1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * The contents of this file are subject to the terms of the Liferay Enterprise
5    * Subscription License ("License"). You may not use this file except in
6    * compliance with the License. You can obtain a copy of the License by
7    * contacting Liferay, Inc. See the License for the specific language governing
8    * permissions and limitations under the License, including but not limited to
9    * distribution rights of the Software.
10   *
11   *
12   *
13   */
14  
15  package com.liferay.portal.security.ntlm;
16  
17  import com.liferay.portal.kernel.log.Log;
18  import com.liferay.portal.kernel.log.LogFactoryUtil;
19  import com.liferay.portal.security.ntlm.msrpc.NetlogonAuthenticator;
20  import com.liferay.portal.security.ntlm.msrpc.NetlogonIdentityInfo;
21  import com.liferay.portal.security.ntlm.msrpc.NetlogonNetworkInfo;
22  import com.liferay.portal.security.ntlm.msrpc.NetlogonValidationSamInfo;
23  import com.liferay.portal.security.ntlm.msrpc.NetrLogonSamLogon;
24  
25  import java.io.IOException;
26  
27  import java.security.NoSuchAlgorithmException;
28  import java.security.SecureRandom;
29  
30  import jcifs.dcerpc.DcerpcBinding;
31  import jcifs.dcerpc.DcerpcHandle;
32  import jcifs.dcerpc.UnicodeString;
33  
34  /**
35   * <a href="Netlogon.java.html"><b><i>View Source</i></b></a>
36   *
37   * @author Marcellus Tavares
38   * @author Michael C. Han
39   */
40  public class Netlogon {
41  
42      static {
43          DcerpcBinding.addInterface(
44              "netlogon", "12345678-1234-abcd-ef00-01234567cffb:1.0");
45      }
46  
47      public NtlmUserAccount logon(
48              String domain, String userName, String workstation,
49              byte[] serverChallenge, byte[] ntResponse, byte[] lmResponse)
50          throws NtlmLogonException {
51  
52          NetlogonConnection netlogonConnection = new NetlogonConnection();
53  
54          try {
55  
56              netlogonConnection.connect(
57                  _domainController,_domainControllerName, _ntlmServiceAccount,
58                  _secureRandom);
59  
60              NetlogonAuthenticator netlogonAuthenticator =
61                  netlogonConnection.computeNetlogonAuthenticator();
62  
63              NetlogonIdentityInfo netlogonIdentityInfo =
64                  new NetlogonIdentityInfo(
65                      domain, 0x00000820, 0, 0, userName, workstation);
66  
67              NetlogonNetworkInfo netlogonNetworkInfo = new NetlogonNetworkInfo(
68                  netlogonIdentityInfo, serverChallenge,  ntResponse, lmResponse);
69  
70              NetrLogonSamLogon netrLogonSamLogon = new NetrLogonSamLogon(
71                  _domainControllerName, _ntlmServiceAccount.getComputerName(),
72                  netlogonAuthenticator, new NetlogonAuthenticator(), 2,
73                  netlogonNetworkInfo, 2, new NetlogonValidationSamInfo(), 0);
74  
75              DcerpcHandle dcerpcHandle = netlogonConnection.getDcerpcHandle();
76  
77              dcerpcHandle.sendrecv(netrLogonSamLogon);
78  
79              if (netrLogonSamLogon.getStatus() == 0) {
80                  NetlogonValidationSamInfo netlogonValidationSamInfo =
81                      netrLogonSamLogon.getNetlogonValidationSamInfo();
82  
83                  UnicodeString name = new UnicodeString(
84                      netlogonValidationSamInfo.getEffectiveName(), false);
85  
86                  return new NtlmUserAccount(name.toString());
87              }
88              else {
89                  throw new NtlmLogonException(
90                      "Unable to authenticate due to status " +
91                          netrLogonSamLogon.getStatus());
92              }
93          }
94          catch (NoSuchAlgorithmException e) {
95              throw new NtlmLogonException(
96                  "Unable to authenticate due to invalid encryption algorithm",
97                  e);
98          }
99          catch (IOException e) {
100             throw new NtlmLogonException(
101                 "Unable to authenticate due to communication failure with " +
102                     "server",
103                 e);
104         }
105         finally {
106             try {
107                 netlogonConnection.disconnect();
108             }
109             catch (Exception e) {
110                 _log.error("Unable to disconnect Netlogon connection", e);
111             }
112         }
113     }
114 
115     public void setConfiguration(
116         String domainController, String domainControllerName,
117         NtlmServiceAccount ntlmServiceAccount) {
118 
119         _domainController = domainController;
120         _domainControllerName = domainControllerName;
121         _ntlmServiceAccount = ntlmServiceAccount;
122     }
123 
124     private static Log _log = LogFactoryUtil.getLog(Netlogon.class);
125 
126     private String _domainController;
127     private String _domainControllerName;
128     private NtlmServiceAccount _ntlmServiceAccount;
129     private SecureRandom _secureRandom = new SecureRandom();
130 
131 }