Class: Qpid::Proton::SASL

Inherits:

Object

• Object
• Qpid::Proton::SASL

Defined in:

lib/core/sasl.rb

Overview

Note:

Do not instantiate directly, use Transport#sasl to create a SASL object.

The SASL layer is responsible for establishing an authenticated and/or encrypted tunnel over which AMQP frames are passed between peers.

The peer acting as the SASL client must provide authentication credentials.

The peer acting as the SASL server must provide authentication against the received credentials.

Constant Summary

NONE =

Negotation has not completed.

Cproton::PN_SASL_NONE

OK =

Authentication succeeded.

Cproton::PN_SASL_OK

AUTH =

Authentication failed due to bad credentials.

Cproton::PN_SASL_AUTH

Class Method Summary

• .config_name=(name)

  Set the configuration file name, without extension.

• .config_path=(path)

  Set the sasl configuration path.

• .extended? ⇒ Bool

  True if extended SASL negotiation is supported.

Instance Method Summary

• #allowed_mechs=(mechanisms)

  Set the mechanisms allowed for SASL negotation.

Class Method Details

.config_name=(name)

Set the configuration file name, without extension

The name with an a “.conf” extension will be searched for in the configuration path. If not set, it defaults to “proton-server” or “proton-client” for a server (incoming) or client (outgoing) connection respectively.

Parameters:

• name —

  the configuration file name without extension

# File 'lib/core/sasl.rb', line 113

def config_name=(name)
  Cproton.pn_sasl_config_name(nil, name)
end

.config_path=(path)

Set the sasl configuration path

This is used to tell SASL where to look for the configuration file. In the current implementation it can be a colon separated list of directories.

The environment variable PN_SASL_CONFIG_PATH can also be used to set this path, but if both methods are used then this pn_sasl_config_path() will take precedence.

If not set the underlying implementation default will be used.

Parameters:

• path —

  the configuration path

# File 'lib/core/sasl.rb', line 99

def config_path=(path)
  Cproton.pn_sasl_config_path(nil, path)
  path
end

.extended? ⇒ Bool

True if extended SASL negotiation is supported

All implementations of Proton support ANONYMOUS and EXTERNAL on both client and server sides and PLAIN on the client side.

Extended SASL implememtations use an external library (Cyrus SASL) to support other mechanisms.

Returns:

• (Bool) —

  true if extended SASL negotiation is supported

# File 'lib/core/sasl.rb', line 80

def self.extended?()
  Cproton.pn_sasl_extended()
end

Instance Method Details

#allowed_mechs=(mechanisms)

Set the mechanisms allowed for SASL negotation

Parameters:

• mechanisms (String) —

  space-delimited list of allowed mechanisms

# File 'lib/core/sasl.rb', line 64

def allowed_mechs=(mechanisms)
  Cproton.pn_sasl_allowed_mechs(@impl, mechanisms)
end