Examples of javax.security.sasl.SaslServer

• javax.security.sasl.SaslServer
  SaslServer.wrap() and SaslServer.unwrap() for future // communication with client ldap.in = new SecureInputStream(ss, ldap.in); ldap.out = new SecureOutputStream(ss, ldap.out); } } } @since 1.5 @see Sasl @see SaslServerFactory @author Rosanna Lee @author Rob Weltman

    public void testAuthenticatePrincipalCnDc_OtherComponentsIgnored() throws Exception
    {
        X500Principal principal = new X500Principal("CN=person, DC=example, DC=com, O=My Company Ltd, L=Newbury, ST=Berkshire, C=GB");
        UsernamePrincipal expectedPrincipal = new UsernamePrincipal("person@example.com");
        SaslServer saslServer = _manager.createSaslServer("EXTERNAL", "example.example.com", principal);

        AuthenticationResult result = _manager.authenticate(saslServer, new byte[0]);
        assertNotNull(result);
        assertEquals("Expected authentication to be successful",
                AuthenticationResult.AuthenticationStatus.SUCCESS,
                result.getStatus());
        assertOnlyContainsWrapped(expectedPrincipal, result.getPrincipals());
        assertEquals("person@example.com", saslServer.getAuthorizationID());
    }

    public void testAuthenticatePrincipalCn_OtherComponentsIgnored() throws Exception
    {
        X500Principal principal = new X500Principal("CN=person, O=My Company Ltd, L=Newbury, ST=Berkshire, C=GB");
        UsernamePrincipal expectedPrincipal = new UsernamePrincipal("person");
        SaslServer saslServer = _manager.createSaslServer("EXTERNAL", "example.example.com", principal);

        AuthenticationResult result = _manager.authenticate(saslServer, new byte[0]);
        assertNotNull(result);
        assertEquals("Expected authentication to be successful",
                AuthenticationResult.AuthenticationStatus.SUCCESS,
                result.getStatus());
        assertOnlyContainsWrapped(expectedPrincipal, result.getPrincipals());
        assertEquals("person", saslServer.getAuthorizationID());
    }

    }

    public void testFullDNMode_Authenticate() throws Exception
    {
        X500Principal principal = new X500Principal("CN=person, DC=example, DC=com");
        SaslServer saslServer = _managerUsingFullDN.createSaslServer("EXTERNAL", "example.example.com", principal);

        AuthenticationResult result = _managerUsingFullDN.authenticate(saslServer, new byte[0]);
        assertNotNull(result);
        assertEquals("Expected authentication to be successful",
                     AuthenticationResult.AuthenticationStatus.SUCCESS,
                     result.getStatus());

        assertOnlyContainsWrapped(principal, result.getPrincipals());
        assertEquals("CN=person,DC=example,DC=com", saslServer.getAuthorizationID());
    }

        assertEquals("CN=person,DC=example,DC=com", saslServer.getAuthorizationID());
    }

    public void testFullDNMode_AuthenticatePrincipalNull_CausesAuthError() throws Exception
    {
        SaslServer saslServer = _managerUsingFullDN.createSaslServer("EXTERNAL", "example.example.com", null);
        AuthenticationResult result = _managerUsingFullDN.authenticate(saslServer, new byte[0]);

        assertNotNull(result);
        assertEquals("Expected authentication to be unsuccessful",
                     AuthenticationResult.AuthenticationStatus.ERROR,
                     result.getStatus());
        assertNull(saslServer.getAuthorizationID());
    }

        assertNull(saslServer.getAuthorizationID());
    }

    private void createSaslServerTestImpl(AuthenticationManager manager) throws Exception
    {
        SaslServer server = manager.createSaslServer("EXTERNAL", "example.example.com", null);

        assertEquals("Sasl Server mechanism name is not as expected", "EXTERNAL", server.getMechanismName());

        try
        {
            server = manager.createSaslServer("PLAIN", "example.example.com", null);
            fail("Expected creating SaslServer with incorrect mechanism to throw an exception");

        assertEquals("ANONYMOUS", _manager.getMechanisms());
    }

    public void testCreateSaslServer() throws Exception
    {
        SaslServer server = _manager.createSaslServer("ANONYMOUS", "example.example.com", null);

        assertEquals("Sasl Server mechanism name is not as expected", "ANONYMOUS", server.getMechanismName());

        try
        {
            server = _manager.createSaslServer("PLAIN", "example.example.com", null);
            fail("Expected creating SaslServer with incorrect mechanism to throw an exception");

        }
    }

    public void testAuthenticate() throws Exception
    {
        SaslServer saslServer = _manager.createSaslServer("ANONYMOUS", "example.example.com", null);
        AuthenticationResult result = _manager.authenticate(saslServer, new byte[0]);
        assertNotNull(result);
        assertEquals("Expected authentication to be successful",
                     AuthenticationResult.AuthenticationStatus.SUCCESS,
                     result.getStatus());

            LOG.error( message );
            throw new IllegalArgumentException( message );
        }

        // Get the previously created SaslServer instance
        SaslServer ss = mechanismHandler.handleMechanism( ldapSession, bindRequest );

        generateSaslChallengeOrComplete( ldapSession, ss, bindRequest );
    }

                // Initialize the mechanism specific data
                mechanismHandler.init( ldapSession );

                // Get the SaslServer instance which manage the C/R exchange
                SaslServer ss = mechanismHandler.handleMechanism( ldapSession, bindRequest );

                // We have to generate a challenge
                generateSaslChallengeOrComplete( ldapSession, ss, bindRequest );

                // And get back

 */
public class GssapiMechanismHandler extends AbstractMechanismHandler
{
    public SaslServer handleMechanism( LdapSession ldapSession, BindRequest bindRequest ) throws Exception
    {
        SaslServer ss = ( SaslServer ) ldapSession.getSaslProperty( SaslConstants.SASL_SERVER );

        if ( ss == null )
        {
            //Subject subject = ( Subject ) ldapSession.getIoSession().getAttribute( "saslSubject" );