Examples of javax.security.sasl.SaslClient

javax.security.sasl.SaslClient
initial response and send to server byte[] response = (sc.hasInitialResponse() ? sc.evaluateChallenge(new byte[0]) : null); LdapResult res = ldap.sendBindRequest(dn, sc.getName(), response); while (!sc.isComplete() &&}(res.status == SASL_BIND_IN_PROGRESS || res.status == SUCCESS)) response = sc.evaluateChallenge(res.getBytes()); if (res.status == SUCCESS) { // we're done; don't expect to send another BIND if (response != null) { throw new SaslException( "Protocol error: attempting to send response after completion"); } break; } res = ldap.sendBindRequest(dn, sc.getName(), response); } if (sc.isComplete() && res.status == SUCCESS) { String qop = (String) sc.getNegotiatedProperty(Sasl.QOP); if (qop != null && (qop.equalsIgnoreCase("auth-int") || qop.equalsIgnoreCase("auth-conf"))) { // Use SaslClient.wrap() and SaslClient.unwrap() for future // communication with server ldap.in = new SecureInputStream(sc, ldap.in); ldap.out = new SecureOutputStream(sc, ldap.out); } } } If the mechanism has an initial response, the library invokes {@code evaluateChallenge()} with an emptychallenge and to get initial response. Protocols such as IMAP4, which do not include an initial response with their first authentication command to the server, initiates the authentication without first calling {@code hasInitialResponse()}or {@code evaluateChallenge()}. When the server responds to the command, it sends an initial challenge. For a SASL mechanism in which the client sends data first, the server should have issued a challenge with no data. This will then result in a call (on the client) to {@code evaluateChallenge()} with an empty challenge. @since 1.5 @see Sasl @see SaslClientFactory @author Rosanna Lee @author Rob Weltman

    if (server != null) return;
    server = new SaslSocketServer
      (new TestResponder(), new InetSocketAddress(0), DIGEST_MD5_MECHANISM,
       SERVICE, HOST, DIGEST_MD5_PROPS, new TestSaslCallbackHandler());
    server.start();
    SaslClient saslClient = Sasl.createSaslClient
      (new String[]{DIGEST_MD5_MECHANISM}, PRINCIPAL, SERVICE, HOST,
       DIGEST_MD5_PROPS, new TestSaslCallbackHandler());
    client = new SaslSocketTransceiver(new InetSocketAddress(server.getPort()),
                                       saslClient);
    requestor = new GenericRequestor(PROTOCOL, client);

View Full Code Here

  public void testWrongPassword() throws Exception {
    Server s = new SaslSocketServer
      (new TestResponder(), new InetSocketAddress(0), DIGEST_MD5_MECHANISM,
       SERVICE, HOST, DIGEST_MD5_PROPS, new TestSaslCallbackHandler());
    s.start();
    SaslClient saslClient = Sasl.createSaslClient
      (new String[]{DIGEST_MD5_MECHANISM}, PRINCIPAL, SERVICE, HOST,
       DIGEST_MD5_PROPS, new WrongPasswordCallbackHandler());
    Transceiver c = new SaslSocketTransceiver
      (new InetSocketAddress(server.getPort()), saslClient);
    GenericRequestor requestor = new GenericRequestor(PROTOCOL, c);

View Full Code Here

            {
                properties.put( Sasl.SERVER_AUTH, "true" );
            }


            // Creating a SASL Client
            SaslClient sc = Sasl.createSaslClient(
                new String[]
                    { bindRequest.getSaslMechanism() },
                saslRequest.getAuthorizationId(),
                "ldap",
                config.getLdapHost(),
                properties,
                new SaslCallbackHandler( saslRequest ) );


            // If the SaslClient wasn't created, that means we can't create the SASL client
            // for the requested mechanism. We then produce an Exception
            if ( sc == null )
            {
                String message = "Cannot find a SASL factory for the " + bindRequest.getSaslMechanism() + " mechanism";
                LOG.error( message );
                throw new LdapException( message );
            }


            // Corner case : the SASL mech might send an initial challenge, and we have to
            // deal with it immediately.
            if ( sc.hasInitialResponse() )
            {
                byte[] challengeResponse = sc.evaluateChallenge( new byte[0] );


                // Stores the challenge's response, and send it to the server
                bindRequest.setCredentials( challengeResponse );
                writeRequest( bindRequest );


