List of usage examples for javax.security.sasl Sasl createSaslClient
public static SaslClient createSaslClient(String[] mechanisms, String authorizationId, String protocol, String serverName, Map<String, ?> props, CallbackHandler cbh) throws SaslException
From source file:com.rayo.client.auth.sasl.SASLMechanism.java
/** * Builds and sends the <tt>auth</tt> stanza to the server. Note that this method of * authentication is not recommended, since it is very inflexable. Use * {@link #authenticate(String, String, CallbackHandler)} whenever possible. * * @param username the username of the user being authenticated. * @param host the hostname where the user account resides. * @param password the password for this account. * @throws IOException If a network error occurs while authenticating. * @throws XMPPException If a protocol error occurs or the user is not authenticated. *///from w w w .ja v a 2s. c o m public void authenticate(String username, String host, String password) throws IOException, XmppException { //Since we were not provided with a CallbackHandler, we will use our own with the given //information //Set the authenticationID as the username, since they must be the same in this case. this.authenticationId = username; this.password = password; this.hostname = host; String[] mechanisms = { getName().toString() }; Map<String, String> props = new HashMap<String, String>(); sc = Sasl.createSaslClient(mechanisms, username, "xmpp", host, props, this); authenticate(); }
From source file:com.rayo.client.auth.sasl.SASLMechanism.java
/** * Builds and sends the <tt>auth</tt> stanza to the server. The callback handler will handle * any additional information, such as the authentication ID or realm, if it is needed. * * @param username the username of the user being authenticated. * @param host the hostname where the user account resides. * @param cbh the CallbackHandler to obtain user information. * @throws IOException If a network error occures while authenticating. * @throws XMPPException If a protocol error occurs or the user is not authenticated. *///from w w w. j av a 2s .com public void authenticate(String username, String host, CallbackHandler cbh) throws IOException, XmppException { String[] mechanisms = { getName().toString() }; Map<String, String> props = new HashMap<String, String>(); sc = Sasl.createSaslClient(mechanisms, username, "xmpp", host, props, cbh); authenticate(); }
From source file:com.fluffypeople.managesieve.ManageSieveClient.java
/** * Authenticate against the remote server using SASL. * * The CallbackHandler should be setup appropriately, for example: * <pre>/*w w w .j a v a 2s. c o m*/ * <code> * * CallbackHandler cbh = new CallbackHandler() { * public void handle(Callback[] clbcks) throws IOException, UnsupportedCallbackException { * for (Callback cb : clbcks) { * if (cb instanceof NameCallback) { * NameCallback name = (NameCallback) cb; * name.setName("user"); * } else if (cb instanceof PasswordCallback) { * PasswordCallback passwd = (PasswordCallback) cb; * passwd.setPassword("secret".toCharArray()); * } * } * } * }; * </code> * </pre> * * @param cbh CallbackHandler[] list of call backs that will be called by * the SASL code * @return ManageSieveResponse from the server, OK is authenticated, NO * means a problem * @throws SaslException * @throws IOException * @throws ParseException */ public synchronized ManageSieveResponse authenticate(final CallbackHandler cbh) throws SaslException, IOException, ParseException { SaslClient sc = Sasl.createSaslClient(cap.getSASLMethods(), null, "sieve", hostname, null, cbh); String mechanism = escapeString(sc.getMechanismName()); if (sc.hasInitialResponse()) { byte[] ir = sc.evaluateChallenge(new byte[0]); String ready = new String(Base64.encodeBase64(ir)); ready = encodeString(ready.trim()); sendCommand("AUTHENTICATE", mechanism, ready); } else { sendCommand("AUTHENTICATE", mechanism); } int token; ManageSieveResponse resp = null; do { token = in.nextToken(); if (token == DQUOTE) { // String - so more data for the auth sequence in.pushBack(); String msg = parseString(); byte[] response = sc.evaluateChallenge(msg.getBytes()); sendLine(encodeString(new String(response))); } else if (token == StreamTokenizer.TT_WORD) { in.pushBack(); resp = parseResponse(); break; } else { throw new ParseException( "Expecting DQUOTE/WORD, got " + tokenToString(token) + " at line " + in.lineno()); } } while (!sc.isComplete()); // Complete sc.dispose(); return resp; }
From source file:org.apache.hadoop.hbase.security.AbstractHBaseSaslRpcClient.java
protected SaslClient createDigestSaslClient(String[] mechanismNames, String saslDefaultRealm, CallbackHandler saslClientCallbackHandler) throws IOException { return Sasl.createSaslClient(mechanismNames, null, null, saslDefaultRealm, saslProps, saslClientCallbackHandler);/*from w w w . j a v a 2s.co m*/ }
