1
0
mirror of https://github.com/moparisthebest/davmail synced 2024-12-13 19:22:22 -05:00

Enable NTLM on Proxy-Authenticate return code with only NTLM available

git-svn-id: http://svn.code.sf.net/p/davmail/code/trunk@934 3d1905a2-6b24-0410-a738-b14d5a86fcbd
This commit is contained in:
mguessan 2010-02-01 22:52:36 +00:00
parent 6c1fd3f958
commit f88bd875e6
3 changed files with 37 additions and 13 deletions

View File

@ -227,8 +227,10 @@ public class ExchangeSession {
method = formLogin(httpClient, method, userName, password); method = formLogin(httpClient, method, userName, password);
} }
// avoid 401 roundtrips // avoid 401 roundtrips, only if NTLM is disabled
if (!DavGatewayHttpClientFacade.hasNTLM(httpClient)) {
httpClient.getParams().setParameter(HttpClientParams.PREEMPTIVE_AUTHENTICATION, true); httpClient.getParams().setParameter(HttpClientParams.PREEMPTIVE_AUTHENTICATION, true);
}
buildMailPath(method); buildMailPath(method);

View File

@ -20,16 +20,16 @@ package davmail.exchange;
import davmail.BundleMessage; import davmail.BundleMessage;
import davmail.Settings; import davmail.Settings;
import davmail.exception.DavMailException;
import davmail.exception.DavMailAuthenticationException; import davmail.exception.DavMailAuthenticationException;
import davmail.exception.DavMailException;
import davmail.http.DavGatewayHttpClientFacade; import davmail.http.DavGatewayHttpClientFacade;
import org.apache.commons.httpclient.HttpClient; import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpMethod;
import org.apache.commons.httpclient.HttpStatus; import org.apache.commons.httpclient.HttpStatus;
import org.apache.commons.httpclient.methods.GetMethod; import org.apache.commons.httpclient.methods.GetMethod;
import java.io.IOException; import java.io.IOException;
import java.net.*; import java.net.NetworkInterface;
import java.net.SocketException;
import java.util.Enumeration; import java.util.Enumeration;
import java.util.HashMap; import java.util.HashMap;
import java.util.Map; import java.util.Map;
@ -124,6 +124,8 @@ public final class ExchangeSessionFactory {
throw exc; throw exc;
} catch (DavMailException exc) { } catch (DavMailException exc) {
throw exc; throw exc;
} catch (IllegalStateException exc) {
throw exc;
} catch (Exception exc) { } catch (Exception exc) {
handleNetworkDown(exc); handleNetworkDown(exc);
} }
@ -172,12 +174,11 @@ public final class ExchangeSessionFactory {
public static void checkConfig() throws IOException { public static void checkConfig() throws IOException {
String url = Settings.getProperty("davmail.url"); String url = Settings.getProperty("davmail.url");
HttpClient httpClient = DavGatewayHttpClientFacade.getInstance(); HttpClient httpClient = DavGatewayHttpClientFacade.getInstance();
HttpMethod testMethod = new GetMethod(url); GetMethod testMethod = new GetMethod(url);
try { try {
// get webMail root url (will not follow redirects) // get webMail root url (will not follow redirects)
testMethod.setFollowRedirects(false);
testMethod.setDoAuthentication(false); testMethod.setDoAuthentication(false);
int status = httpClient.executeMethod(testMethod); int status = DavGatewayHttpClientFacade.executeGetMethod(httpClient, testMethod, false);
ExchangeSession.LOGGER.debug("Test configuration status: " + status); ExchangeSession.LOGGER.debug("Test configuration status: " + status);
if (status != HttpStatus.SC_OK && status != HttpStatus.SC_UNAUTHORIZED if (status != HttpStatus.SC_OK && status != HttpStatus.SC_UNAUTHORIZED
&& status != HttpStatus.SC_MOVED_TEMPORARILY && status != HttpStatus.SC_MOVED_PERMANENTLY) { && status != HttpStatus.SC_MOVED_TEMPORARILY && status != HttpStatus.SC_MOVED_PERMANENTLY) {

