Interface Mechanism
- All Known Implementing Classes:
AbstractMechanism
,AnonymousMechanism
,CramMD5Mechanism
,ExternalMechanism
,PlainMechanism
,ScramSHA1Mechanism
,ScramSHA256Mechanism
,ScramSHA512Mechanism
,XOauth2Mechanism
public interface Mechanism
Interface for all SASL authentication mechanism implementations.
-
Method Summary
Modifier and TypeMethodDescriptiongetChallengeResponse
(SaslCredentialsProvider credentials, ProtonBuffer challenge) Create a response based on a given challenge from the remote peer.getInitialResponse
(SaslCredentialsProvider credentials) Create an initial response based on selected mechanism.getName()
boolean
isApplicable
(SaslCredentialsProvider credentials) Allows the Mechanism to determine if it is a valid choice based on the configured credentials at the time of selection.boolean
Allows the mechanism to indicate if it is enabled by default, or only when explicitly enabled through configuring the permitted SASL mechanisms.void
Verifies that the SASL exchange has completed successfully.
-
Method Details
-
getName
Symbol getName()- Returns:
- the well known name of this SASL mechanism.
-
getInitialResponse
Create an initial response based on selected mechanism. May be null if there is no initial response.- Parameters:
credentials
- The credentials that are supplied for this SASL negotiation.- Returns:
- the initial response, or null if there isn't one.
- Throws:
SaslException
- if an error occurs generating the initial response.
-
getChallengeResponse
ProtonBuffer getChallengeResponse(SaslCredentialsProvider credentials, ProtonBuffer challenge) throws SaslException Create a response based on a given challenge from the remote peer.- Parameters:
credentials
- The credentials that are supplied for this SASL negotiation.challenge
- The challenge that this Mechanism should response to.- Returns:
- the response that answers the given challenge.
- Throws:
SaslException
- if an error occurs generating the challenge response.
-
verifyCompletion
Verifies that the SASL exchange has completed successfully. This is an opportunity for the mechanism to ensure that all mandatory steps have been completed successfully and to cleanup and resources that are held by this Mechanism.- Throws:
SaslException
- if the outcome of the SASL exchange is not valid for this Mechanism
-
isApplicable
Allows the Mechanism to determine if it is a valid choice based on the configured credentials at the time of selection.- Parameters:
credentials
- the login credentials available at the time of mechanism selection.- Returns:
- true if the mechanism can be used with the provided credentials
-
isEnabledByDefault
boolean isEnabledByDefault()Allows the mechanism to indicate if it is enabled by default, or only when explicitly enabled through configuring the permitted SASL mechanisms. Any mechanism selection logic should examine this value along with the configured allowed mechanism and decide if this one should be used. Typically most mechanisms can be enabled by default but some require explicit configuration in order to operate which implies that selecting them by default would always cause an authentication error if that mechanism matches the highest priority value offered by the remote peer.- Returns:
- true if this Mechanism is enabled by default.
-