NtlmAuthenticationScheme (Oracle Application Server HTTPClient Java API Reference)

Overview

Package

Class

Tree

Deprecated

Index

Help

Oracle Application Server HTTPClient Java API Reference
10g Release 3 (10.1.3.1.0)
B32117-01

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

HTTPClient.ntlm
Class NtlmAuthenticationScheme

java.lang.Object HTTPClient.AuthenticationSchemeBase HTTPClient.ntlm.NtlmAuthenticationScheme

All Implemented Interfaces:: AuthenticationScheme

public final class NtlmAuthenticationScheme
extends AuthenticationSchemeBase

The NtlmAuthenticationScheme class implements the AuthenticationScheme interface, supporting NTLM authentication within HTTPClient.

NTLM employs a challenge-response mechanism for authentication, in which clients are able to prove their identities without sending a password to the server. It consists of three messages, commonly referred to as Type 1 (negotiation), Type 2 (challenge) and Type 3 (authentication). It works like this:

The client sends a Type 1 message to the server. This primarily contains a list of features supported by the client and requested of the server.
The server responds with a Type 2 message. This contains a list of features supported and agreed upon by the server. Most importantly, however, it contains a challenge generated by the server.
The client replies to the challenge with a Type 3 message. This contains several pieces of information about the client, including the domain and username of the client user. It also contains one or more responses to the Type 2 challenge.

The responses in the Type 3 message are the most critical piece, as they prove to the server that the client user has knowledge of the account password.

NTLM is a connection-oriented protocol. Once the connection is authenticated, no further credentials are required as long as the connection remains open.

Proxy servers may also use NTLM for client authentication. However, unlike request-oriented authentication like Basic and Digest, an NTLM client may only authenticate the connection with the proxy, not the resource server.

Nested Class Summary
`static interface`	`NtlmAuthenticationScheme.AuthInfoParams` `AuthorizationInfo` parameters, used for caching credentials.

Field Summary
`static java.lang.String`	`DEFAULT_SCHEME_NAME` The default scheme name.
`static java.lang.String`	`NTLM_REALM` The no-name realm.

Fields inherited from interface HTTPClient.AuthenticationScheme

IS_CONNECTION_ORIENTED

Constructor Summary
`NtlmAuthenticationScheme()` No-argument constructor, assumes scheme name "NTLM" and assumes the scheme is connection oriented.
`NtlmAuthenticationScheme(java.lang.String schemeName)` Constructor, assumes the scheme is connection oriented.

Method Summary
`AuthorizationInfo`	`createAuthorizationInfo(java.lang.String host, int port, java.lang.String realm, java.lang.String username, java.lang.String password)` Creates an `AuthorizationInfo` object, appropriately populated for use by this AuthenticationScheme.
`AuthorizationInfo`	`getAuthorization(AuthorizationInfo credentials, RoRequest request, AuthorizationInfo challenge, RoResponse response)` Determines an `AuthorizationInfo` object for populating either the `Authorization` header or the `Proxy-Authorization` header, appropriately for the scheme.

Methods inherited from class HTTPClient.AuthenticationSchemeBase

getSchemeName, isConnectionOriented, setSchemeName

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DEFAULT_SCHEME_NAME

public static final java.lang.String DEFAULT_SCHEME_NAME

The default scheme name.

See Also:: Constant Field Values

NTLM_REALM

public static final java.lang.String NTLM_REALM

The no-name realm.

See Also:: Constant Field Values

Constructor Detail

NtlmAuthenticationScheme

public NtlmAuthenticationScheme()
                         throws java.lang.IllegalArgumentException

No-argument constructor, assumes scheme name "NTLM" and assumes the scheme is connection oriented.
See Also:: AuthenticationSchemeBase.AuthenticationSchemeBase( String, boolean )

NtlmAuthenticationScheme

public NtlmAuthenticationScheme(java.lang.String schemeName)
                         throws java.lang.IllegalArgumentException

Constructor, assumes the scheme is connection oriented.
See Also:: AuthenticationSchemeBase.AuthenticationSchemeBase( String, boolean )

Method Detail

createAuthorizationInfo

public AuthorizationInfo createAuthorizationInfo(java.lang.String host,
                                                 int port,
                                                 java.lang.String realm,
                                                 java.lang.String username,
                                                 java.lang.String password)
                                          throws java.lang.IllegalArgumentException

Description copied from interface: AuthenticationScheme

Creates an AuthorizationInfo object, appropriately populated for use by this AuthenticationScheme. The resulting object will be passed back to

AuthenticationScheme.getAuthorization(HTTPClient.AuthorizationInfo, HTTPClient.RoRequest, HTTPClient.AuthorizationInfo, HTTPClient.RoResponse)

when we are challenged by the server using this scheme.

Parameters:: host - Connecting to this host; port - Connecting on this port; realm - Applicable security realm; username - Account username; password - Account password
Returns:: The new AuthorizationInfo object
Throws:: java.lang.IllegalArgumentException - Invalid arguments given.
See Also:: AuthenticationScheme.createAuthorizationInfo( String host, int port, String realm, String username, String password )

getAuthorization

public AuthorizationInfo getAuthorization(AuthorizationInfo credentials,
                                          RoRequest request,
                                          AuthorizationInfo challenge,
                                          RoResponse response)

Description copied from interface: AuthenticationScheme

Determines an AuthorizationInfo object for populating either the Authorization header or the Proxy-Authorization header, appropriately for the scheme.

Parameters:: credentials - Contains credentials populated as required by this AuthenticationScheme, usually by AuthenticationScheme.createAuthorizationInfo(java.lang.String, int, java.lang.String, java.lang.String, java.lang.String).; request - The original request; challenge - The server challenge, parsed from the response, or null if attempting to pre-emptively send auth info.; response - The response received, which contains the challenge, or null if attempting to pre-emptively send auth info.
Returns:: The AuthorizationInfo object for populating either the Authorization header or the Proxy-Authorization header, or null if header values could not be determined.
See Also:: AuthenticationScheme.getAuthorization( AuthorizationInfo, RoRequest, AuthorizationInfo, RoResponse)