Example usage for javax.security.sasl Sasl STRENGTH

List of usage examples for javax.security.sasl Sasl STRENGTH

  1. HOME
  2. Java
  3. javax
  4. javax.security.sasl.*
  5. Sasl
  6. STRENGTH

Introduction

In this page you can find the example usage for javax.security.sasl Sasl STRENGTH.

Prototype

String STRENGTH

To view the source code for javax.security.sasl Sasl STRENGTH.

Click Source Link

Document

The name of a property that specifies the cipher strength to use.

Usage

From source file:com.zimbra.cs.security.sasl.GssAuthenticator.java

private void dumpNegotiatedProperties() {
    pp("QOP", Sasl.QOP);
    pp("MAX_BUFFER", Sasl.MAX_BUFFER);
    pp("MAX_RECEIVE_SIZE", Sasl.RAW_SEND_SIZE);
    pp("STRENGTH", Sasl.STRENGTH);
}

From source file:org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper.java

private void doBind(final StudioProgressMonitor monitor) throws NamingException {
    if (context != null && isConnected) {
        // setup authentication methdod
        authMethod = AUTHMETHOD_NONE;/*from  w  w w. j  av a  2  s .  com*/
        if (connection.getConnectionParameter()
                .getAuthMethod() == ConnectionParameter.AuthenticationMethod.SIMPLE) {
            authMethod = AUTHMETHOD_SIMPLE;
        } else if (connection.getConnectionParameter()
                .getAuthMethod() == ConnectionParameter.AuthenticationMethod.SASL_DIGEST_MD5) {
            authMethod = AUTHMETHOD_DIGEST_MD5;
            saslRealm = connection.getConnectionParameter().getSaslRealm();
        } else if (connection.getConnectionParameter()
                .getAuthMethod() == ConnectionParameter.AuthenticationMethod.SASL_CRAM_MD5) {
            authMethod = AUTHMETHOD_CRAM_MD5;
        } else if (connection.getConnectionParameter()
                .getAuthMethod() == ConnectionParameter.AuthenticationMethod.SASL_GSSAPI) {
            authMethod = AUTHMETHOD_GSSAPI;
        }

        // No Authentication
        if (authMethod == AUTHMETHOD_NONE) {
            bindPrincipal = ""; //$NON-NLS-1$
            bindCredentials = ""; //$NON-NLS-1$
        } else {
            // setup credentials
            IAuthHandler authHandler = ConnectionCorePlugin.getDefault().getAuthHandler();
            if (authHandler == null) {
                NamingException namingException = new NamingException(Messages.model__no_auth_handler);
                monitor.reportError(Messages.model__no_auth_handler, namingException);
                throw namingException;
            }
            ICredentials credentials = authHandler.getCredentials(connection.getConnectionParameter());
            if (credentials == null) {
                CancelException cancelException = new CancelException();
                monitor.setCanceled(true);
                monitor.reportError(Messages.model__no_credentials, cancelException);
                throw cancelException;
            }
            if (credentials.getBindPrincipal() == null || credentials.getBindPassword() == null) {
                NamingException namingException = new NamingException(Messages.model__no_credentials);
                monitor.reportError(Messages.model__no_credentials, namingException);
                throw namingException;
            }
            bindPrincipal = credentials.getBindPrincipal();
            bindCredentials = credentials.getBindPassword();
        }

        InnerRunnable runnable = new InnerRunnable() {
            public void run() {
                try {
                    context.removeFromEnvironment(Context.SECURITY_AUTHENTICATION);
                    context.removeFromEnvironment(Context.SECURITY_PRINCIPAL);
                    context.removeFromEnvironment(Context.SECURITY_CREDENTIALS);
                    context.removeFromEnvironment(JAVA_NAMING_SECURITY_SASL_REALM);

                    context.addToEnvironment(Context.SECURITY_AUTHENTICATION, authMethod);

                    // SASL options
                    if (connection.getConnectionParameter()
                            .getAuthMethod() == AuthenticationMethod.SASL_CRAM_MD5
                            || connection.getConnectionParameter()
                                    .getAuthMethod() == AuthenticationMethod.SASL_DIGEST_MD5
                            || connection.getConnectionParameter()
                                    .getAuthMethod() == AuthenticationMethod.SASL_GSSAPI) {
                        // Request quality of protection
                        switch (connection.getConnectionParameter().getSaslQop()) {
                        case AUTH:
                            context.addToEnvironment(Sasl.QOP, SaslQoP.AUTH.getValue());
                            break;
                        case AUTH_INT:
                            context.addToEnvironment(Sasl.QOP, SaslQoP.AUTH_INT.getValue());
                            break;
                        case AUTH_CONF:
                            context.addToEnvironment(Sasl.QOP, SaslQoP.AUTH_CONF.getValue());
                            break;
                        }

