Package org.apache.qpid.protonj2.engine.sasl.client

Class SaslMechanismSelector

  • public class SaslMechanismSelector
extends Object
    Client side mechanism used to select a matching mechanism from the server offered list of mechanisms. The client configures the list of allowed Mechanism names and when the server mechanisms are offered mechanism is chosen from the allowed set. If the client does not configure any mechanisms then the selector chooses from all supported Mechanism types.

    • Constructor Detail

      • SaslMechanismSelector

        public SaslMechanismSelector()
        Creates a new Mechanism selector that will choose a match from all supported Mechanism types.

      • SaslMechanismSelector

        public SaslMechanismSelector​(Collection<String> allowed)
        Creates a new Mechanism selector configured with the given set of allowed Mechanism names.
        Parameters:
        allowed - A Collection of SASL mechanism names that are allowed to be used when selecting a matching mechanism.

      • SaslMechanismSelector

        public SaslMechanismSelector​(Set<Symbol> allowed)
        Creates a new Mechanism selector configured with the given set of allowed Mechanism names.
        Parameters:
        allowed - A Set of SASL mechanism names that are allowed to be used when selecting a matching mechanism.

    • Method Detail

      • getAllowedMechanisms

        public Set<Symbol> getAllowedMechanisms()
        Returns:
        the configured set of allowed SASL Mechanism names.

      • select

        public Mechanism select​(Symbol[] serverMechs,
                        SaslCredentialsProvider credentials)
        Given a list of SASL mechanism names select a match from the supported types using the configured allowed list and the given credentials.
        Parameters:
        serverMechs - The list of mechanisms the server indicates it supports.
        credentials - A SaslCredentialsProvider used to choose an matching applicable SASL Mechanism.
        Returns:
        a selected SASL Mechanism instance or null of no match is possible.

      • createMechanism

        protected Mechanism createMechanism​(Symbol name,
                                    SaslCredentialsProvider credentials)
        Using the given Mechanism name and the provided credentials create and configure a Mechanism for evaluation by the selector.
        Parameters:
        name - A mechanism name that matches one of the supported offerings by the remote
        credentials - The provided credentials that will be used to perform authentication with the remote.
        Returns:
        a new Mechanism instance or null the offered mechanism is unsupported.

      • isApplicable

        protected boolean isApplicable​(Mechanism candidate,
                               SaslCredentialsProvider credentials)
        Tests a given Mechanism instance to determine if it is applicable given the selector configuration and the provided credentials.
        Parameters:
        candidate - The SASL mechanism that matches both the allowed and the server offered lists.
        credentials - The provided SASL credentials which will be used when authenticating with the remote.
        Returns:
        true if the candidate Mechanism is applicable given the provide credentials.