Skip navigation links

Oracle Application Server HTTPClient Java API Reference
10g Release 3 (10.1.3.1.0)

B32117-01


HTTPClient.ntlm
Class NtlmAuthenticationScheme

java.lang.Object
  extended byHTTPClient.AuthenticationSchemeBase
      extended byHTTPClient.ntlm.NtlmAuthenticationScheme

All Implemented Interfaces:
AuthenticationScheme

public final class NtlmAuthenticationScheme
extends AuthenticationSchemeBase

The NtlmAuthenticationScheme class implements the AuthenticationScheme interface, supporting NTLM authentication within HTTPClient.

NTLM employs a challenge-response mechanism for authentication, in which clients are able to prove their identities without sending a password to the server. It consists of three messages, commonly referred to as Type 1 (negotiation), Type 2 (challenge) and Type 3 (authentication). It works like this:

  1. The client sends a Type 1 message to the server. This primarily contains a list of features supported by the client and requested of the server.
  2. The server responds with a Type 2 message. This contains a list of features supported and agreed upon by the server. Most importantly, however, it contains a challenge generated by the server.
  3. The client replies to the challenge with a Type 3 message. This contains several pieces of information about the client, including the domain and username of the client user. It also contains one or more responses to the Type 2 challenge.

The responses in the Type 3 message are the most critical piece, as they prove to the server that the client user has knowledge of the account password.

NTLM is a connection-oriented protocol. Once the connection is authenticated, no further credentials are required as long as the connection remains open.

Proxy servers may also use NTLM for client authentication. However, unlike request-oriented authentication like Basic and Digest, an NTLM client may only authenticate the connection with the proxy, not the resource server.


Nested Class Summary
static interface NtlmAuthenticationScheme.AuthInfoParams
          AuthorizationInfo parameters, used for caching credentials.

 

Field Summary
static java.lang.String DEFAULT_SCHEME_NAME
          The default scheme name.
static java.lang.String NTLM_REALM
          The no-name realm.

 

Fields inherited from interface HTTPClient.AuthenticationScheme
IS_CONNECTION_ORIENTED

 

Constructor Summary
NtlmAuthenticationScheme()
          No-argument constructor, assumes scheme name "NTLM" and assumes the scheme is connection oriented.
NtlmAuthenticationScheme(java.lang.String schemeName)
          Constructor, assumes the scheme is connection oriented.

 

Method Summary
 AuthorizationInfo createAuthorizationInfo(java.lang.String host, int port, java.lang.String realm, java.lang.String username, java.lang.String password)
          Creates an AuthorizationInfo object, appropriately populated for use by this AuthenticationScheme.
 AuthorizationInfo getAuthorization(AuthorizationInfo credentials, RoRequest request, AuthorizationInfo challenge, RoResponse response)
          Determines an AuthorizationInfo object for populating either the Authorization header or the Proxy-Authorization header, appropriately for the scheme.

 

Methods inherited from class HTTPClient.AuthenticationSchemeBase
getSchemeName, isConnectionOriented, setSchemeName

 

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

 

Field Detail

DEFAULT_SCHEME_NAME

public static final java.lang.String DEFAULT_SCHEME_NAME
The default scheme name.
See Also:
Constant Field Values

NTLM_REALM

public static final java.lang.String NTLM_REALM
The no-name realm.
See Also:
Constant Field Values

Constructor Detail

NtlmAuthenticationScheme

public NtlmAuthenticationScheme()
                         throws java.lang.IllegalArgumentException
No-argument constructor, assumes scheme name "NTLM" and assumes the scheme is connection oriented.
See Also:
AuthenticationSchemeBase.AuthenticationSchemeBase( String, boolean )

NtlmAuthenticationScheme

public NtlmAuthenticationScheme(java.lang.String schemeName)
                         throws java.lang.IllegalArgumentException
Constructor, assumes the scheme is connection oriented.
See Also:
AuthenticationSchemeBase.AuthenticationSchemeBase( String, boolean )

Method Detail

createAuthorizationInfo

public AuthorizationInfo createAuthorizationInfo(java.lang.String host,
                                                 int port,
                                                 java.lang.String realm,
                                                 java.lang.String username,
                                                 java.lang.String password)
                                          throws java.lang.IllegalArgumentException
Description copied from interface: AuthenticationScheme
Creates an AuthorizationInfo object, appropriately populated for use by this AuthenticationScheme. The resulting object will be passed back to AuthenticationScheme.getAuthorization(HTTPClient.AuthorizationInfo, HTTPClient.RoRequest, HTTPClient.AuthorizationInfo, HTTPClient.RoResponse) when we are challenged by the server using this scheme.
Parameters:
host - Connecting to this host
port - Connecting on this port
realm - Applicable security realm
username - Account username
password - Account password
Returns:
The new AuthorizationInfo object
Throws:
java.lang.IllegalArgumentException - Invalid arguments given.
See Also:
AuthenticationScheme.createAuthorizationInfo( String host, int port, String realm, String username, String password )

getAuthorization

public AuthorizationInfo getAuthorization(AuthorizationInfo credentials,
                                          RoRequest request,
                                          AuthorizationInfo challenge,
                                          RoResponse response)
Description copied from interface: AuthenticationScheme
Determines an AuthorizationInfo object for populating either the Authorization header or the Proxy-Authorization header, appropriately for the scheme.
Parameters:
credentials - Contains credentials populated as required by this AuthenticationScheme, usually by AuthenticationScheme.createAuthorizationInfo(java.lang.String, int, java.lang.String, java.lang.String, java.lang.String).
request - The original request
challenge - The server challenge, parsed from the response, or null if attempting to pre-emptively send auth info.
response - The response received, which contains the challenge, or null if attempting to pre-emptively send auth info.
Returns:
The AuthorizationInfo object for populating either the Authorization header or the Proxy-Authorization header, or null if header values could not be determined.
See Also:
AuthenticationScheme.getAuthorization( AuthorizationInfo, RoRequest, AuthorizationInfo, RoResponse)

Skip navigation links

Oracle Application Server HTTPClient Java API Reference
10g Release 3 (10.1.3.1.0)

B32117-01


Copyright © 2004, 2006, Oracle. All rights reserved.