Example usage for javax.security.sasl SaslClient isComplete

List of usage examples for javax.security.sasl SaslClient isComplete

Introduction

In this page you can find the example usage for javax.security.sasl SaslClient isComplete.

Prototype

public abstract boolean isComplete();

Source Link

Document

Determines whether the authentication exchange has completed.

Usage

From source file:com.fluffypeople.managesieve.ManageSieveClient.java

/**
 * Authenticate against the remote server using SASL.
 *
 * The CallbackHandler should be setup appropriately, for example:
 * <pre>//ww  w .j av a  2  s  . com
 * <code>
 *
 * CallbackHandler cbh = new CallbackHandler() {
 *     public void handle(Callback[] clbcks) throws IOException,  UnsupportedCallbackException {
 *         for (Callback cb : clbcks) {
 *             if (cb instanceof NameCallback) {
 *                 NameCallback name = (NameCallback) cb;
 *                 name.setName("user");
 *             } else if (cb instanceof PasswordCallback) {
 *                 PasswordCallback passwd = (PasswordCallback) cb;
 *                 passwd.setPassword("secret".toCharArray());
 *             }
 *         }
 *     }
 * };
 * </code>
 * </pre>
 *
 * @param cbh CallbackHandler[] list of call backs that will be called by
 * the SASL code
 * @return ManageSieveResponse from the server, OK is authenticated, NO
 * means a problem
 * @throws SaslException
 * @throws IOException
 * @throws ParseException
 */
public synchronized ManageSieveResponse authenticate(final CallbackHandler cbh)
        throws SaslException, IOException, ParseException {

    SaslClient sc = Sasl.createSaslClient(cap.getSASLMethods(), null, "sieve", hostname, null, cbh);

    String mechanism = escapeString(sc.getMechanismName());
    if (sc.hasInitialResponse()) {
        byte[] ir = sc.evaluateChallenge(new byte[0]);
        String ready = new String(Base64.encodeBase64(ir));
        ready = encodeString(ready.trim());
        sendCommand("AUTHENTICATE", mechanism, ready);
    } else {
        sendCommand("AUTHENTICATE", mechanism);
    }

    int token;
    ManageSieveResponse resp = null;
    do {
        token = in.nextToken();
        if (token == DQUOTE) {
            // String - so more data for the auth sequence
            in.pushBack();
            String msg = parseString();
            byte[] response = sc.evaluateChallenge(msg.getBytes());
            sendLine(encodeString(new String(response)));
        } else if (token == StreamTokenizer.TT_WORD) {
            in.pushBack();
            resp = parseResponse();
            break;
        } else {
            throw new ParseException(
                    "Expecting DQUOTE/WORD, got " + tokenToString(token) + " at line " + in.lineno());
        }
    } while (!sc.isComplete());

    // Complete
    sc.dispose();
    return resp;
}

From source file:org.wildfly.security.sasl.entity.EntityTest.java

@Test
public void testSimpleUnilateralSha1WithRsaAuthentication() throws Exception {
    final SaslClientFactory clientFactory = obtainSaslClientFactory(EntitySaslClientFactory.class);
    assertNotNull(clientFactory);/*from   w  w w . j a  va2  s  .  com*/

    final SaslServer saslServer = createSaslServer(SaslMechanismInformation.Names.IEC_ISO_9798_U_RSA_SHA1_ENC,
            "testserver1.example.com", getX509KeyManager(serverKeyStore, KEYSTORE_PASSWORD), serverTrustStore);
    assertNotNull(saslServer);
    assertFalse(saslServer.isComplete());

    final String[] mechanisms = new String[] { SaslMechanismInformation.Names.IEC_ISO_9798_U_RSA_SHA1_ENC };
    CallbackHandler cbh = createClientCallbackHandler(mechanisms, clientKeyStore, CLIENT_KEYSTORE_ALIAS,
            KEYSTORE_PASSWORD, null);
    final SaslClient saslClient = clientFactory.createSaslClient(mechanisms, null, "test",
            "testserver1.example.com", Collections.<String, Object>emptyMap(), cbh);
    assertNotNull(saslClient);
    assertTrue(saslClient instanceof EntitySaslClient);
    assertFalse(saslClient.hasInitialResponse());
    assertFalse(saslClient.isComplete());

    byte[] message = saslServer.evaluateResponse(new byte[0]);
    assertFalse(saslServer.isComplete());
    assertFalse(saslClient.isComplete());

    message = saslClient.evaluateChallenge(message);
    assertFalse(saslServer.isComplete());
    assertFalse(saslClient.isComplete());

    message = saslServer.evaluateResponse(message);
    assertTrue(saslServer.isComplete());
    assertNull(message);
    assertNull(saslClient.evaluateChallenge(message));
    assertTrue(saslClient.isComplete());
    assertEquals("cn=test client 1,ou=jboss,o=red hat,l=raleigh,st=north carolina,c=us",
            saslServer.getAuthorizationID());
}

