1/*
2 * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.  Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26package com.sun.security.sasl.ntlm;
27
28import java.util.Map;
29
30import javax.security.sasl.*;
31import javax.security.auth.callback.CallbackHandler;
32
33import com.sun.security.sasl.util.PolicyUtils;
34
35
36/**
37  * Client and server factory for NTLM SASL client/server mechanisms.
38  * See NTLMClient and NTLMServer for input requirements.
39  *
40  * @since 1.7
41  */
42
43public final class FactoryImpl implements SaslClientFactory,
44SaslServerFactory{
45
46    private static final String[] myMechs = { "NTLM" };
47    private static final int[] mechPolicies = {
48            PolicyUtils.NOPLAINTEXT|PolicyUtils.NOANONYMOUS
49    };
50
51    /**
52      * Empty constructor.
53      */
54    public FactoryImpl() {
55    }
56
57    /**
58     * Returns a new instance of the NTLM SASL client mechanism.
59     * Argument checks are performed in SaslClient's constructor.
60     * @return a new SaslClient; otherwise null if unsuccessful.
61     * @throws SaslException If there is an error creating the NTLM
62     * SASL client.
63     */
64    public SaslClient createSaslClient(String[] mechs,
65         String authorizationId, String protocol, String serverName,
66         Map<String,?> props, CallbackHandler cbh)
67         throws SaslException {
68
69         for (int i=0; i<mechs.length; i++) {
70            if (mechs[i].equals("NTLM") &&
71                    PolicyUtils.checkPolicy(mechPolicies[0], props)) {
72
73                if (cbh == null) {
74                    throw new SaslException(
75                        "Callback handler with support for " +
76                        "RealmCallback, NameCallback, and PasswordCallback " +
77                        "required");
78                }
79                return new NTLMClient(mechs[i], authorizationId,
80                    protocol, serverName, props, cbh);
81            }
82        }
83        return null;
84    }
85
86    /**
87     * Returns a new instance of the NTLM SASL server mechanism.
88     * Argument checks are performed in SaslServer's constructor.
89     * @return a new SaslServer; otherwise null if unsuccessful.
90     * @throws SaslException If there is an error creating the NTLM
91     * SASL server.
92     */
93    public SaslServer createSaslServer(String mech,
94         String protocol, String serverName, Map<String,?> props, CallbackHandler cbh)
95         throws SaslException {
96
97         if (mech.equals("NTLM") &&
98                 PolicyUtils.checkPolicy(mechPolicies[0], props)) {
99             if (props != null) {
100                 String qop = (String)props.get(Sasl.QOP);
101                 if (qop != null && !qop.equals("auth")) {
102                     throw new SaslException("NTLM only support auth");
103                 }
104             }
105             if (cbh == null) {
106                 throw new SaslException(
107                     "Callback handler with support for " +
108                     "RealmCallback, NameCallback, and PasswordCallback " +
109                     "required");
110             }
111             return new NTLMServer(mech, protocol, serverName, props, cbh);
112         }
113         return null;
114    }
115
116    /**
117      * Returns the authentication mechanisms that this factory can produce.
118      *
119      * @return String[] {"NTLM"} if policies in env match those of this
120      * factory.
121      */
122    public String[] getMechanismNames(Map<String,?> env) {
123        return PolicyUtils.filterMechs(myMechs, mechPolicies, env);
124    }
125}
126