Apache2-AuthenNTLM
view release on metacpan or search on metacpan
AuthenNTLM.pm view on Meta::CPAN
sub get_basic
{
my ($self, $r, $data) = @_ ;
($self -> {username}, $self -> {password}) = split (/:/, $data) ;
my ($domain, $username) = split (/\\|\//, $self -> {username}) ;
if ($username)
{
$self -> {domain} = $domain ;
$self -> {username} = $username ;
}
else
{
$self -> {domain} = $self -> {defaultdomain} ;
}
$self -> {userdomain} = $self -> {domain} ;
if ($debug)
{
print STDERR "[$$] AuthenNTLM: basic auth username = $self->{domain}\\$self->{username}\n" ;
}
return -1 ;
}
sub DESTROY
{
my ($self) = @_ ;
Authen::Smb::Valid_User_Disconnect ($self -> {smbhandle}) if ($self -> {smbhandle}) ;
}
sub handler : method
{
my ($class, $r) = @_ ;
my $type ;
my $nonce = '' ;
my $self ;
my $conn = $r -> connection ;
my $connhdr = $r -> headers_in -> {'Connection'} ;
my $fh = select (STDERR) ;
$| = 1 ;
select ($fh) ;
my $addr = $conn -> remote_addr -> ip_get ;
my $port = $conn -> remote_addr -> port ;
print STDERR "[$$] AuthenNTLM: Start NTLM Authen handler pid = $$, connection = "
. "$$conn conn_http_hdr = $connhdr main = " . ($r -> main)
. " cuser = " . $r -> user . ' remote_ip = ' . $conn -> remote_ip
. " remote_port = " . unpack('n', $port) . ' remote_host = <'
. $conn -> remote_host . "> version = $VERSION "
. "smbhandle = " . $self -> {smbhandle} . "\n" if ($debug) ;
# we cannot attach our object to the connection record. Since in
# Apache 1.3 there is only one connection at a time per process
# we can cache our object and check if the connection has changed.
# The check is done by slightly changing the remote_host member, which
# persists as long as the connection does
# This has to be reworked to work with Apache 2.0
my $table;
$table = $conn->notes();
if (ref ($cache) ne $class || $$conn != $cache->{connectionid} || ($table->get('status') ne "AUTHSTARTED"))
{
$table->add('status','AUTHSTARTED');
$conn->notes($table);
$self = {connectionid => $$conn } ;
bless $self, $class ;
$cache = $self ;
print STDERR "[$$] AuthenNTLM: Setup new object\n" if ($debug) ;
}
else
{
$self = $cache ;
print STDERR "[$$] AuthenNTLM: Object exists user = $self->{userdomain}\\$self->{username}\n" if ($debug) ;
if ($self -> {ok})
{
$r -> user($self->{mappedusername}) ;
# we accept the user because we are on the same connection
$type = $self -> get_msg ($r);
my $content_len = $r->headers_in->{'content-length'} ;
my $method = $r -> method ;
print STDERR "[$$] AuthenNTLM: Same connection pid = $$, connection = $$conn cuser = " .
$r -> user . ' ip = ' . $conn -> remote_ip . ' method = ' .
$method . ' Content-Length = ' .
$content_len . ' type = ' . $type . "\n" if ($debug) ;
# IE (5.5, 6.0, probably others) can send a type 1 message
# after authenticating on the same connection. This is a
# problem for POST messages, because IE also sends a
# "Content-length: 0" with no POST data.
if ($method eq 'GET' || $method eq 'HEAD' || $method eq 'OPTION' || $method eq 'DELETE' ||
$content_len > 0 || $type == 3)
{
print STDERR "[$$] AuthenNTLM: OK because same connection\n" if ($debug) ;
return Apache2::Const::OK ;
}
}
}
# end of if statement
$self -> get_config ($r) ;
$type = $self -> get_msg ($r) if (!$type) ;
if (!$type)
{
$self -> {lock} = undef ; # reset lock in case anything has gone wrong
if (!$self->{ntlmauthoritative})
{ # see if we have any header
my $auth_line = $r -> headers_in->{$r->proxyreq ? 'Proxy-Authorization' : 'Authorization'} ;
if ($auth_line)
{
$r->log_error('Bad/Missing NTLM Authorization Header for ' . $r->uri
( run in 1.376 second using v1.01-cache-2.11-cpan-e1769b4cff6 )