View File

@ -363,7 +363,12 @@ public final class DavGatewayHttpClientFacade {
return status; return status;
} }
private static boolean hasNTLM(HttpClient httpClient) { /**
* Test if NTLM auth scheme is enabled.
* @param httpClient HttpClient instance
* @return true if NTLM is enabled
*/
public static boolean hasNTLM(HttpClient httpClient) {
Object authPrefs = httpClient.getParams().getParameter(AuthPolicy.AUTH_SCHEME_PRIORITY); Object authPrefs = httpClient.getParams().getParameter(AuthPolicy.AUTH_SCHEME_PRIORITY);
return authPrefs instanceof List<?> && ((Collection) authPrefs).contains(AuthPolicy.NTLM); return authPrefs instanceof List<?> && ((Collection) authPrefs).contains(AuthPolicy.NTLM);
} }
@ -376,6 +381,19 @@ public final class DavGatewayHttpClientFacade {
httpClient.getParams().setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, authPrefs); httpClient.getParams().setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, authPrefs);
} }
private static boolean acceptsNTLMOnly(GetMethod getMethod) {
Header authenticateHeader = null;
if (getMethod.getStatusCode() == HttpStatus.SC_UNAUTHORIZED) {
authenticateHeader = getMethod.getResponseHeader("Authenticate");
} else if (getMethod.getStatusCode() == HttpStatus.SC_PROXY_AUTHENTICATION_REQUIRED) {
authenticateHeader = getMethod.getResponseHeader("Proxy-Authenticate");
}
// check authenticate header
return (authenticateHeader != null)
&& (authenticateHeader.getElements().length == 1)
&& ("NTLM".equals(authenticateHeader.getElements()[0].getName()));
}
/** /**
* Execute Get method, do not follow redirects. * Execute Get method, do not follow redirects.
* *
@ -383,18 +401,20 @@ public final class DavGatewayHttpClientFacade {
* @param method Http method * @param method Http method
* @param followRedirects Follow redirects flag * @param followRedirects Follow redirects flag
* @throws IOException on error * @throws IOException on error
* @return Http status
*/ */
public static void executeGetMethod(HttpClient httpClient, GetMethod method, boolean followRedirects) throws IOException { public static int executeGetMethod(HttpClient httpClient, GetMethod method, boolean followRedirects) throws IOException {
// do not follow redirects in expired sessions // do not follow redirects in expired sessions
method.setFollowRedirects(followRedirects); method.setFollowRedirects(followRedirects);
int status = httpClient.executeMethod(method); int status = httpClient.executeMethod(method);
if (status == HttpStatus.SC_UNAUTHORIZED && !hasNTLM(httpClient)) { if ((status == HttpStatus.SC_UNAUTHORIZED || status == HttpStatus.SC_PROXY_AUTHENTICATION_REQUIRED)
&& acceptsNTLMOnly(method) && !hasNTLM(httpClient)) {
method.releaseConnection(); method.releaseConnection();
LOGGER.debug("Received unauthorized at " + method.getURI() + ", retrying with NTLM"); LOGGER.debug("Received "+status+" unauthorized at " + method.getURI() + ", retrying with NTLM");
addNTLM(httpClient); addNTLM(httpClient);
status = httpClient.executeMethod(method); status = httpClient.executeMethod(method);
} }
if (status != HttpStatus.SC_OK) { if (status != HttpStatus.SC_OK && (followRedirects || !isRedirect(status))) {
LOGGER.warn("GET failed with status " + status + " at " + method.getURI() + ": " + method.getResponseBodyAsString()); LOGGER.warn("GET failed with status " + status + " at " + method.getURI() + ": " + method.getResponseBodyAsString());
throw DavGatewayHttpClientFacade.buildHttpException(method); throw DavGatewayHttpClientFacade.buildHttpException(method);
} }
@ -407,6 +427,7 @@ public final class DavGatewayHttpClientFacade {
throw DavGatewayHttpClientFacade.buildHttpException(method); throw DavGatewayHttpClientFacade.buildHttpException(method);
} }
} }
return status;
} }
private static void checkExpiredSession(String queryString) throws DavMailAuthenticationException { private static void checkExpiredSession(String queryString) throws DavMailAuthenticationException {