DigestMD5SASLMechanismHandler.java revision ea1068c292e9b341af6d6b563cd8988a96be20a9
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at legal-notices/CDDLv1_0.txt.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information:
* Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*
*
* Copyright 2006-2009 Sun Microsystems, Inc.
* Portions Copyright 2012-2015 ForgeRock AS.
*/
/**
* This class provides an implementation of a SASL mechanism that authenticates
* clients through DIGEST-MD5.
*/
public class DigestMD5SASLMechanismHandler
implements ConfigurationChangeListener<DigestMD5SASLMechanismHandlerCfg> {
// The current configuration for this SASL mechanism handler.
// The identity mapper that will be used to map ID strings to user entries.
private IdentityMapper<?> identityMapper;
//Properties to use when creating a SASL server to process the authentication.
//The fully qualified domain name used when creating the SASL server.
private String serverFQDN;
// The DN of the configuration entry for this SASL mechanism handler.
private DN configEntryDN;
//Property used to set the realm in the environment.
private static final String REALM_PROPERTY =
"com.sun.security.sasl.digest.realm";
/**
* Creates a new instance of this SASL mechanism handler. No initialization
* should be done in this method, as it should all be performed in the
* <CODE>initializeSASLMechanismHandler</CODE> method.
*/
public DigestMD5SASLMechanismHandler()
{
super();
}
/**
* {@inheritDoc}
*/
public void initializeSASLMechanismHandler(
throws ConfigException, InitializationException {
try {
}
this.configuration = configuration;
this);
} catch (UnknownHostException unhe) {
LocalizableMessage message = ERR_SASL_CANNOT_GET_SERVER_FQDN.get(configEntryDN, getExceptionMessage(unhe));
}
}
/**
* {@inheritDoc}
*/
public void finalizeSASLMechanismHandler() {
}
/**
* {@inheritDoc}
*/
if (clientConnection == null) {
return;
}
if(saslContext == null) {
try {
} catch (SaslException ex) {
return;
}
} else {
}
}
/**
* {@inheritDoc}
*/
{
// This is a password-based mechanism.
return true;
}
/**
* {@inheritDoc}
*/
{
// This may be considered a secure mechanism.
return true;
}
/**
* {@inheritDoc}
*/
public boolean isConfigurationAcceptable(
{
}
/**
* {@inheritDoc}
*/
public boolean isConfigurationChangeAcceptable(
{
return true;
}
/**
* {@inheritDoc}
*/
{
try {
}
this.configuration = configuration;
} catch (UnknownHostException unhe) {
}
return ccr;
}
/**
* Retrieves the QOP (quality-of-protection) from the specified
* configuration.
*
* @param configuration The new configuration to use.
* @return A string representing the quality-of-protection.
*/
private String
return "auth-conf";
return "auth-int";
else
return "auth";
}
/**
* Returns the fully qualified name either defined in the configuration, or,
* determined by examining the system configuration.
*
* @param configuration The configuration to check.
* @return The fully qualified hostname of the server.
*
* @throws UnknownHostException If the name cannot be determined from the
* system configuration.
*/
throws UnknownHostException {
if (serverName == null) {
}
return serverName;
}
/**
* Retrieve the realm either defined in the specified configuration. If this
* isn't defined, the SaslServer internal code uses the server name.
*
* @param configuration The configuration to check.
* @return A string representing the realm.
*/
return configuration.getRealm();
}
}