Package org.apache.qpid.jms.sasl
Interface Mechanism
-
- All Superinterfaces:
java.lang.Comparable<Mechanism>
- All Known Implementing Classes:
AbstractMechanism,AnonymousMechanism,CramMD5Mechanism,ExternalMechanism,GssapiMechanism,PlainMechanism,ScramSHA1Mechanism,ScramSHA256Mechanism,ScramSHA512Mechanism,XOauth2Mechanism
public interface Mechanism extends java.lang.Comparable<Mechanism>
Interface for all SASL authentication mechanism implementations.
-
-
Nested Class Summary
Nested Classes Modifier and Type Interface Description static classMechanism.PRIORITYRelative priority values used to arrange the found SASL mechanisms in a preferred order where the level of security generally defines the preference.
-
Method Summary
All Methods Instance Methods Abstract Methods Default Methods Modifier and Type Method Description default java.lang.StringgetAdditionalFailureInformation()Allows a mechanism to report additional information on the reason for authentication failure (e.g.byte[]getChallengeResponse(byte[] challenge)Create a response based on a given challenge from the remote peer.byte[]getInitialResponse()Create an initial response based on selected mechanism.java.lang.StringgetName()java.lang.StringgetPassword()Returns the configured password value for this Mechanism.intgetPriority()java.lang.StringgetUsername()Returns the configured user name value for this Mechanism.voidinit(java.util.Map<java.lang.String,java.lang.String> options)Perform any configuration initiation required by the mechanism.booleanisApplicable(java.lang.String username, java.lang.String password, java.security.Principal localPrincipal)Allows the mechanism to determine if it can be used given the authentication provided.booleanisEnabledByDefault()Allows the mechanism to indicate if it is enabled by default, or only when explicitly enabled through configuring the permitted sasl mechanisms.voidsetPassword(java.lang.String username)Sets the password value for this Mechanism.voidsetUsername(java.lang.String username)Sets the user name value for this Mechanism.voidverifyCompletion()Verifies that the SASL exchange has completed successfully.
-
-
-
Method Detail
-
getPriority
int getPriority()
- Returns:
- return the relative priority of this SASL mechanism.
-
getName
java.lang.String getName()
- Returns:
- the well known name of this SASL mechanism.
-
init
void init(java.util.Map<java.lang.String,java.lang.String> options)
Perform any configuration initiation required by the mechanism.- Parameters:
options- An immutable map of sasl options. Will always be non-null.
-
getInitialResponse
byte[] getInitialResponse() throws javax.security.sasl.SaslExceptionCreate an initial response based on selected mechanism. May be null if there is no initial response.- Returns:
- the initial response, or null if there isn't one.
- Throws:
javax.security.sasl.SaslException- if an error occurs computing the response.
-
getChallengeResponse
byte[] getChallengeResponse(byte[] challenge) throws javax.security.sasl.SaslExceptionCreate a response based on a given challenge from the remote peer.- Parameters:
challenge- the challenge that this Mechanism should response to.- Returns:
- the response that answers the given challenge.
- Throws:
javax.security.sasl.SaslException- if an error occurs computing the response.
-
verifyCompletion
void verifyCompletion() throws javax.security.sasl.SaslExceptionVerifies that the SASL exchange has completed successfully. This is an opportunity for the mechanism to ensure that all mandatory steps have been completed successfully and to cleanup and resources that are held by this Mechanism.- Throws:
javax.security.sasl.SaslException- if the outcome of the SASL exchange is not valid for this Mechanism
-
setUsername
void setUsername(java.lang.String username)
Sets the user name value for this Mechanism. The Mechanism can ignore this value if it does not utilize user name in it's authentication processing.- Parameters:
username- The user name given.
-
getUsername
java.lang.String getUsername()
Returns the configured user name value for this Mechanism.- Returns:
- the currently set user name value for this Mechanism.
-
setPassword
void setPassword(java.lang.String username)
Sets the password value for this Mechanism. The Mechanism can ignore this value if it does not utilize a password in it's authentication processing.- Parameters:
username- The user name given.
-
getPassword
java.lang.String getPassword()
Returns the configured password value for this Mechanism.- Returns:
- the currently set password value for this Mechanism.
-
isApplicable
boolean isApplicable(java.lang.String username, java.lang.String password, java.security.Principal localPrincipal)Allows the mechanism to determine if it can be used given the authentication provided.- Parameters:
username- The user name given to the client for authentication.password- The password given to the client for authentication.localPrincipal- The local Principal configured for the client for authentication.- Returns:
- if this Mechanism is able to validate using the given credentials.
-
isEnabledByDefault
boolean isEnabledByDefault()
Allows the mechanism to indicate if it is enabled by default, or only when explicitly enabled through configuring the permitted sasl mechanisms.- Returns:
- true if this Mechanism is enabled by default.
-
getAdditionalFailureInformation
default java.lang.String getAdditionalFailureInformation()
Allows a mechanism to report additional information on the reason for authentication failure (e.g. provided in a challenge from the server)- Returns:
- information on the reason for failure, or null if no such information is available
-
-