6997851: Create NTLM AuthenticationCallBack class to avoid NTLM info leakage on client side

Reviewed-by: michaelm

6997851: Create NTLM AuthenticationCallBack class to avoid NTLM info leakage on client side
Reviewed-by: michaelm
5e31c17d · chegar · 99d10947 · 5e31c17d · 5e31c17d · 5e31c17d
6 changed file
--- a/make/sun/net/FILES_java.gmk
+++ b/make/sun/net/FILES_java.gmk
@@ -100,6 +100,7 @@ FILES_java = \
 	sun/net/www/protocol/http/NegotiateAuthentication.java \
 	sun/net/www/protocol/http/Negotiator.java \
 	sun/net/www/protocol/http/ntlm/NTLMAuthentication.java \
+	sun/net/www/protocol/http/ntlm/NTLMAuthenticationCallback.java \
 	sun/net/www/protocol/http/spnego/NegotiatorImpl.java \
 	sun/net/www/protocol/http/spnego/NegotiateCallbackHandler.java \
 	sun/net/www/protocol/http/logging/HttpLogFormatter.java \

--- a/src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java
+++ b/src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java
@@ -2173,6 +2173,13 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
                        if (tryTransparentNTLMServer) {
                            tryTransparentNTLMServer =
                                    NTLMAuthenticationProxy.proxy.supportsTransparentAuth;
+                            /* If the platform supports transparent authentication
+                             * then check if we are in a secure environment
+                             * whether, or not, we should try transparent authentication.*/
+                            if (tryTransparentNTLMServer) {
+                                tryTransparentNTLMServer =
+                                        NTLMAuthenticationProxy.proxy.isTrustedSite(url);
+                            }
                        }
                        a = null;
                        if (tryTransparentNTLMServer) {

--- a/src/share/classes/sun/net/www/protocol/http/NTLMAuthenticationProxy.java
+++ b/src/share/classes/sun/net/www/protocol/http/NTLMAuthenticationProxy.java
@@ -36,12 +36,14 @@ import sun.util.logging.PlatformLogger;
 */
 class NTLMAuthenticationProxy {
    private static Method supportsTA;
+    private static Method isTrustedSite;
    private static final String clazzStr = "sun.net.www.protocol.http.ntlm.NTLMAuthentication";
    private static final String supportsTAStr = "supportsTransparentAuth";
+    private static final String isTrustedSiteStr = "isTrustedSite";
    static final NTLMAuthenticationProxy proxy = tryLoadNTLMAuthentication();
    static final boolean supported = proxy != null ? true : false;
-    static final boolean supportsTransparentAuth = supported ? supportsTransparentAuth(supportsTA) : false;
+    static final boolean supportsTransparentAuth = supported ? supportsTransparentAuth() : false;
    private final Constructor<? extends AuthenticationInfo> threeArgCtr;
    private final Constructor<? extends AuthenticationInfo> fiveArgCtr;
@@ -82,9 +84,22 @@ class NTLMAuthenticationProxy {
     * authentication (try with the current users credentials before
     * prompting for username and password, etc).
     */
-    private static boolean supportsTransparentAuth(Method method) {
+    private static boolean supportsTransparentAuth() {
        try {
-            return (Boolean)method.invoke(null);
+            return (Boolean)supportsTA.invoke(null);
+        } catch (ReflectiveOperationException roe) {
+            finest(roe);
+        }
+        return false;
+    }
+    /* Transparent authentication should only be tried with a trusted
+     * site ( when running in a secure environment ).
+     */
+    public static boolean isTrustedSite(URL url) {
+        try {
+            return (Boolean)isTrustedSite.invoke(null, url);
        } catch (ReflectiveOperationException roe) {
            finest(roe);
        }
@@ -112,6 +127,7 @@ class NTLMAuthenticationProxy {
                                            int.class,
                                            PasswordAuthentication.class);
                supportsTA = cl.getDeclaredMethod(supportsTAStr);
+                isTrustedSite = cl.getDeclaredMethod(isTrustedSiteStr, java.net.URL.class);
                return new NTLMAuthenticationProxy(threeArg,
                                                   fiveArg);
            }

--- a/src/share/classes/sun/net/www/protocol/http/ntlm/NTLMAuthenticationCallback.java
+++ b/src/share/classes/sun/net/www/protocol/http/ntlm/NTLMAuthenticationCallback.java
+/*
+ * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+package sun.net.www.protocol.http.ntlm;
+import java.net.URL;
+/**
+ * This class is used to call back to deployment to determine if a given
+ * URL is trusted. Transparent authentication (try with logged in users
+ * credentials without prompting) should only be tried with trusted sites.
+ */
+public abstract class NTLMAuthenticationCallback {
+    private static volatile NTLMAuthenticationCallback callback =
+            new DefaultNTLMAuthenticationCallback();
+    public static void setNTLMAuthenticationCallback(
+            NTLMAuthenticationCallback callback) {
+        NTLMAuthenticationCallback.callback = callback;
+    }
+    public static NTLMAuthenticationCallback getNTLMAuthenticationCallback() {
+        return callback;
+    }
+    /**
+     * Returns true if the given site is trusted, i.e. we can try
+     * transparent Authentication.
+     */
+    public abstract boolean isTrustedSite(URL url);
+    static class DefaultNTLMAuthenticationCallback extends NTLMAuthenticationCallback {
+        @Override
+        public boolean isTrustedSite(URL url) { return true; }
+    }
+}
--- a/src/solaris/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java
+++ b/src/solaris/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java
@@ -68,6 +68,9 @@ import sun.net.www.protocol.http.HttpURLConnection;
 public class NTLMAuthentication extends AuthenticationInfo {
    private static final long serialVersionUID = 170L;
+    private static final NTLMAuthenticationCallback NTLMAuthCallback =
+        NTLMAuthenticationCallback.getNTLMAuthenticationCallback();
    private String hostname;
    private static String defaultDomain; /* Domain to use if not specified by user */
@@ -81,6 +84,14 @@ public class NTLMAuthentication extends AuthenticationInfo {
        return false;
    }
+    /**
+     * Returns true if the given site is trusted, i.e. we can try
+     * transparent Authentication.
+     */
+    public static boolean isTrustedSite(URL url) {
+        return NTLMAuthCallback.isTrustedSite(url);
+    }
    private void init0() {
        hostname = java.security.AccessController.doPrivileged(

--- a/src/windows/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java
+++ b/src/windows/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java
@@ -45,6 +45,9 @@ public class NTLMAuthentication extends AuthenticationInfo {
    private static final long serialVersionUID = 100L;
+    private static final NTLMAuthenticationCallback NTLMAuthCallback =
+        NTLMAuthenticationCallback.getNTLMAuthenticationCallback();
    private String hostname;
    private static String defaultDomain; /* Domain to use if not specified by user */
@@ -142,6 +145,14 @@ public class NTLMAuthentication extends AuthenticationInfo {
        return true;
    }
+    /**
+     * Returns true if the given site is trusted, i.e. we can try
+     * transparent Authentication.
+     */
+    public static boolean isTrustedSite(URL url) {
+        return NTLMAuthCallback.isTrustedSite(url);
+    }
    /**
     * Not supported. Must use the setHeaders() method
     */