|
All LDAP Classes Internal LDAP Classes |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object com.novell.sasl.client.ExternalSaslClient
Implements the ExternalSaslClient mechanism.
Field Summary | |
private java.lang.String |
m_authorizationId
|
private javax.security.auth.callback.CallbackHandler |
m_cbh
|
private java.util.Map |
m_props
|
private java.lang.String |
m_protocol
|
private java.lang.String |
m_serverName
|
private int |
m_state
|
private static int |
STATE_DISPOSED
|
private static int |
STATE_INITIAL
|
private static int |
STATE_INVALID_SERVER_RESPONSE
|
private static int |
STATE_VALID_SERVER_RESPONSE
|
Constructor Summary | |
private |
ExternalSaslClient(java.lang.String authorizationId,
java.lang.String protocol,
java.lang.String serverName,
java.util.Map props,
javax.security.auth.callback.CallbackHandler cbh)
Creates an ExternalSaslClient object using the parameters supplied. |
Method Summary | |
void |
dispose()
Disposes of any system resources or security-sensitive information the SaslClient might be using. |
byte[] |
evaluateChallenge(byte[] challenge)
Evaluates the challenge data and generates a response. |
static SaslClient |
getClient(java.lang.String authorizationId,
java.lang.String protocol,
java.lang.String serverName,
java.util.Map props,
javax.security.auth.callback.CallbackHandler cbh)
Creates an ExternalSaslClient object using the parameters supplied. |
java.lang.String |
getMechanismName()
Returns the IANA-registered mechanism name of this SASL client. |
java.lang.Object |
getNegotiatedProperty(java.lang.String propName)
Retrieves the negotiated property. |
boolean |
hasInitialResponse()
Determines if this mechanism has an optional initial response. |
boolean |
isComplete()
Determines if the authentication exchange has completed. |
byte[] |
unwrap(byte[] incoming,
int offset,
int len)
Unwraps a byte array received from the server. |
byte[] |
wrap(byte[] outgoing,
int offset,
int len)
Wraps a byte array to be sent to the server. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
private java.lang.String m_authorizationId
private java.lang.String m_protocol
private java.lang.String m_serverName
private java.util.Map m_props
private javax.security.auth.callback.CallbackHandler m_cbh
private int m_state
private static final int STATE_INITIAL
private static final int STATE_VALID_SERVER_RESPONSE
private static final int STATE_INVALID_SERVER_RESPONSE
private static final int STATE_DISPOSED
Constructor Detail |
private ExternalSaslClient(java.lang.String authorizationId, java.lang.String protocol, java.lang.String serverName, java.util.Map props, javax.security.auth.callback.CallbackHandler cbh)
authorizationId
- The possibly null protocol-dependent
identification to be used for authorization. If
null or empty, the server derives an authorization
ID from the client's authentication credentials.
When the SASL authentication completes
successfully, the specified entity is granted
access.protocol
- The non-null string name of the protocol for which
the authentication is being performed (e.g. "ldap")serverName
- The non-null fully qualified host name of the server
to authenticate toprops
- The possibly null set of properties used to select
the SASL mechanism and to configure the
authentication exchange of the selected mechanism.
See the Sasl class for a list of standard properties.
Other, possibly mechanism-specific, properties can
be included. Properties not relevant to the selected
mechanism are ignored.cbh
- The possibly null callback handler to used by the
SASL mechanisms to get further information from the
application/library to complete the authentication.
For example, a SASL mechanism might require the
authentication ID, password and realm from the
caller. The authentication ID is requested by using
a NameCallback. The password is requested by using
a PasswordCallback. The realm is requested by using
a RealmChoiceCallback if there is a list of realms
to choose from, and by using a RealmCallback if the
realm must be entered.Method Detail |
public static SaslClient getClient(java.lang.String authorizationId, java.lang.String protocol, java.lang.String serverName, java.util.Map props, javax.security.auth.callback.CallbackHandler cbh)
authorizationId
- The possibly null protocol-dependent
identification to be used for authorization. If
null or empty, the server derives an authorization
ID from the client's authentication credentials.
When the SASL authentication completes
successfully, the specified entity is granted
access.protocol
- The non-null string name of the protocol for which
the authentication is being performed (e.g. "ldap")serverName
- The non-null fully qualified host name of the server
to authenticate toprops
- The possibly null set of properties used to select
the SASL mechanism and to configure the
authentication exchange of the selected mechanism.
See the Sasl class for a list of standard properties.
Other, possibly mechanism-specific, properties can
be included. Properties not relevant to the selected
mechanism are ignored.cbh
- The possibly null callback handler to used by the
SASL mechanisms to get further information from the
application/library to complete the authentication.
For example, a SASL mechanism might require the
authentication ID, password and realm from the
caller. The authentication ID is requested by using
a NameCallback. The password is requested by using
a PasswordCallback. The realm is requested by using
a RealmChoiceCallback if there is a list of realms
to choose from, and by using a RealmCallback if the
realm must be entered.
SaslException
- If a SaslClient instance cannot be created
because of an errorpublic boolean hasInitialResponse()
hasInitialResponse
in interface SaslClient
public boolean isComplete()
isComplete
in interface SaslClient
public byte[] unwrap(byte[] incoming, int offset, int len) throws SaslException
unwrap
in interface SaslClient
incoming
- A non-null byte array containing the encoded bytes
from the serveroffset
- The starting position at incoming of the bytes to uselen
- The number of bytes from incoming to use
SaslException
- If this method is called before
the authentictaion process has completed.A SaslException
is thrown also if incoming cannot be successfully unwrappedpublic byte[] wrap(byte[] outgoing, int offset, int len) throws SaslException
wrap
in interface SaslClient
outgoing
- A non-null byte array containing the bytes to encodeoffset
- The starting position at outgoing of the bytes to uselen
- The number of bytes from outgoing to use
SaslException
- if incoming cannot be successfully unwrapped.
java.lang.IllegalStateException
- if the authentication exchange has
not completed, or if the negotiated quality of
protection has neither integrity nor privacy.public java.lang.Object getNegotiatedProperty(java.lang.String propName)
getNegotiatedProperty
in interface SaslClient
propName
- The non-null property name
java.lang.IllegalStateException
- if this authentication exchange has
not completedpublic void dispose() throws SaslException
dispose
in interface SaslClient
SaslException
- - if a problem was encountered while disposing of the resourcespublic byte[] evaluateChallenge(byte[] challenge) throws SaslException
evaluateChallenge
in interface SaslClient
challenge
- The non-null challenge sent from the server. The
challenge array may have zero length.
SaslException
- If an error occurred while processing the
challenge or generating a response.public java.lang.String getMechanismName()
getMechanismName
in interface SaslClient
|
All LDAP Classes Internal LDAP Classes |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |