1
0
mirror of https://github.com/moparisthebest/davmail synced 2024-12-14 11:42:23 -05:00

Implement NTLM HTTP proxy support

git-svn-id: http://svn.code.sf.net/p/davmail/code/trunk@940 3d1905a2-6b24-0410-a738-b14d5a86fcbd
This commit is contained in:
mguessan 2010-02-08 20:48:12 +00:00
parent 21844fe61e
commit 43a22c7832

View File

@ -52,6 +52,7 @@ public final class DavGatewayHttpClientFacade {
static final int MAX_REDIRECTS = 10; static final int MAX_REDIRECTS = 10;
static final Object LOCK = new Object(); static final Object LOCK = new Object();
private static MultiThreadedHttpConnectionManager multiThreadedHttpConnectionManager; private static MultiThreadedHttpConnectionManager multiThreadedHttpConnectionManager;
private static boolean needNTLM;
static final long ONE_MINUTE = 60000; static final long ONE_MINUTE = 60000;
@ -117,11 +118,13 @@ public final class DavGatewayHttpClientFacade {
httpClient.setHttpConnectionManager(multiThreadedHttpConnectionManager); httpClient.setHttpConnectionManager(multiThreadedHttpConnectionManager);
} }
if (!needNTLM) {
ArrayList<String> authPrefs = new ArrayList<String>(); ArrayList<String> authPrefs = new ArrayList<String>();
authPrefs.add(AuthPolicy.DIGEST); authPrefs.add(AuthPolicy.DIGEST);
authPrefs.add(AuthPolicy.BASIC); authPrefs.add(AuthPolicy.BASIC);
// exclude NTLM authentication scheme // exclude NTLM authentication scheme
httpClient.getParams().setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, authPrefs); httpClient.getParams().setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, authPrefs);
}
boolean enableProxy = Settings.getBooleanProperty("davmail.enableProxy"); boolean enableProxy = Settings.getBooleanProperty("davmail.enableProxy");
String proxyHost = null; String proxyHost = null;
@ -365,12 +368,13 @@ public final class DavGatewayHttpClientFacade {
/** /**
* Test if NTLM auth scheme is enabled. * Test if NTLM auth scheme is enabled.
*
* @param httpClient HttpClient instance * @param httpClient HttpClient instance
* @return true if NTLM is enabled * @return true if NTLM is enabled
*/ */
public static boolean hasNTLM(HttpClient httpClient) { public static boolean hasNTLM(HttpClient httpClient) {
Object authPrefs = httpClient.getParams().getParameter(AuthPolicy.AUTH_SCHEME_PRIORITY); Object authPrefs = httpClient.getParams().getParameter(AuthPolicy.AUTH_SCHEME_PRIORITY);
return authPrefs instanceof List<?> && ((Collection) authPrefs).contains(AuthPolicy.NTLM); return authPrefs == null || (authPrefs instanceof List<?> && ((Collection) authPrefs).contains(AuthPolicy.NTLM));
} }
private static void addNTLM(HttpClient httpClient) { private static void addNTLM(HttpClient httpClient) {
@ -379,19 +383,34 @@ public final class DavGatewayHttpClientFacade {
authPrefs.add(AuthPolicy.DIGEST); authPrefs.add(AuthPolicy.DIGEST);
authPrefs.add(AuthPolicy.BASIC); authPrefs.add(AuthPolicy.BASIC);
httpClient.getParams().setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, authPrefs); httpClient.getParams().setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, authPrefs);
// make sure NTLM is always active
needNTLM = true;
} }
private static boolean acceptsNTLMOnly(GetMethod getMethod) { public static boolean acceptsNTLMOnly(HttpMethod getMethod) {
Header authenticateHeader = null; Header authenticateHeader = null;
if (getMethod.getStatusCode() == HttpStatus.SC_UNAUTHORIZED) { if (getMethod.getStatusCode() == HttpStatus.SC_UNAUTHORIZED) {
authenticateHeader = getMethod.getResponseHeader("Authenticate"); authenticateHeader = getMethod.getResponseHeader("Authenticate");
} else if (getMethod.getStatusCode() == HttpStatus.SC_PROXY_AUTHENTICATION_REQUIRED) { } else if (getMethod.getStatusCode() == HttpStatus.SC_PROXY_AUTHENTICATION_REQUIRED) {
authenticateHeader = getMethod.getResponseHeader("Proxy-Authenticate"); authenticateHeader = getMethod.getResponseHeader("Proxy-Authenticate");
} }
// check authenticate header if (authenticateHeader == null) {
return (authenticateHeader != null) return false;
&& (authenticateHeader.getElements().length == 1) } else {
&& ("NTLM".equals(authenticateHeader.getElements()[0].getName())); boolean acceptBasic = false;
boolean acceptNTLM = false;
HeaderElement[] headerElements = authenticateHeader.getElements();
for (HeaderElement headerElement : headerElements) {
if ("NTLM".equalsIgnoreCase(headerElement.getName())) {
acceptNTLM = true;
}
if ("Basic".equalsIgnoreCase(headerElement.getName())) {
acceptBasic = true;
}
}
return acceptNTLM && !acceptBasic;
}
} }
/** /**
@ -400,8 +419,8 @@ public final class DavGatewayHttpClientFacade {
* @param httpClient Http client instance * @param httpClient Http client instance
* @param method Http method * @param method Http method
* @param followRedirects Follow redirects flag * @param followRedirects Follow redirects flag
* @throws IOException on error
* @return Http status * @return Http status
* @throws IOException on error
*/ */
public static int executeGetMethod(HttpClient httpClient, GetMethod method, boolean followRedirects) throws IOException { public static int executeGetMethod(HttpClient httpClient, GetMethod method, boolean followRedirects) throws IOException {
// do not follow redirects in expired sessions // do not follow redirects in expired sessions