Interface Mechanism

All Known Implementing Classes:
AbstractMechanism, AnonymousMechanism, CramMD5Mechanism, ExternalMechanism, PlainMechanism, ScramSHA1Mechanism, ScramSHA256Mechanism, ScramSHA512Mechanism, XOauth2Mechanism

public interface Mechanism
Interface for all SASL authentication mechanism implementations.
  • Method Details

    • getName

      Symbol getName()
      Returns:
      the well known name of this SASL mechanism.
    • getInitialResponse

      ProtonBuffer getInitialResponse(SaslCredentialsProvider credentials) throws SaslException
      Create an initial response based on selected mechanism. May be null if there is no initial response.
      Parameters:
      credentials - The credentials that are supplied for this SASL negotiation.
      Returns:
      the initial response, or null if there isn't one.
      Throws:
      SaslException - if an error occurs generating the initial response.
    • getChallengeResponse

      ProtonBuffer getChallengeResponse(SaslCredentialsProvider credentials, ProtonBuffer challenge) throws SaslException
      Create a response based on a given challenge from the remote peer.
      Parameters:
      credentials - The credentials that are supplied for this SASL negotiation.
      challenge - The challenge that this Mechanism should response to.
      Returns:
      the response that answers the given challenge.
      Throws:
      SaslException - if an error occurs generating the challenge response.
    • verifyCompletion

      void verifyCompletion() throws SaslException
      Verifies that the SASL exchange has completed successfully. This is an opportunity for the mechanism to ensure that all mandatory steps have been completed successfully and to cleanup and resources that are held by this Mechanism.
      Throws:
      SaslException - if the outcome of the SASL exchange is not valid for this Mechanism
    • isApplicable

      boolean isApplicable(SaslCredentialsProvider credentials)
      Allows the Mechanism to determine if it is a valid choice based on the configured credentials at the time of selection.
      Parameters:
      credentials - the login credentials available at the time of mechanism selection.
      Returns:
      true if the mechanism can be used with the provided credentials
    • isEnabledByDefault

      boolean isEnabledByDefault()
      Allows the mechanism to indicate if it is enabled by default, or only when explicitly enabled through configuring the permitted SASL mechanisms. Any mechanism selection logic should examine this value along with the configured allowed mechanism and decide if this one should be used. Typically most mechanisms can be enabled by default but some require explicit configuration in order to operate which implies that selecting them by default would always cause an authentication error if that mechanism matches the highest priority value offered by the remote peer.
      Returns:
      true if this Mechanism is enabled by default.