Interface Mechanism

    • Method Detail

      • getName

        Symbol getName()
        Returns:
        the well known name of this SASL mechanism.
      • getInitialResponse

        ProtonBuffer getInitialResponse​(SaslCredentialsProvider credentials)
                                 throws javax.security.sasl.SaslException
        Create an initial response based on selected mechanism. May be null if there is no initial response.
        Parameters:
        credentials - The credentials that are supplied for this SASL negotiation.
        Returns:
        the initial response, or null if there isn't one.
        Throws:
        javax.security.sasl.SaslException - if an error occurs generating the initial response.
      • getChallengeResponse

        ProtonBuffer getChallengeResponse​(SaslCredentialsProvider credentials,
                                          ProtonBuffer challenge)
                                   throws javax.security.sasl.SaslException
        Create a response based on a given challenge from the remote peer.
        Parameters:
        credentials - The credentials that are supplied for this SASL negotiation.
        challenge - The challenge that this Mechanism should response to.
        Returns:
        the response that answers the given challenge.
        Throws:
        javax.security.sasl.SaslException - if an error occurs generating the challenge response.
      • verifyCompletion

        void verifyCompletion()
                       throws javax.security.sasl.SaslException
        Verifies that the SASL exchange has completed successfully. This is an opportunity for the mechanism to ensure that all mandatory steps have been completed successfully and to cleanup and resources that are held by this Mechanism.
        Throws:
        javax.security.sasl.SaslException - if the outcome of the SASL exchange is not valid for this Mechanism
      • isApplicable

        boolean isApplicable​(SaslCredentialsProvider credentials)
        Allows the Mechanism to determine if it is a valid choice based on the configured credentials at the time of selection.
        Parameters:
        credentials - the login credentials available at the time of mechanism selection.
        Returns:
        true if the mechanism can be used with the provided credentials
      • isEnabledByDefault

        boolean isEnabledByDefault()
        Allows the mechanism to indicate if it is enabled by default, or only when explicitly enabled through configuring the permitted SASL mechanisms. Any mechanism selection logic should examine this value along with the configured allowed mechanism and decide if this one should be used. Typically most mechanisms can be enabled by default but some require explicit configuration in order to operate which implies that selecting them by default would always cause an authentication error if that mechanism matches the highest priority value offered by the remote peer.
        Returns:
        true if this Mechanism is enabled by default.