                // Get the server's response, blocking
                bindResponse = bindFuture.get( timeout, TimeUnit.MILLISECONDS );


                if ( bindResponse == null )
                {
                    // We didn't received anything : this is an error
                    LOG.error( "bind failed : timeout occurred" );
                    throw new LdapException( TIME_OUT_ERROR );
                }


                result = bindResponse.getLdapResult().getResultCode();
            }
            else
            {
                // Copy the bindRequest without setting the credentials
                BindRequest bindRequestCopy = new BindRequestImpl();
                bindRequestCopy.setMessageId( newId );


                bindRequestCopy.setName( bindRequest.getName() );
                bindRequestCopy.setSaslMechanism( bindRequest.getSaslMechanism() );
                bindRequestCopy.setSimple( bindRequest.isSimple() );
                bindRequestCopy.setVersion3( bindRequest.getVersion3() );
                bindRequestCopy.addAllControls( bindRequest.getControls().values().toArray( new Control[0] ) );


                writeRequest( bindRequestCopy );


                bindResponse = bindFuture.get( timeout, TimeUnit.MILLISECONDS );


                if ( bindResponse == null )
                {
                    // We didn't received anything : this is an error
                    LOG.error( "bind failed : timeout occurred" );
                    throw new LdapException( TIME_OUT_ERROR );
                }


                result = bindResponse.getLdapResult().getResultCode();
            }


            while ( !sc.isComplete()
                && ( ( result == ResultCodeEnum.SASL_BIND_IN_PROGRESS ) || ( result == ResultCodeEnum.SUCCESS ) ) )
            {
                response = sc.evaluateChallenge( bindResponse.getServerSaslCreds() );


                if ( result == ResultCodeEnum.SUCCESS )
                {
                    if ( response != null )
                    {

View Full Code Here

        }
        conn.setServerProperties(start.getServerProperties());


        try
        {
            final SaslClient sc = createSaslClient(brokerMechs);


            conn.setSaslClient(sc);


            byte[] response = sc.hasInitialResponse() ?
                sc.evaluateChallenge(new byte[0]) : null;
            conn.connectionStartOk
                (clientProperties, sc.getMechanismName(), response,
                 conn.getLocale());
        }
        catch (ConnectionException ce)
        {
            conn.exception(ce);

View Full Code Here

    }


    @Override
    public void connectionSecure(Connection conn, ConnectionSecure secure)
    {
        SaslClient sc = conn.getSaslClient();
        try
        {
            byte[] response = sc.evaluateChallenge(secure.getChallenge());
            conn.connectionSecureOk(response);
        }
        catch (SaslException e)
        {
            conn.exception(e);

View Full Code Here

            {
                properties.put( Sasl.SERVER_AUTH, "true" );
            }


            // Creating a SASL Client
            SaslClient sc = Sasl.createSaslClient(
                new String[]
                    { bindRequest.getSaslMechanism() },
                saslRequest.getAuthorizationId(),
                "ldap",
                config.getLdapHost(),
                properties,
                new SaslCallbackHandler( saslRequest ) );


            // If the SaslClient wasn't created, that means we can't create the SASL client
            // for the requested mechanism. We then produce an Exception
            if ( sc == null )
            {
                String message = "Cannot find a SASL factory for the " + bindRequest.getSaslMechanism() + " mechanism";
                LOG.error( message );
                throw new LdapException( message );
            }


            // Corner case : the SASL mech might send an initial challenge, and we have to
            // deal with it immediately.
            if ( sc.hasInitialResponse() )
            {
                byte[] challengeResponse = sc.evaluateChallenge( new byte[0] );


                // Stores the challenge's response, and send it to the server
                bindRequest.setCredentials( challengeResponse );
                writeRequest( bindRequest );


                // Get the server's response, blocking
                bindResponse = bindFuture.get( timeout, TimeUnit.MILLISECONDS );


                if ( bindResponse == null )
                {
                    // We didn't received anything : this is an error
                    LOG.error( "bind failed : timeout occurred" );
                    throw new LdapException( TIME_OUT_ERROR );
                }


                result = bindResponse.getLdapResult().getResultCode();
            }
            else
            {
                // Copy the bindRequest without setting the credentials
                BindRequest bindRequestCopy = new BindRequestImpl();
                bindRequestCopy.setMessageId( newId );


                bindRequestCopy.setName( bindRequest.getName() );
                bindRequestCopy.setSaslMechanism( bindRequest.getSaslMechanism() );
                bindRequestCopy.setSimple( bindRequest.isSimple() );
                bindRequestCopy.setVersion3( bindRequest.getVersion3() );
                bindRequestCopy.addAllControls( bindRequest.getControls().values().toArray( new Control[0] ) );


                writeRequest( bindRequestCopy );


                bindResponse = bindFuture.get( timeout, TimeUnit.MILLISECONDS );


                if ( bindResponse == null )
                {
                    // We didn't received anything : this is an error
                    LOG.error( "bind failed : timeout occurred" );
                    throw new LdapException( TIME_OUT_ERROR );
                }


                result = bindResponse.getLdapResult().getResultCode();
            }


            while ( !sc.isComplete()
                && ( ( result == ResultCodeEnum.SASL_BIND_IN_PROGRESS ) || ( result == ResultCodeEnum.SUCCESS ) ) )
            {
                response = sc.evaluateChallenge( bindResponse.getServerSaslCreds() );


                if ( result == ResultCodeEnum.SUCCESS )
                {
                    if ( response != null )
                    {