From source file:org.apache.hadoop.hbase.security.AbstractHBaseSaslRpcClient.java
protected SaslClient createKerberosSaslClient(String[] mechanismNames, String userFirstPart, String userSecondPart) throws IOException { return Sasl.createSaslClient(mechanismNames, null, userFirstPart, userSecondPart, saslProps, null); }
From source file:org.apache.hadoop.hbase.security.HBaseSaslRpcClient.java
protected SaslClient createDigestSaslClient(String[] mechanismNames, String saslDefaultRealm, CallbackHandler saslClientCallbackHandler) throws IOException { return Sasl.createSaslClient(mechanismNames, null, null, saslDefaultRealm, SaslUtil.SASL_PROPS, saslClientCallbackHandler);//ww w . j a va2 s .c o m }
From source file:org.apache.hadoop.hbase.security.HBaseSaslRpcClient.java
protected SaslClient createKerberosSaslClient(String[] mechanismNames, String userFirstPart, String userSecondPart) throws IOException { return Sasl.createSaslClient(mechanismNames, null, userFirstPart, userSecondPart, SaslUtil.SASL_PROPS, null);//from w w w. java 2 s. c o m }
From source file:org.apache.hadoop.hbase.security.SaslClientHandler.java
/** * Create a Digest Sasl client//from ww w . ja v a2 s . c o m * * @param mechanismNames names of mechanisms * @param saslDefaultRealm default realm for sasl * @param saslClientCallbackHandler handler for the client * @return new SaslClient * @throws java.io.IOException if creation went wrong */ protected SaslClient createDigestSaslClient(String[] mechanismNames, String saslDefaultRealm, CallbackHandler saslClientCallbackHandler) throws IOException { return Sasl.createSaslClient(mechanismNames, null, null, saslDefaultRealm, SaslUtil.SASL_PROPS, saslClientCallbackHandler); }
From source file:org.apache.hadoop.hbase.security.SaslClientHandler.java
/** * Create Kerberos client/*from ww w . j a va2 s . c om*/ * * @param mechanismNames names of mechanisms * @param userFirstPart first part of username * @param userSecondPart second part of username * @return new SaslClient * @throws java.io.IOException if fails */ protected SaslClient createKerberosSaslClient(String[] mechanismNames, String userFirstPart, String userSecondPart) throws IOException { return Sasl.createSaslClient(mechanismNames, null, userFirstPart, userSecondPart, SaslUtil.SASL_PROPS, null); }
From source file:org.apache.hadoop.hdfs.protocol.datatransfer.DataTransferEncryptor.java
/** * Factory method for clients, where the encryption token is already created. * /*from w w w . j a v a2 s .c o m*/ * Establishes a secure connection assuming that the party on the other end * has the same shared secret. This does a SASL connection handshake, but not * a general-purpose one. It's specific to the MD5-DIGEST SASL mechanism with * auth-conf enabled. In particular, it doesn't support an arbitrary number of * challenge/response rounds, and we know that the client will never have an * initial response, so we don't check for one. * * @param underlyingOut output stream to write to the other party * @param underlyingIn input stream to read from the other party * @param encryptionKey all info required to establish an encrypted stream * @return a pair of streams which wrap the given streams and encrypt/decrypt * all data read/written * @throws IOException in the event of error */ public static IOStreamPair getEncryptedStreams(OutputStream underlyingOut, InputStream underlyingIn, DataEncryptionKey encryptionKey) throws IOException { Map<String, String> saslProps = Maps.newHashMap(SASL_PROPS); saslProps.put("com.sun.security.sasl.digest.cipher", encryptionKey.encryptionAlgorithm); if (LOG.isDebugEnabled()) { LOG.debug("Client using encryption algorithm " + encryptionKey.encryptionAlgorithm); } DataOutputStream out = new DataOutputStream(underlyingOut); DataInputStream in = new DataInputStream(underlyingIn); String userName = getUserNameFromEncryptionKey(encryptionKey); SaslParticipant sasl = new SaslParticipant( Sasl.createSaslClient(new String[] { MECHANISM }, userName, PROTOCOL, SERVER_NAME, saslProps, new SaslClientCallbackHandler(encryptionKey.encryptionKey, userName))); out.writeInt(ENCRYPTED_TRANSFER_MAGIC_NUMBER); out.flush(); try { // Start of handshake - "initial response" in SASL terminology. sendSaslMessage(out, new byte[0]); // step 1 performSaslStep1(out, in, sasl); // step 2 (client-side only) byte[] remoteResponse = readSaslMessage(in); byte[] localResponse = sasl.evaluateChallengeOrResponse(remoteResponse); assert localResponse == null; // SASL handshake is complete checkSaslComplete(sasl); return sasl.createEncryptedStreamPair(out, in); } catch (IOException ioe) { sendGenericSaslErrorMessage(out, ioe.getMessage()); throw ioe; } }