mirror of
https://github.com/moparisthebest/davmail
synced 2024-12-14 19:52:21 -05:00
Implement NTLM HTTP proxy support
git-svn-id: http://svn.code.sf.net/p/davmail/code/trunk@940 3d1905a2-6b24-0410-a738-b14d5a86fcbd
This commit is contained in:
parent
21844fe61e
commit
43a22c7832
@ -52,6 +52,7 @@ public final class DavGatewayHttpClientFacade {
|
||||
static final int MAX_REDIRECTS = 10;
|
||||
static final Object LOCK = new Object();
|
||||
private static MultiThreadedHttpConnectionManager multiThreadedHttpConnectionManager;
|
||||
private static boolean needNTLM;
|
||||
|
||||
static final long ONE_MINUTE = 60000;
|
||||
|
||||
@ -117,11 +118,13 @@ public final class DavGatewayHttpClientFacade {
|
||||
httpClient.setHttpConnectionManager(multiThreadedHttpConnectionManager);
|
||||
}
|
||||
|
||||
ArrayList<String> authPrefs = new ArrayList<String>();
|
||||
authPrefs.add(AuthPolicy.DIGEST);
|
||||
authPrefs.add(AuthPolicy.BASIC);
|
||||
// exclude NTLM authentication scheme
|
||||
httpClient.getParams().setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, authPrefs);
|
||||
if (!needNTLM) {
|
||||
ArrayList<String> authPrefs = new ArrayList<String>();
|
||||
authPrefs.add(AuthPolicy.DIGEST);
|
||||
authPrefs.add(AuthPolicy.BASIC);
|
||||
// exclude NTLM authentication scheme
|
||||
httpClient.getParams().setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, authPrefs);
|
||||
}
|
||||
|
||||
boolean enableProxy = Settings.getBooleanProperty("davmail.enableProxy");
|
||||
String proxyHost = null;
|
||||
@ -365,12 +368,13 @@ public final class DavGatewayHttpClientFacade {
|
||||
|
||||
/**
|
||||
* Test if NTLM auth scheme is enabled.
|
||||
*
|
||||
* @param httpClient HttpClient instance
|
||||
* @return true if NTLM is enabled
|
||||
*/
|
||||
public static boolean hasNTLM(HttpClient httpClient) {
|
||||
Object authPrefs = httpClient.getParams().getParameter(AuthPolicy.AUTH_SCHEME_PRIORITY);
|
||||
return authPrefs instanceof List<?> && ((Collection) authPrefs).contains(AuthPolicy.NTLM);
|
||||
return authPrefs == null || (authPrefs instanceof List<?> && ((Collection) authPrefs).contains(AuthPolicy.NTLM));
|
||||
}
|
||||
|
||||
private static void addNTLM(HttpClient httpClient) {
|
||||
@ -379,19 +383,34 @@ public final class DavGatewayHttpClientFacade {
|
||||
authPrefs.add(AuthPolicy.DIGEST);
|
||||
authPrefs.add(AuthPolicy.BASIC);
|
||||
httpClient.getParams().setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, authPrefs);
|
||||
// make sure NTLM is always active
|
||||
needNTLM = true;
|
||||
}
|
||||
|
||||
private static boolean acceptsNTLMOnly(GetMethod getMethod) {
|
||||
public static boolean acceptsNTLMOnly(HttpMethod getMethod) {
|
||||
Header authenticateHeader = null;
|
||||
if (getMethod.getStatusCode() == HttpStatus.SC_UNAUTHORIZED) {
|
||||
authenticateHeader = getMethod.getResponseHeader("Authenticate");
|
||||
} else if (getMethod.getStatusCode() == HttpStatus.SC_PROXY_AUTHENTICATION_REQUIRED) {
|
||||
authenticateHeader = getMethod.getResponseHeader("Proxy-Authenticate");
|
||||
authenticateHeader = getMethod.getResponseHeader("Proxy-Authenticate");
|
||||
}
|
||||
if (authenticateHeader == null) {
|
||||
return false;
|
||||
} else {
|
||||
boolean acceptBasic = false;
|
||||
boolean acceptNTLM = false;
|
||||
HeaderElement[] headerElements = authenticateHeader.getElements();
|
||||
for (HeaderElement headerElement : headerElements) {
|
||||
if ("NTLM".equalsIgnoreCase(headerElement.getName())) {
|
||||
acceptNTLM = true;
|
||||
}
|
||||
if ("Basic".equalsIgnoreCase(headerElement.getName())) {
|
||||
acceptBasic = true;
|
||||
}
|
||||
}
|
||||
return acceptNTLM && !acceptBasic;
|
||||
|
||||
}
|
||||
// check authenticate header
|
||||
return (authenticateHeader != null)
|
||||
&& (authenticateHeader.getElements().length == 1)
|
||||
&& ("NTLM".equals(authenticateHeader.getElements()[0].getName()));
|
||||
}
|
||||
|
||||
/**
|
||||
@ -400,8 +419,8 @@ public final class DavGatewayHttpClientFacade {
|
||||
* @param httpClient Http client instance
|
||||
* @param method Http method
|
||||
* @param followRedirects Follow redirects flag
|
||||
* @throws IOException on error
|
||||
* @return Http status
|
||||
* @throws IOException on error
|
||||
*/
|
||||
public static int executeGetMethod(HttpClient httpClient, GetMethod method, boolean followRedirects) throws IOException {
|
||||
// do not follow redirects in expired sessions
|
||||
@ -410,7 +429,7 @@ public final class DavGatewayHttpClientFacade {
|
||||
if ((status == HttpStatus.SC_UNAUTHORIZED || status == HttpStatus.SC_PROXY_AUTHENTICATION_REQUIRED)
|
||||
&& acceptsNTLMOnly(method) && !hasNTLM(httpClient)) {
|
||||
method.releaseConnection();
|
||||
LOGGER.debug("Received "+status+" unauthorized at " + method.getURI() + ", retrying with NTLM");
|
||||
LOGGER.debug("Received " + status + " unauthorized at " + method.getURI() + ", retrying with NTLM");
|
||||
addNTLM(httpClient);
|
||||
status = httpClient.executeMethod(method);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user