public class GSSAPISASLMechanismHandler extends SASLMechanismHandler<org.forgerock.opendj.server.config.server.GssapiSaslMechanismHandlerCfg> implements org.forgerock.opendj.config.server.ConfigurationChangeListener<org.forgerock.opendj.server.config.server.GssapiSaslMechanismHandlerCfg>, CallbackHandler
Constructor and Description |
---|
GSSAPISASLMechanismHandler()
Creates a new instance of this SASL mechanism handler.
|
Modifier and Type | Method and Description |
---|---|
org.forgerock.opendj.config.server.ConfigChangeResult |
applyConfigurationChange(org.forgerock.opendj.server.config.server.GssapiSaslMechanismHandlerCfg newConfiguration) |
void |
finalizeSASLMechanismHandler()
Performs any finalization that may be necessary for this SASL mechanism handler.
|
static LocalizableMessage |
getGSSExceptionMessage(GSSException gex)
Get the underlying GSSException messages that really tell what the problem is.
|
void |
handle(Callback[] callbacks)
During login, callbacks are usually used to prompt for passwords.
|
void |
initializeSASLMechanismHandler(org.forgerock.opendj.server.config.server.GssapiSaslMechanismHandlerCfg configuration)
Initializes this SASL mechanism handler based on the information in the provided configuration entry.
|
boolean |
isConfigurationAcceptable(org.forgerock.opendj.server.config.server.GssapiSaslMechanismHandlerCfg configuration,
List<LocalizableMessage> unacceptableReasons)
Indicates whether the provided configuration is acceptable for this SASL mechanism handler.
|
boolean |
isConfigurationChangeAcceptable(org.forgerock.opendj.server.config.server.GssapiSaslMechanismHandlerCfg newConfiguration,
List<LocalizableMessage> unacceptableReasons) |
boolean |
isPasswordBased(String mechanism)
Indicates whether the specified SASL mechanism is password-based or uses some other form of credentials (e.g., an
SSL client certificate or Kerberos ticket).
|
boolean |
isSecure(String mechanism)
Indicates whether the specified SASL mechanism should be considered secure (i.e., it does not expose the
authentication credentials in a manner that is useful to a third-party observer, and other aspects of the
authentication are generally secure).
|
void |
processSASLBind(BindOperation bindOp)
Processes the SASL bind operation.
|
public GSSAPISASLMechanismHandler()
initializeSASLMechanismHandler
method.public void initializeSASLMechanismHandler(org.forgerock.opendj.server.config.server.GssapiSaslMechanismHandlerCfg configuration) throws org.forgerock.opendj.config.server.ConfigException, InitializationException
SASLMechanismHandler
initializeSASLMechanismHandler
in class SASLMechanismHandler<org.forgerock.opendj.server.config.server.GssapiSaslMechanismHandlerCfg>
configuration
- The configuration to use to initialize this SASL mechanism handler.org.forgerock.opendj.config.server.ConfigException
- If an unrecoverable problem arises in the process of performing the initialization.InitializationException
- If a problem occurs during initialization that is not related to the server configuration.public void handle(Callback[] callbacks) throws UnsupportedCallbackException
handle
in interface CallbackHandler
callbacks
- An array of callbacks to process.UnsupportedCallbackException
- if an error occurs.public void finalizeSASLMechanismHandler()
SASLMechanismHandler
finalizeSASLMechanismHandler
in class SASLMechanismHandler<org.forgerock.opendj.server.config.server.GssapiSaslMechanismHandlerCfg>
public void processSASLBind(BindOperation bindOp)
SASLMechanismHandler
BindOperation.setResultCode
method must be used to set the appropriate result code.BindOperation.setSASLAuthUserEntry
method to provide it with the entry for the user that attempted to
authenticate.BindOperation.setAuthenticationInfo
method must be
used to set the authentication info for the bind operation.BindOperation.setAuthFailureReason
method should
be used to provide a message explaining why the authentication failed.processSASLBind
in class SASLMechanismHandler<org.forgerock.opendj.server.config.server.GssapiSaslMechanismHandlerCfg>
bindOp
- The SASL bind operation to be processed.public static LocalizableMessage getGSSExceptionMessage(GSSException gex)
gex
- The GSSException thrown.public boolean isPasswordBased(String mechanism)
SASLMechanismHandler
isPasswordBased
in class SASLMechanismHandler<org.forgerock.opendj.server.config.server.GssapiSaslMechanismHandlerCfg>
mechanism
- The name of the mechanism for which to make the determination. This will only be invoked with names of
mechanisms for which this handler has previously registered.true
if this SASL mechanism is password-based, or false
if it uses some other form of
credentials.public boolean isSecure(String mechanism)
SASLMechanismHandler
isSecure
in class SASLMechanismHandler<org.forgerock.opendj.server.config.server.GssapiSaslMechanismHandlerCfg>
mechanism
- The name of the mechanism for which to make the determination. This will only be invoked with names of
mechanisms for which this handler has previously registered.true
if this SASL mechanism should be considered secure, or false
if not.public boolean isConfigurationAcceptable(org.forgerock.opendj.server.config.server.GssapiSaslMechanismHandlerCfg configuration, List<LocalizableMessage> unacceptableReasons)
SASLMechanismHandler
isConfigurationAcceptable
in class SASLMechanismHandler<org.forgerock.opendj.server.config.server.GssapiSaslMechanismHandlerCfg>
configuration
- The SASL mechanism handler configuration for which to make the determination.unacceptableReasons
- A list that may be used to hold the reasons that the provided configuration is not acceptable.true
if the provided configuration is acceptable for this SASL mechanism handler, or
false
if not.public boolean isConfigurationChangeAcceptable(org.forgerock.opendj.server.config.server.GssapiSaslMechanismHandlerCfg newConfiguration, List<LocalizableMessage> unacceptableReasons)
isConfigurationChangeAcceptable
in interface org.forgerock.opendj.config.server.ConfigurationChangeListener<org.forgerock.opendj.server.config.server.GssapiSaslMechanismHandlerCfg>
public org.forgerock.opendj.config.server.ConfigChangeResult applyConfigurationChange(org.forgerock.opendj.server.config.server.GssapiSaslMechanismHandlerCfg newConfiguration)
applyConfigurationChange
in interface org.forgerock.opendj.config.server.ConfigurationChangeListener<org.forgerock.opendj.server.config.server.GssapiSaslMechanismHandlerCfg>
Copyright © 2010–2017 ForgeRock AS. All rights reserved.