Example usage for javax.security.sasl AuthorizeCallback getAuthorizedID

List of usage examples for javax.security.sasl AuthorizeCallback getAuthorizedID

Introduction

In this page you can find the example usage for javax.security.sasl AuthorizeCallback getAuthorizedID.

Prototype

public String getAuthorizedID() 

Source Link

Document

Returns the id of the authorized user.

Usage

From source file:com.delphix.session.impl.sasl.PlainSaslServer.java

@Override
protected byte[] evaluate(byte[] message) throws SaslException {
    // Parse the SASL message
    String[] userInfo = parse(message);

    // Perform authentication
    String prompt = getMechanismName() + " authentication ID: ";
    NameCallback nc = new NameCallback(prompt, userInfo[1]);
    AuthenticateCallback ac = new AuthenticateCallback(userInfo[2]);

    invokeCallbacks(nc, ac);//from w ww. j a  v  a2 s  . c  o m

    if (!ac.isAuthenticated()) {
        throw new SaslException("sasl authentication failed");
    }

    // Perform authorization
    AuthorizeCallback az = new AuthorizeCallback(userInfo[1], userInfo[0]);

    invokeCallbacks(az);

    if (az.isAuthorized()) {
        authorizationId = az.getAuthorizedID();
    } else {
        throw new SaslException();
    }

    // Mark the SASL server completed
    setComplete();

    return null;
}

From source file:org.apache.directory.server.ldap.handlers.sasl.AbstractSaslCallbackHandler.java

/**
 * SaslServer will use this method to call various callbacks, depending on the SASL
 * mechanism in use for a session./* ww  w.  j a v  a2 s  . c o  m*/
 * 
 * @param callbacks An array of one or more callbacks.
 */
public void handle(Callback[] callbacks) {
    for (int i = 0; i < callbacks.length; i++) {
        Callback callback = callbacks[i];

        if (LOG.isDebugEnabled()) {
            LOG.debug("Processing callback {} of {}: {}", callback.getClass(), (i + 1), callbacks.length);
        }

        if (callback instanceof NameCallback) {
            NameCallback nameCB = (NameCallback) callback;
            LOG.debug("NameCallback default name:  {}", nameCB.getDefaultName());

            username = nameCB.getDefaultName();
        } else if (callback instanceof RealmCallback) {
            RealmCallback realmCB = (RealmCallback) callback;
            LOG.debug("RealmCallback default text:  {}", realmCB.getDefaultText());

            realm = realmCB.getDefaultText();
        } else if (callback instanceof PasswordCallback) {
            PasswordCallback passwordCB = (PasswordCallback) callback;
            Attribute userPassword = lookupPassword(getUsername(), getRealm());

            if (userPassword != null) {
                // We assume that we have only one password available
                byte[] password = userPassword.get().getBytes();

                String strPassword = Strings.utf8ToString(password);
                passwordCB.setPassword(strPassword.toCharArray());
            }
        } else if (callback instanceof AuthorizeCallback) {
            AuthorizeCallback authorizeCB = (AuthorizeCallback) callback;

            // hnelson (CRAM-MD5, DIGEST-MD5)
            // hnelson@EXAMPLE.COM (GSSAPI)
            LOG.debug("AuthorizeCallback authnID:  {}", authorizeCB.getAuthenticationID());

            // hnelson (CRAM-MD5, DIGEST-MD5)
            // hnelson@EXAMPLE.COM (GSSAPI)
            LOG.debug("AuthorizeCallback authzID:  {}", authorizeCB.getAuthorizationID());

            // null (CRAM-MD5, DIGEST-MD5, GSSAPI)
            LOG.debug("AuthorizeCallback authorizedID:  {}", authorizeCB.getAuthorizedID());

            // false (CRAM-MD5, DIGEST-MD5, GSSAPI)
            LOG.debug("AuthorizeCallback isAuthorized:  {}", authorizeCB.isAuthorized());

            try {
                authorize(authorizeCB);
            } catch (Exception e) {
                // TODO - figure out how to handle this properly.
                throw new RuntimeException(I18n.err(I18n.ERR_677), e);
            }
        }
    }
}