Package org.apache.qpid.protonj2.engine.sasl.client

Class SaslAuthenticator

java.lang.Object

org.apache.qpid.protonj2.engine.sasl.client.SaslAuthenticator

All Implemented Interfaces:

SaslClientListener

public class SaslAuthenticator
extends Object
implements SaslClientListener

Handles SASL traffic from the proton engine and drives the authentication process

Constructor Summary

Constructors

Constructor	Description
SaslAuthenticator(SaslCredentialsProvider credentials)	Creates a new SASL Authenticator initialized with the given credentials provider instance.
SaslAuthenticator(SaslMechanismSelector selector, SaslCredentialsProvider credentials)	Creates a new client SASL Authenticator with the given Mechanism and client credentials provider instances.

Method Summary

Modifier and Type	Method	Description
void	handleSaslChallenge(SaslClientContext context, ProtonBuffer challenge)	Called when a SASL challenge frame has arrived and its effect applied, indicating the challenge sent by the 'server' peer.
void	handleSaslMechanisms(SaslClientContext context, Symbol[] mechanisms)	Called when a SASL mechanisms frame has arrived and its effect applied, indicating the offered mechanisms sent by the 'server' peer.
void	handleSaslOutcome(SaslClientContext context, SaslOutcome outcome, ProtonBuffer additional)	Called when a SASL outcome frame has arrived and its effect applied, indicating the outcome and any success additional data sent by the 'server' peer.
SaslAuthenticator	saslComplete(EventHandler<SaslOutcome> saslCompleteEventHandler)	Sets a completion handler that will be notified once the SASL exchange has completed.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.apache.qpid.protonj2.engine.sasl.SaslClientListener

initialize

Constructor Detail

SaslAuthenticator

public SaslAuthenticator(SaslCredentialsProvider credentials)

Creates a new SASL Authenticator initialized with the given credentials provider instance. Because no Mechanism selector is given the full set of supported SASL mechanisms will be chosen from when attempting to match one to the server offered SASL mechanisms.

Parameters:

credentials - The credentials that will be used when the SASL negotiation is in progress.

SaslAuthenticator

public SaslAuthenticator(SaslMechanismSelector selector,
                         SaslCredentialsProvider credentials)

Creates a new client SASL Authenticator with the given Mechanism and client credentials provider instances. The configured Mechanism selector is used when attempting to match a SASL Mechanism with the server offered set of supported SASL mechanisms.

Parameters:

selector - The SaslMechanismSelector that will be called upon to choose a server supported mechanism.

credentials - The credentials that will be used when the SASL negotiation is in progress.

Method Detail

saslComplete

public SaslAuthenticator saslComplete(EventHandler<SaslOutcome> saslCompleteEventHandler)

Sets a completion handler that will be notified once the SASL exchange has completed. The notification includes the SaslOutcome value which indicates if authentication succeeded or failed.

Parameters:

saslCompleteEventHandler - The EventHandler that will receive notification when SASL authentication has completed.

Returns:

this SaslAuthenticator instance.

handleSaslMechanisms

public void handleSaslMechanisms(SaslClientContext context,
                                 Symbol[] mechanisms)

Description copied from interface: SaslClientListener

Called when a SASL mechanisms frame has arrived and its effect applied, indicating the offered mechanisms sent by the 'server' peer. The client should respond to the mechanisms event by selecting one from the offered list and calling the SaslClientContext.sendChosenMechanism(Symbol, String, ProtonBuffer) method immediately or later using the same thread that triggered this event.

In the event that the client implementation cannot proceed with SASL authentication it should call the SaslClientContext.saslFailure(javax.security.sasl.SaslException) to fail the SASL negotiation and signal the Engine that it should transition to a failed state.

Specified by:

handleSaslMechanisms in interface SaslClientListener

Parameters:

context - the SaslClientContext that is to handle the mechanism selection

mechanisms - the mechanisms that the remote supports.

See Also:

SaslClientContext.sendChosenMechanism(Symbol, String, ProtonBuffer), SaslClientContext.saslFailure(javax.security.sasl.SaslException)

handleSaslChallenge

public void handleSaslChallenge(SaslClientContext context,
                                ProtonBuffer challenge)

Description copied from interface: SaslClientListener

Called when a SASL challenge frame has arrived and its effect applied, indicating the challenge sent by the 'server' peer. The client should respond to the mechanisms event by selecting one from the offered list and calling the SaslClientContext.sendResponse(ProtonBuffer) method immediately or later using the same thread that triggered this event.

In the event that the client implementation cannot proceed with SASL authentication it should call the SaslClientContext.saslFailure(javax.security.sasl.SaslException) to fail the SASL negotiation and signal the Engine that it should transition to a failed state.

Specified by:

handleSaslChallenge in interface SaslClientListener

Parameters:

context - the SaslClientContext that is to handle the SASL challenge.

challenge - the challenge bytes sent from the SASL server.

See Also:

SaslClientContext.sendResponse(ProtonBuffer), SaslClientContext.saslFailure(javax.security.sasl.SaslException)

handleSaslOutcome

public void handleSaslOutcome(SaslClientContext context,
                              SaslOutcome outcome,
                              ProtonBuffer additional)

Description copied from interface: SaslClientListener

Called when a SASL outcome frame has arrived and its effect applied, indicating the outcome and any success additional data sent by the 'server' peer. The client can consider the SASL negotiations complete following this event. The client should respond appropriately to the outcome whose state can indicate that negotiations have failed and the server has not authenticated the client.

In the event that the client implementation cannot proceed with SASL authentication it should call the SaslClientContext.saslFailure(javax.security.sasl.SaslException) to fail the SASL negotiation and signal the Engine that it should transition to a failed state.

Specified by:

handleSaslOutcome in interface SaslClientListener

Parameters:

context - the SaslClientContext that is to handle the resulting SASL outcome.

outcome - the outcome that was supplied by the SASL "server".

additional - the additional data sent from the server, or null if none.

See Also:

SaslClientContext.saslFailure(javax.security.sasl.SaslException)