List of usage examples for javax.security.sasl AuthorizeCallback getAuthorizedID
public String getAuthorizedID()
From source file:com.delphix.session.impl.sasl.PlainSaslServer.java
@Override protected byte[] evaluate(byte[] message) throws SaslException { // Parse the SASL message String[] userInfo = parse(message); // Perform authentication String prompt = getMechanismName() + " authentication ID: "; NameCallback nc = new NameCallback(prompt, userInfo[1]); AuthenticateCallback ac = new AuthenticateCallback(userInfo[2]); invokeCallbacks(nc, ac);//from w ww. j a v a2 s . c o m if (!ac.isAuthenticated()) { throw new SaslException("sasl authentication failed"); } // Perform authorization AuthorizeCallback az = new AuthorizeCallback(userInfo[1], userInfo[0]); invokeCallbacks(az); if (az.isAuthorized()) { authorizationId = az.getAuthorizedID(); } else { throw new SaslException(); } // Mark the SASL server completed setComplete(); return null; }
From source file:org.apache.directory.server.ldap.handlers.sasl.AbstractSaslCallbackHandler.java
/** * SaslServer will use this method to call various callbacks, depending on the SASL * mechanism in use for a session./* ww w. j a v a2 s . c o m*/ * * @param callbacks An array of one or more callbacks. */ public void handle(Callback[] callbacks) { for (int i = 0; i < callbacks.length; i++) { Callback callback = callbacks[i]; if (LOG.isDebugEnabled()) { LOG.debug("Processing callback {} of {}: {}", callback.getClass(), (i + 1), callbacks.length); } if (callback instanceof NameCallback) { NameCallback nameCB = (NameCallback) callback; LOG.debug("NameCallback default name: {}", nameCB.getDefaultName()); username = nameCB.getDefaultName(); } else if (callback instanceof RealmCallback) { RealmCallback realmCB = (RealmCallback) callback; LOG.debug("RealmCallback default text: {}", realmCB.getDefaultText()); realm = realmCB.getDefaultText(); } else if (callback instanceof PasswordCallback) { PasswordCallback passwordCB = (PasswordCallback) callback; Attribute userPassword = lookupPassword(getUsername(), getRealm()); if (userPassword != null) { // We assume that we have only one password available byte[] password = userPassword.get().getBytes(); String strPassword = Strings.utf8ToString(password); passwordCB.setPassword(strPassword.toCharArray()); } } else if (callback instanceof AuthorizeCallback) { AuthorizeCallback authorizeCB = (AuthorizeCallback) callback; // hnelson (CRAM-MD5, DIGEST-MD5) // hnelson@EXAMPLE.COM (GSSAPI) LOG.debug("AuthorizeCallback authnID: {}", authorizeCB.getAuthenticationID()); // hnelson (CRAM-MD5, DIGEST-MD5) // hnelson@EXAMPLE.COM (GSSAPI) LOG.debug("AuthorizeCallback authzID: {}", authorizeCB.getAuthorizationID()); // null (CRAM-MD5, DIGEST-MD5, GSSAPI) LOG.debug("AuthorizeCallback authorizedID: {}", authorizeCB.getAuthorizedID()); // false (CRAM-MD5, DIGEST-MD5, GSSAPI) LOG.debug("AuthorizeCallback isAuthorized: {}", authorizeCB.isAuthorized()); try { authorize(authorizeCB); } catch (Exception e) { // TODO - figure out how to handle this properly. throw new RuntimeException(I18n.err(I18n.ERR_677), e); } } } }