + flags = 0; + } + if(ntlm_auth_dm) + { + domain = (axis2_char_t *)axutil_property_get_value(ntlm_auth_dm, env); + } + if(ntlm_auth_wo) + { + workstation = (axis2_char_t *)axutil_property_get_value(ntlm_auth_wo, env); + } + if(uname && passwd) + { + int elen = 0; + axis2_char_t *auth_str = NULL; + axis2_char_t *encoded_message = NULL; + axis2_http_header_t *tmp_header = NULL; + axis2_ntlm_t *ntlm = NULL; + axis2_status_t status = AXIS2_FAILURE; + + ntlm = axis2_ntlm_create(env); + if(!header_data || !*header_data) /* NTLM unauthorized received */ + { + /* Ceate type 1(negotiation) header message */ + status = axis2_ntlm_auth_create_type1_message(ntlm, env, &encoded_message, &elen, uname, + passwd, flags, domain); + /*status = axis2_ntlm_auth_create_type1_message(ntlm, env, &encoded_message, &elen, "nandika", + "nandika", 0, "mydomain", "workstation");*/ + } + else /* NTLM challange received */ + { + /* Create Type3 (authentication) header message */ + status = axis2_ntlm_auth_create_type3_message(ntlm, env, header_data, + &encoded_message, &elen, uname, passwd, domain, workstation); + } + if(status != AXIS2_SUCCESS) + { + if(encoded_message) + { + AXIS2_FREE(env->allocator, encoded_message); + encoded_message = NULL; + } + if(ntlm) + { + axis2_ntlm_free(ntlm, env); + } + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "axis2_ntlm_auth_create_type3_message call failed"); + return status; + } + AXIS2_LOG_DEBUG(env->log, AXIS2_LOG_SI, "encoded_message:%s", encoded_message); + + auth_str + = (axis2_char_t *)(AXIS2_MALLOC(env->allocator, sizeof(axis2_char_t) * (elen + 6))); + sprintf(auth_str, "%s %s", AXIS2_HTTP_AUTH_TYPE_NTLM, encoded_message); + tmp_header = axis2_http_simple_request_get_first_header(request, env, + AXIS2_HTTP_HEADER_AUTHORIZATION); + if(tmp_header) + { + axis2_char_t *tmp_header_val = axis2_http_header_get_value(tmp_header, env); + if(tmp_header_val) + { + axis2_http_header_set_value(tmp_header, env, auth_str); + } + } + else + { + axis2_http_sender_util_add_header(env, request, AXIS2_HTTP_HEADER_AUTHORIZATION, auth_str); + } + + + AXIS2_FREE(env->allocator, encoded_message); + encoded_message = NULL; + axis2_ntlm_free(ntlm, env); + AXIS2_FREE(env->allocator, auth_str); + auth_str = NULL; + + return AXIS2_SUCCESS; + } + return AXIS2_FAILURE; +} /* axis2_http_sender_configure_http_ntlm_auth */ + static axis2_status_t axis2_http_sender_configure_proxy_digest_auth( axis2_http_sender_t * sender, @@ -2722,6 +2927,215 @@ axis2_http_sender_configure_proxy_digest_auth( } return AXIS2_FAILURE; } + +static axis2_status_t +axis2_http_sender_configure_proxy_ntlm_auth( + axis2_http_sender_t * sender, + const axutil_env_t * env, + axis2_msg_ctx_t * msg_ctx, + axis2_http_simple_request_t * request, + axis2_char_t * header_data) +{ + axutil_property_t *proxy_auth_un = NULL; + axutil_property_t *proxy_auth_pw = NULL; + axutil_property_t *ntlm_auth_dm = NULL; + axutil_property_t *ntlm_auth_wo = NULL; + axutil_property_t *ntlm_auth_fg = NULL; + axis2_char_t *uname = NULL; + axis2_char_t *passwd = NULL; + int flags = 0; + axis2_char_t *domain = NULL; + axis2_char_t *workstation = NULL; + +#ifndef AXIS2_NTLM_ENABLED + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "NTLM is not enabled. Please consider building "\ + "Axis2/C enabling a ntlm client library"); + return AXIS2_FAILURE; +#endif + + if(!header_data || !