From source file:org.wildfly.security.sasl.entity.EntityTest.java

@Test
public void testUnilateralSha1WithRsaAuthenticationWithTrustedAuthorities() throws Exception {
    final SaslClientFactory clientFactory = obtainSaslClientFactory(EntitySaslClientFactory.class);
    assertNotNull(clientFactory);//ww w.j av a 2 s.  c o m

    final SaslServer saslServer = createSaslServer(SaslMechanismInformation.Names.IEC_ISO_9798_U_RSA_SHA1_ENC,
            "testserver1.example.com", getX509KeyManager(serverKeyStore, KEYSTORE_PASSWORD), serverTrustStore);
    assertNotNull(saslServer);
    assertFalse(saslServer.isComplete());

    final String[] mechanisms = new String[] { SaslMechanismInformation.Names.IEC_ISO_9798_U_RSA_SHA1_ENC };
    CallbackHandler cbh = createClientCallbackHandler(mechanisms,
            getX509KeyManager(clientKeyStore, KEYSTORE_PASSWORD), null);
    final SaslClient saslClient = clientFactory.createSaslClient(mechanisms, null, "test",
            "testserver1.example.com", Collections.<String, Object>emptyMap(), cbh);
    assertNotNull(saslClient);
    assertTrue(saslClient instanceof EntitySaslClient);
    assertFalse(saslClient.hasInitialResponse());
    assertFalse(saslClient.isComplete());

    byte[] message = saslServer.evaluateResponse(new byte[0]);
    assertFalse(saslServer.isComplete());
    assertFalse(saslClient.isComplete());

    message = saslClient.evaluateChallenge(message);
    assertFalse(saslServer.isComplete());
    assertFalse(saslClient.isComplete());

    message = saslServer.evaluateResponse(message);
    assertTrue(saslServer.isComplete());
    assertNull(message);
    assertNull(saslClient.evaluateChallenge(message));
    assertTrue(saslClient.isComplete());
    assertEquals("cn=signed test client,ou=jboss,o=red hat,st=north carolina,c=us",
            saslServer.getAuthorizationID());
}

From source file:org.wildfly.security.sasl.entity.EntityTest.java

@Test
public void testUnilateralSha1WithRsaAuthenticationWithAuthorizationId() throws Exception {
    final SaslClientFactory clientFactory = obtainSaslClientFactory(EntitySaslClientFactory.class);
    assertNotNull(clientFactory);/*from   w w  w  . jav  a2 s.  com*/

    final SaslServer saslServer = createSaslServer(SaslMechanismInformation.Names.IEC_ISO_9798_U_RSA_SHA1_ENC,
            "testserver1.example.com", getX509KeyManager(serverKeyStore, KEYSTORE_PASSWORD), serverTrustStore);

    final String[] mechanisms = new String[] { SaslMechanismInformation.Names.IEC_ISO_9798_U_RSA_SHA1_ENC };
    CallbackHandler cbh = createClientCallbackHandler(mechanisms, clientKeyStore, CLIENT_KEYSTORE_ALIAS,
            KEYSTORE_PASSWORD, null);
    final SaslClient saslClient = clientFactory.createSaslClient(mechanisms,
            "cn=test client 1,ou=jboss,o=red hat,l=raleigh,st=north carolina,c=us", "test",
            "testserver1.example.com", Collections.<String, Object>emptyMap(), cbh);
    assertFalse(saslServer.isComplete());
    assertFalse(saslClient.isComplete());

    byte[] message = saslServer.evaluateResponse(new byte[0]);
    assertFalse(saslServer.isComplete());
    assertFalse(saslClient.isComplete());

    message = saslClient.evaluateChallenge(message);
    assertFalse(saslServer.isComplete());
    assertFalse(saslClient.isComplete());

    message = saslServer.evaluateResponse(message);
    assertTrue(saslServer.isComplete());
    assertNull(message);
    assertNull(saslClient.evaluateChallenge(message));
    assertTrue(saslClient.isComplete());
    assertEquals("cn=test client 1,ou=jboss,o=red hat,l=raleigh,st=north carolina,c=us",
            saslServer.getAuthorizationID());
}

