0

我正在为我的 Alfresco JLan 创建一个自定义身份验证器。

这是我的jlanConfig.xml

    <?xml version="1.0" standalone="no"?>
<!-- <!DOCTYPE jlanserver SYSTEM "jlanserver.dtd"> -->

<jlanserver>
  <servers>
    <SMB/>
    <noFTP/>
    <noNFS/>
  </servers>

  <SMB>
    <host name="NUAGESERVER" domain="NUAGE">
      <broadcast>255.255.255.0</broadcast>
      <smbdialects>LanMan,NT</smbdialects>
      <comment>Alfresco JLAN Server</comment>

      <Win32NetBIOS/>
      <Win32Announce interval="5"/>

      <!-- To run the server using a non-root account on linux, Mac OS X, Solaris -->

        <netBIOSSMB sessionPort="1139" namePort="1137" datagramPort="1138" platforms="linux,macosx,solaris"/>
      <tcpipSMB port="1445" platforms="linux,macosx,solaris"/>


      <hostAnnounce interval="5"/>
    </host>
    <sessionDebug flags="Negotiate,Socket,Tree"/>
    <netbiosDebug/> 
   <announceDebug/> 

        <authenticator>
            <class>com.ye.nuage.auth.NuageAuthenticator</class>
      <Debug/>
        </authenticator>

  </SMB>

  <FTP>
    <port>21</port>
    <allowAnonymous/>
    <debug flags="File,Search,Error,DataPort,Directory"/>
  </FTP>

  <NFS>
    <enablePortMapper/>
    <debug flags="File,FileIO"/>
  </NFS>

  <debug>
    <output>
      <class>org.alfresco.jlan.debug.ConsoleDebug</class>
      <logFile>jlansrv.log</logFile>
      <append/>
    </output>
  </debug>

  <shares>
    <diskshare name="JLAN" comment="Test share">
      <driver>
        <class>org.alfresco.jlan.smb.server.disk.JavaFileDiskDriver</class>
        <LocalPath>.</LocalPath>
      </driver>
    </diskshare>
  </shares>     

  <security>
    <JCEProvider>cryptix.jce.provider.CryptixCrypto</JCEProvider>
    <authenticator>
      <class>com.ye.nuage.auth.NuageAuthenticator</class>
      <mode>USER</mode>
    </authenticator>

    <users>
      <user name="jlansrv">
        <password>jlan</password>
        <comment>System administrator</comment>
        <administrator/>
      </user>
      <user name="normal">
        <password>normal</password>
      </user>
    </users>
  </security>
</jlanserver>

我的 NuageAuthenticator 是 CifsAuthenticator 的副本,但以下方法除外:

Override
public int authenticateUser(ClientInfo client, SrvSession sess, int alg) {

    // Check if the user exists in the user list
    UserAccount userAcc = null;
    try {
        userAcc = getNuageUserDetails(client.getUserName());
    } catch (YeException e) {
        e.printStackTrace();
    }
    if (userAcc != null) {

        // Validate the password

        boolean authSts = false;

        if (client.getPassword() != null) {

            // Validate using the Unicode password

            authSts = validateNuagePassword(userAcc, client, sess.getAuthenticationContext(), alg);
        } else if (client.hasANSIPassword()) {

            // Validate using the ANSI password with the LanMan encryption

            authSts = validateNuagePassword(userAcc, client, sess.getAuthenticationContext(), LANMAN);
        }

        // Return the authentication status

        return authSts == true ? AUTH_ALLOW : AUTH_BADPASSWORD;
    }

    // Check if this is an SMB/CIFS null session logon.
    //
    // The null session will only be allowed to connect to the IPC$ named
    // pipe share.

    if (client.isNullSession() && sess instanceof SMBSrvSession)
        return AUTH_ALLOW;