*header_data) + return AXIS2_FAILURE; + + proxy_auth_un = axis2_msg_ctx_get_property(msg_ctx, env, AXIS2_PROXY_AUTH_UNAME); + proxy_auth_pw = axis2_msg_ctx_get_property(msg_ctx, env, AXIS2_PROXY_AUTH_PASSWD); + ntlm_auth_dm = axis2_msg_ctx_get_property(msg_ctx, env, AXIS2_NTLM_AUTH_DOMAIN); + ntlm_auth_wo = axis2_msg_ctx_get_property(msg_ctx, env, AXIS2_NTLM_AUTH_WORKSTATION); + ntlm_auth_fg = axis2_msg_ctx_get_property(msg_ctx, env, AXIS2_NTLM_AUTH_FLAGS); + + if(proxy_auth_un && proxy_auth_pw) + { + uname = (axis2_char_t *)axutil_property_get_value(proxy_auth_un, env); + passwd = (axis2_char_t *)axutil_property_get_value(proxy_auth_pw, env); + } + if(!uname || !passwd) + { + axis2_conf_ctx_t *conf_ctx = NULL; + axis2_conf_t *conf = NULL; + axis2_transport_out_desc_t *trans_desc = NULL; + axutil_param_t *proxy_param = NULL; + axutil_hash_t *transport_attrs = NULL; + + conf_ctx = axis2_msg_ctx_get_conf_ctx(msg_ctx, env); + if(conf_ctx) + { + conf = axis2_conf_ctx_get_conf(conf_ctx, env); + if(conf) + { + trans_desc = axis2_conf_get_transport_out(conf, env, AXIS2_TRANSPORT_ENUM_HTTP); + } + } + if(trans_desc) + { + proxy_param = axutil_param_container_get_param( + axis2_transport_out_desc_param_container(trans_desc, env), env, + AXIS2_HTTP_PROXY_API); + if(!proxy_param) + { + proxy_param = axutil_param_container_get_param( + axis2_transport_out_desc_param_container(trans_desc, env), env, + AXIS2_HTTP_PROXY); + } + if(proxy_param) + { + transport_attrs = axutil_param_get_attributes(proxy_param, env); + + if(transport_attrs) + { + axutil_generic_obj_t *obj = NULL; + axiom_attribute_t *username_attr = NULL; + axiom_attribute_t *password_attr = NULL; + + obj = axutil_hash_get(transport_attrs, AXIS2_HTTP_PROXY_USERNAME, + AXIS2_HASH_KEY_STRING); + if(obj) + { + username_attr = (axiom_attribute_t *)axutil_generic_obj_get_value(obj, env); + } + if(username_attr) + { + uname = axiom_attribute_get_value(username_attr, env); + } + + obj = NULL; + obj = axutil_hash_get(transport_attrs, AXIS2_HTTP_PROXY_PASSWORD, + AXIS2_HASH_KEY_STRING); + if(obj) + { + password_attr = (axiom_attribute_t *)axutil_generic_obj_get_value(obj, env); + } + if(password_attr) + { + passwd = axiom_attribute_get_value(password_attr, env); + } + } + } + } + } + if(ntlm_auth_fg) + { + axis2_char_t *temp_flags = (axis2_char_t *) axutil_property_get_value(ntlm_auth_fg, env); + if(temp_flags) + { + flags = atoi(temp_flags); + } + else + { + flags = 0; + } + } + else + { + flags = 0; + } + if(ntlm_auth_dm) + { + domain = (axis2_char_t *)axutil_property_get_value(ntlm_auth_dm, env); + } + if(ntlm_auth_wo) + { + workstation = (axis2_char_t *)axutil_property_get_value(ntlm_auth_wo, env); + } + if(uname && passwd) + { + int *elen = NULL; + axis2_char_t *auth_str = NULL; + axis2_char_t *encoded_message = NULL; + axis2_http_header_t *tmp_header = NULL; + axis2_ntlm_t *ntlm = NULL; + axis2_status_t status = AXIS2_FAILURE; + + ntlm = axis2_ntlm_create(env); + if(!header_data || !*header_data) /* NTLM unauthorized received */ + { + /* Ceate type 1(negotiation) header message */ + status = axis2_ntlm_auth_create_type1_message(ntlm, env, &encoded_message, elen, uname, + passwd, flags, domain); + if(status != AXIS2_SUCCESS) + { + if(encoded_message) + { + AXIS2_FREE(env->allocator, encoded_message); + encoded_message = NULL; + } + if(ntlm) + { + axis2_ntlm_free(ntlm, env); + } + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "axis2_ntlm_auth_create_type1_message call failed"); + return status; + } + } + else /* NTLM challange received */ + { + /* Create Type3 (authentication) header message */ + status = axis2_ntlm_auth_create_type3_message(ntlm, env, header_data, &encoded_message, + elen, uname, passwd, domain, workstation); + if(status != AXIS2_SUCCESS) + { + if(encoded_message) + { + AXIS2_FREE(env->allocator, encoded_message); + encoded_message = NULL; + } + if(ntlm) + { + axis2_ntlm_free(ntlm, env); + } + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "axis2_ntlm_auth_create_type3_message call failed"); + return status; + } + } + auth_str + = (axis2_char_t *)(AXIS2_MALLOC(env->allocator, sizeof(axis2_char_t) * (*elen + 6))); + sprintf(auth_str, "%s %s", AXIS2_HTTP_AUTH_TYPE_NTLM, encoded_message); + tmp_header = axis2_http_simple_request_get_first_header(request, env, + AXIS2_HTTP_HEADER_AUTHORIZATION); + if(tmp_header) + { + axis2_char_t *tmp_header_val = axis2_http_header_get_value(tmp_header, env); + if(tmp_header_val) + { + axis2_http_header_set_value(tmp_header, env, auth_str); + } + } + else + { + axis2_http_sender_util_add_header(env, request, AXIS2_HTTP_HEADER_AUTHORIZATION, auth_str); + } + + AXIS2_FREE(env->allocator, encoded_message); + encoded_message = NULL; + axis2_ntlm_free(ntlm, env); + AXIS2_FREE(env->allocator, auth_str); + auth_str = NULL; + + return AXIS2_SUCCESS; + } + return AXIS2_FAILURE; +} /* configure_proxy_ntlm_auth */ + #endif #ifndef AXIS2_LIBCURL_ENABLED @@ -2769,7 +3183,8 @@ axis2_http_sender_configure_http_auth( auth_type = http_auth_type_property_value; } } - if(!force_http_auth || axutil_strcasecmp(auth_type, AXIS2_HTTP_AUTH_TYPE_DIGEST) == 0) + if(!force_http_auth || axutil_strcasecmp(auth_type, AXIS2_HTTP_AUTH_TYPE_DIGEST) == 0 || + axutil_strcasecmp(auth_type, AXIS2_HTTP_AUTH_TYPE_NTLM) == 0) { axis2_http_header_t *auth_header = NULL; axis2_http_simple_response_t *response = NULL; @@ -2790,11 +3205,15 @@ axis2_http_sender_configure_http_auth( if(auth_type) { auth_type_end = axutil_strchr(auth_type, ' '); - *auth_type_end = AXIS2_ESC_NULL; - auth_type_end++; - /*Read the realm and the rest stuff now from auth_type_end */ + if(auth_type_end) + { + *auth_type_end = AXIS2_ESC_NULL; + auth_type_end++; + /*Read the realm and the rest stuff now from auth_type_end */ + } } - if(force_http_auth && axutil_strcasecmp(auth_type, AXIS2_HTTP_AUTH_TYPE_DIGEST) != 0) + if(force_http_auth && (axutil_strcasecmp(auth_type, AXIS2_HTTP_AUTH_TYPE_DIGEST) != 0 && + axutil_strcasecmp(auth_type, AXIS2_HTTP_AUTH_TYPE_NTLM) != 0)) { auth_type = NULL; } @@ -2810,6 +3229,11 @@ axis2_http_sender_configure_http_auth( status = axis2_http_sender_configure_http_digest_auth(sender, env, msg_ctx, request, auth_type_end); } + else if(axutil_strcasecmp(auth_type, AXIS2_HTTP_AUTH_TYPE_NTLM) == 0) + { + status = axis2_http_sender_configure_http_ntlm_auth(sender, env, msg_ctx, request, + auth_type_end); + } else { AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "Authtype %s is not" @@ -2905,6 +3329,11 @@ axis2_http_sender_configure_proxy_auth( status = axis2_http_sender_configure_proxy_digest_auth(sender, env, msg_ctx, request, auth_type_end); } + else if(axutil_strcasecmp(auth_type, AXIS2_PROXY_AUTH_TYPE_NTLM) == 0) + { + status = axis2_http_sender_configure_proxy_ntlm_auth(sender, env, msg_ctx, request, + auth_type_end); + } else { AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "Authtype %s is not supported", auth_type); @@ -2949,9 +3378,12 @@ axis2_http_sender_set_http_auth_type( if(auth_type) { auth_type_end = axutil_strchr(auth_type, ' '); - *auth_type_end = AXIS2_ESC_NULL; - auth_type_end++; - /*Read the realm and the rest stuff now from auth_type_end */ + if(auth_type_end) + { + *auth_type_end = AXIS2_ESC_NULL; + auth_type_end++; + /*Read the realm and the rest stuff now from auth_type_end */ + } } if(auth_type) @@ -2964,6 +3396,10 @@ axis2_http_sender_set_http_auth_type( { status = axis2_msg_ctx_set_auth_type(msg_ctx, env, AXIS2_HTTP_AUTH_TYPE_DIGEST); } + if(axutil_strcasecmp(auth_type, AXIS2_HTTP_AUTH_TYPE_NTLM) == 0) + { + status = axis2_msg_ctx_set_auth_type(msg_ctx, env, AXIS2_HTTP_AUTH_TYPE_NTLM); + } else { AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "Authtype %s is not supported", auth_type); @@ -3020,6 +3456,10 @@ axis2_http_sender_set_proxy_auth_type( { status = axis2_msg_ctx_set_auth_type(msg_ctx, env, AXIS2_PROXY_AUTH_TYPE_DIGEST); } + if(axutil_strcasecmp(auth_type, AXIS2_PROXY_AUTH_TYPE_NTLM) == 0) + { + status = axis2_msg_ctx_set_auth_type(msg_ctx, env, AXIS2_PROXY_AUTH_TYPE_NTLM); + } else { AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "Authtype %s is not supported", auth_type); -- cgit v1.1-32-gdbae