{
}
public void methodReceived(AMQStateManager stateManager, ConnectionStartOkBody body, int channelId) throws AMQException
{
Broker broker = stateManager.getBroker();
AMQProtocolSession session = stateManager.getProtocolSession();
_logger.info("SASL Mechanism selected: " + body.getMechanism());
_logger.info("Locale selected: " + body.getLocale());
SubjectCreator subjectCreator = stateManager.getSubjectCreator();
SaslServer ss = null;
try
{
ss = subjectCreator.createSaslServer(String.valueOf(body.getMechanism()), session.getLocalFQDN(), session.getPeerPrincipal());
if (ss == null)
{
throw body.getConnectionException(AMQConstant.RESOURCE_ERROR, "Unable to create SASL Server:" + body.getMechanism());
}
session.setSaslServer(ss);
final SubjectAuthenticationResult authResult = subjectCreator.authenticate(ss, body.getResponse());
//save clientProperties
session.setClientProperties(body.getClientProperties());
MethodRegistry methodRegistry = session.getMethodRegistry();
switch (authResult.getStatus())
{
case ERROR:
Exception cause = authResult.getCause();
_logger.info("Authentication failed:" + (cause == null ? "" : cause.getMessage()));
stateManager.changeState(AMQState.CONNECTION_CLOSING);
ConnectionCloseBody closeBody =
methodRegistry.createConnectionCloseBody(AMQConstant.NOT_ALLOWED.getCode(), // replyCode
AMQConstant.NOT_ALLOWED.getName(),
body.getClazz(),
body.getMethod());
session.writeFrame(closeBody.generateFrame(0));
disposeSaslServer(session);
break;
case SUCCESS:
if (_logger.isInfoEnabled())
{
_logger.info("Connected as: " + authResult.getSubject());
}
session.setAuthorizedSubject(authResult.getSubject());
stateManager.changeState(AMQState.CONNECTION_NOT_TUNED);
ConnectionTuneBody tuneBody = methodRegistry.createConnectionTuneBody((Integer)broker.getAttribute(Broker.CONNECTION_SESSION_COUNT_LIMIT),
BrokerProperties.FRAME_SIZE,
(Integer)broker.getAttribute(Broker.CONNECTION_HEART_BEAT_DELAY));
session.writeFrame(tuneBody.generateFrame(0));
break;
case CONTINUE:
stateManager.changeState(AMQState.CONNECTION_NOT_AUTH);