From source file:org.wildfly.security.sasl.entity.EntityTest.java

@Test
public void testSimpleMutualSha1WithRsaAuthentication() throws Exception {
    final SaslClientFactory clientFactory = obtainSaslClientFactory(EntitySaslClientFactory.class);
    assertNotNull(clientFactory);//ww  w.ja va  2  s.co  m

    final SaslServer saslServer = createSaslServer(SaslMechanismInformation.Names.IEC_ISO_9798_M_RSA_SHA1_ENC,
            "testserver1.example.com", getX509KeyManager(serverKeyStore, KEYSTORE_PASSWORD), serverTrustStore);

    final String[] mechanisms = new String[] { SaslMechanismInformation.Names.IEC_ISO_9798_M_RSA_SHA1_ENC };
    CallbackHandler cbh = createClientCallbackHandler(mechanisms, clientKeyStore, CLIENT_KEYSTORE_ALIAS,
            KEYSTORE_PASSWORD, getX509TrustManager(clientTrustStore));
    final SaslClient saslClient = clientFactory.createSaslClient(mechanisms, null, "test",
            "testserver1.example.com", Collections.<String, Object>emptyMap(), cbh);
    assertFalse(saslServer.isComplete());
    assertFalse(saslClient.isComplete());

    byte[] message = saslServer.evaluateResponse(new byte[0]);
    assertFalse(saslServer.isComplete());
    assertFalse(saslClient.isComplete());

    message = saslClient.evaluateChallenge(message);
    assertFalse(saslServer.isComplete());
    assertFalse(saslClient.isComplete());

    message = saslServer.evaluateResponse(message);
    assertNotNull(message);
    message = saslClient.evaluateChallenge(message);
    assertNull(message);
    assertTrue(saslClient.isComplete());
    assertTrue(saslServer.isComplete());
    assertEquals("cn=test client 1,ou=jboss,o=red hat,l=raleigh,st=north carolina,c=us",
            saslServer.getAuthorizationID());
}

From source file:org.wildfly.security.sasl.entity.EntityTest.java

@Test
public void testMutualAuthenticationWithDNSInCNField() throws Exception {
    // Although specifying a DNS name using the Common Name field has been deprecated, it is
    // still used in practice (e.g., see http://tools.ietf.org/html/rfc2818). This test makes
    // sure that general name matching during authentication still works in this case.
    final SaslClientFactory clientFactory = obtainSaslClientFactory(EntitySaslClientFactory.class);
    assertNotNull(clientFactory);//from  www .j a  v  a  2  s  .  c o m

    final KeyStore keyStore = loadKeyStore(serverKeyStore);
    final Certificate[] certificateChain = keyStore.getCertificateChain("dnsInCNServer");
    final SaslServer saslServer = createSaslServer(SaslMechanismInformation.Names.IEC_ISO_9798_M_DSA_SHA1,
            "testserver2.example.com", serverTrustStore,
            (PrivateKey) keyStore.getKey("dnsInCNServer", KEYSTORE_PASSWORD),
            Arrays.copyOf(certificateChain, certificateChain.length, X509Certificate[].class));

    final String[] mechanisms = new String[] { SaslMechanismInformation.Names.IEC_ISO_9798_M_DSA_SHA1 };
    CallbackHandler cbh = createClientCallbackHandler(mechanisms, clientKeyStore, "dnsInCNClient",
            KEYSTORE_PASSWORD, getX509TrustManager(clientTrustStore));
    final SaslClient saslClient = clientFactory.createSaslClient(mechanisms, null, "test",
            "testserver2.example.com", Collections.<String, Object>emptyMap(), cbh);
    assertFalse(saslServer.isComplete());
    assertFalse(saslClient.isComplete());

    byte[] message = saslServer.evaluateResponse(new byte[0]);
    assertFalse(saslServer.isComplete());
    assertFalse(saslClient.isComplete());

    message = saslClient.evaluateChallenge(message);
    assertFalse(saslServer.isComplete());
    assertFalse(saslClient.isComplete());

    message = saslServer.evaluateResponse(message);
    assertNotNull(message);

    message = saslClient.evaluateChallenge(message);
    assertNull(message);
    assertTrue(saslClient.isComplete());
    assertTrue(saslServer.isComplete());
    assertEquals("cn=testclient2.example.com,ou=jboss,o=red hat,l=raleigh,st=north carolina,c=us",
            saslServer.getAuthorizationID());
}