View Full Code Here

            saslProps.put(Sasl.QOP, "auth-conf");
        }


        final AMQCallbackHandler handler = CallbackHandlerRegistry.getInstance().createCallbackHandler(selectedMech);
        handler.initialise(_connectionURL);
        final SaslClient sc = Sasl.createSaslClient(new String[] {selectedMech}, null, getConnectionSettings().getSaslProtocol(), getConnectionSettings().getSaslServerName(), saslProps, handler);


        return sc;
    }

View Full Code Here

    }


    @Override
    public void connectionOpenOk(Connection conn, ConnectionOpenOk ok)
    {
        SaslClient sc = conn.getSaslClient();
        if (sc != null)
        {
            if (sc.getMechanismName().equals("GSSAPI"))
            {
                String id = getKerberosUser();
                if (id != null)
                {
                    conn.setUserID(id);
                }
            }
            else if (sc.getMechanismName().equals("EXTERNAL"))
            {
                if (conn.getSecurityLayer() != null)
                {
                    conn.setUserID(conn.getSecurityLayer().getUserID());
                }

View Full Code Here

      List<String> serverMechs = mechList(tcpTransport, defaultCacheTopologyId);
      if (!serverMechs.contains(configuration.saslMechanism())) {
         throw log.unsupportedMech(configuration.saslMechanism(), serverMechs);
      }


      SaslClient saslClient;
      if (configuration.clientSubject() != null) {
         saslClient = Subject.doAs(configuration.clientSubject(), new PrivilegedExceptionAction<SaslClient>() {
            @Override
            public SaslClient run() throws Exception {
               CallbackHandler callbackHandler = configuration.callbackHandler();
               if (callbackHandler == null) {
                  callbackHandler = NoOpCallbackHandler.INSTANCE;
               }
            return Sasl.createSaslClient(new String[] { configuration.saslMechanism() }, null, "hotrod",
                     configuration.serverName(), configuration.saslProperties(), callbackHandler);
            }
         });
      } else {
         saslClient = Sasl.createSaslClient(new String[] { configuration.saslMechanism() }, null, "hotrod",
               configuration.serverName(), configuration.saslProperties(), configuration.callbackHandler());
      }


      if (log.isTraceEnabled()) {
         log.tracef("Authenticating using mech: %s", configuration.saslMechanism());
      }
      byte response[] = saslClient.hasInitialResponse() ? evaluateChallenge(saslClient, EMPTY_BYTES) : EMPTY_BYTES;


      byte challenge[] = auth(tcpTransport, defaultCacheTopologyId, configuration.saslMechanism(), response);
      while (!saslClient.isComplete() && challenge != null) {
         response = evaluateChallenge(saslClient, challenge);
         if (response == null) {
            break;
         }
         challenge = auth(tcpTransport, defaultCacheTopologyId, "", response);
      }


      String qop = (String) saslClient.getNegotiatedProperty(Sasl.QOP);
      if (qop != null && (qop.equalsIgnoreCase(AUTH_INT) || qop.equalsIgnoreCase(AUTH_CONF))) {
         tcpTransport.setSaslClient(saslClient);
      } else {
         saslClient.dispose();
      }


      if (pingOnStartup && !firstPingExecuted) {
         log.trace("Executing first ping!");
         firstPingExecuted = true;

View Full Code Here

            saslProps.put(Sasl.QOP, "auth-conf");
        }


        final AMQCallbackHandler handler = CallbackHandlerRegistry.getInstance().createCallbackHandler(selectedMech);
        handler.initialise(_connectionURL);
        final SaslClient sc = Sasl.createSaslClient(new String[] {selectedMech}, null, getConnectionSettings().getSaslProtocol(), getConnectionSettings().getSaslServerName(), saslProps, handler);


        return sc;
    }

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of javax.security.sasl.SaslClient

com.massivecraft.mcore.xlib.mongodb.DBPort$SaslAuthenticator

com.mongodb.DBPort$SaslAuthenticator

com.rabbitmq.client.JDKSaslConfig

net.rubyeye.xmemcached.auth.AuthTask

net.spy.memcached.protocol.binary.SASLBaseOperationImpl

NoQuoteParams

org.apache.avro.ipc.TestSaslDigestMd5

org.apache.blur.thirdparty.thrift_0_9_0.transport.TSaslClientTransport

org.apache.directory.ldap.client.api.LdapNetworkConnection

org.apache.hadoop.ipc.TestSaslRPC

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.