    // Unknown user

    return allowGuest() ? AUTH_GUEST : AUTH_DISALLOW;
}

private UserAccount getNuageUserDetails(String userName) throws YeException {
    if (context == null) {
        context = new ClassPathXmlApplicationContext("/applicationContext-nuage.xml");
    }
    userRepository = context.getBean(UserRepository.class);
    User u = userRepository.findByUserLogin(userName); // Search the user into my repository
    if (u != null) {
        UserAccount ua = new UserAccount();
        ua.setMD4Password(u.getUserMd4Password().getBytes());
        ua.setUserName(userName);
        ua.setRealName(u.getUserFirstName() + " " + u.getUserLastName());
        return ua;
    }
    return null;
}

但是当我尝试登录时,我在调用validatePassword方法时收到以下错误。

    [T2] Closing session due to exception
java.lang.ArrayIndexOutOfBoundsException
    at java.lang.System.arraycopy(Native Method)
    at com.ye.nuage.auth.NuageAuthenticator.validatePassword(NuageAuthenticator.java:123)
    at com.ye.nuage.auth.NuageAuthenticator.authenticateUser(NuageAuthenticator.java:60)
    at org.alfresco.jlan.server.auth.CifsAuthenticator.processSessionSetup(CifsAuthenticator.java:572)
    at org.alfresco.jlan.smb.server.NTProtocolHandler.procSessionSetup(NTProtocolHandler.java:396)
    at org.alfresco.jlan.smb.server.NTProtocolHandler.runProtocol(NTProtocolHandler.java:213)
    at org.alfresco.jlan.smb.server.SMBSrvSession.processPacket(SMBSrvSession.java:1439)
    at org.alfresco.jlan.smb.server.nio.NIOCIFSThreadRequest.runRequest(NIOCIFSThreadRequest.java:104)
    at org.alfresco.jlan.server.thread.ThreadRequestPool$ThreadWorker.run(ThreadRequestPool.java:141)
    at java.lang.Thread.run(Thread.java:722)
java.lang.ArrayIndexOutOfBoundsException
    at java.lang.System.arraycopy(Native Method)
    at com.ye.nuage.auth.NuageAuthenticator.validatePassword(NuageAuthenticator.java:123)
    at com.ye.nuage.auth.NuageAuthenticator.authenticateUser(NuageAuthenticator.java:60)
    at org.alfresco.jlan.server.auth.CifsAuthenticator.processSessionSetup(CifsAuthenticator.java:572)
    at org.alfresco.jlan.smb.server.NTProtocolHandler.procSessionSetup(NTProtocolHandler.java:396)
    at org.alfresco.jlan.smb.server.NTProtocolHandler.runProtocol(NTProtocolHandler.java:213)
    at org.alfresco.jlan.smb.server.SMBSrvSession.processPacket(SMBSrvSession.java:1439)
    at org.alfresco.jlan.smb.server.nio.NIOCIFSThreadRequest.runRequest(NIOCIFSThreadRequest.java:104)
    at org.alfresco.jlan.server.thread.ThreadRequestPool$ThreadWorker.run(ThreadRequestPool.java:141)
    at java.lang.Thread.run(Thread.java:722)

这是一个方法片段:

if (user.hasMD4Password() && alg != LANMAN) {

            try {

                // Generate the encrpyted password

                if (alg == NTLM1) {

                    // Get the MD4 hashed password

                    byte[] p21 = new byte[21];
                    System.arraycopy(user.getMD4Password(), 0, p21, 0, user.getMD4Password().length); **//THE ERROR OCCURS HERE!**

                    // Generate an NTLMv1 encrypted password
`

错误发生在这里:

System.arraycopy(user.getMD4Password(), 0, p21, 0, user.getMD4Password().length); 

但问题很简单:为什么会出现这个错误?

4

1 回答 1

-1

问题在于 MD4 32 位算法。查看更多信息:http ://forums.alfresco.com/forum/installation-upgrades-configuration-integration/authentication-ldap-sso/alfresco-jlan-smbcifs

于 2013-06-05T02:09:42.467 回答