                        // Request mutual authentication
                        if (connection.getConnectionParameter().isSaslMutualAuthentication()) {
                            context.addToEnvironment(Sasl.SERVER_AUTH, "true"); //$NON-NLS-1$
                        } else {
                            context.removeFromEnvironment(Sasl.SERVER_AUTH);
                        }

                        // Request cryptographic protection strength
                        switch (connection.getConnectionParameter().getSaslSecurityStrength()) {
                        case HIGH:
                            context.addToEnvironment(Sasl.STRENGTH, SaslSecurityStrength.HIGH.getValue());
                            break;
                        case MEDIUM:
                            context.addToEnvironment(Sasl.STRENGTH, SaslSecurityStrength.MEDIUM.getValue());
                            break;
                        case LOW:
                            context.addToEnvironment(Sasl.STRENGTH, SaslSecurityStrength.LOW.getValue());
                            break;
                        }
                    }

                    // Bind
                    if (connection.getConnectionParameter()
                            .getAuthMethod() == ConnectionParameter.AuthenticationMethod.SASL_GSSAPI) {
                        // GSSAPI
                        doGssapiBind(this);
                    } else {
                        // no GSSAPI
                        context.addToEnvironment(Context.SECURITY_PRINCIPAL, bindPrincipal);
                        context.addToEnvironment(Context.SECURITY_CREDENTIALS, bindCredentials);

                        if (connection.getConnectionParameter()
                                .getAuthMethod() == ConnectionParameter.AuthenticationMethod.SASL_DIGEST_MD5
                                && StringUtils.isNotEmpty(saslRealm)) {
                            context.addToEnvironment(JAVA_NAMING_SECURITY_SASL_REALM, saslRealm);
                        }

                        context.reconnect(context.getConnectControls());
                    }
                } catch (NamingException ne) {
                    namingException = ne;
                }
            }
        };

        runAndMonitor(runnable, monitor);

        if (runnable.getException() != null) {
            throw runnable.getException();
        } else if (context != null) {
            // all OK
        } else {
            throw new NamingException("???"); //$NON-NLS-1$
        }
    } else {
        throw new NamingException(NO_CONNECTION);
    }
}

From source file:org.apache.hive.spark.client.rpc.RpcConfiguration.java

/**
 * SASL options are namespaced under "hive.spark.client.rpc.sasl.*"; each option is the
 * lower-case version of the constant in the "javax.security.sasl.Sasl" class (e.g. "strength"
 * for cipher strength).//from  ww w  . j  a  va2  s  . c o  m
 */
Map<String, String> getSaslOptions() {
    Map<String, String> opts = new HashMap<String, String>();
    Map<String, String> saslOpts = ImmutableMap.<String, String>builder().put(Sasl.CREDENTIALS, "credentials")
            .put(Sasl.MAX_BUFFER, "max_buffer").put(Sasl.POLICY_FORWARD_SECRECY, "policy_forward_secrecy")
            .put(Sasl.POLICY_NOACTIVE, "policy_noactive").put(Sasl.POLICY_NOANONYMOUS, "policy_noanonymous")
            .put(Sasl.POLICY_NODICTIONARY, "policy_nodictionary")
            .put(Sasl.POLICY_NOPLAINTEXT, "policy_noplaintext")
            .put(Sasl.POLICY_PASS_CREDENTIALS, "policy_pass_credentials").put(Sasl.QOP, "qop")
            .put(Sasl.RAW_SEND_SIZE, "raw_send_size").put(Sasl.REUSE, "reuse")
            .put(Sasl.SERVER_AUTH, "server_auth").put(Sasl.STRENGTH, "strength").build();
    for (Map.Entry<String, String> e : saslOpts.entrySet()) {
        String value = config.get(RPC_SASL_OPT_PREFIX + e.getValue());
        if (value != null) {
            opts.put(e.getKey(), value);
        }
    }
    return opts;
}