AbstractSaslCallbackHandler (ApacheDS Protocol Ldap 1.5.3 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.apache.directory.server.ldap.handlers.bind
Class AbstractSaslCallbackHandler

java.lang.Object
  org.apache.directory.server.ldap.handlers.bind.AbstractSaslCallbackHandler

All Implemented Interfaces:: javax.security.auth.callback.CallbackHandler

Direct Known Subclasses:: CramMd5CallbackHandler, DigestMd5CallbackHandler, GssapiCallbackHandler

public abstract class AbstractSaslCallbackHandler
extends java.lang.Object
implements javax.security.auth.callback.CallbackHandler
extends java.lang.Object
implements javax.security.auth.callback.CallbackHandler

Base class for all SASL CallbackHandlers. Implementations of SASL mechanisms selectively override the methods relevant to their mechanism.

Version:: $Rev$, $Date$
Author:: Apache Directory Project
See Also:: CallbackHandler

Field Summary
`protected DirectoryService`	`directoryService`

Constructor Summary
`protected`	`AbstractSaslCallbackHandler(DirectoryService directoryService)` Creates a new instance of AbstractSaslCallbackHandler.

Method Summary
`protected abstract void`	`authorize(javax.security.sasl.AuthorizeCallback callback)` Final check to authorize user.
`protected javax.naming.ldap.LdapContext`	`getContext(org.apache.mina.common.IoSession session, org.apache.directory.shared.ldap.message.BindRequest bindRequest, java.util.Hashtable<java.lang.String,java.lang.Object> env)` Convenience method for acquiring an `LdapContext` for the client to use for the duration of a session.
`protected java.util.Hashtable<java.lang.String,java.lang.Object>`	`getEnvironment(org.apache.mina.common.IoSession session)` Convenience method for getting an environment suitable for acquiring an `LdapContext` for the client.
`protected java.lang.String`	`getRealm()` Implementors use this method to access the realm resulting from a callback.
`protected java.lang.String`	`getUsername()` Implementors use this method to access the username resulting from a callback.
`void`	`handle(javax.security.auth.callback.Callback[] callbacks)` SaslServer will use this method to call various callbacks, depending on the SASL mechanism in use for a session.
`protected abstract java.lang.String`	`lookupPassword(java.lang.String username, java.lang.String realm)` Implementors set the password based on a lookup, using the username and realm as keys.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

directoryService

protected final DirectoryService directoryService

Constructor Detail

AbstractSaslCallbackHandler

protected AbstractSaslCallbackHandler(DirectoryService directoryService)

Creates a new instance of AbstractSaslCallbackHandler.

Parameters:: directoryService -

Method Detail

getUsername

protected java.lang.String getUsername()

Implementors use this method to access the username resulting from a callback. Callback default name will be username, eg 'hnelson', for CRAM-MD5 and DIGEST-MD5. The NameCallback is not used by GSSAPI.

getRealm

protected java.lang.String getRealm()

Implementors use this method to access the realm resulting from a callback. Callback default text will be realm name, eg 'example.com', for DIGEST-MD5. The RealmCallback is not used by GSSAPI nor by CRAM-MD5.

lookupPassword

protected abstract java.lang.String lookupPassword(java.lang.String username,
                                                   java.lang.String realm)

Implementors set the password based on a lookup, using the username and realm as keys.

For DIGEST-MD5, lookup password based on username and realm.
For CRAM-MD5, lookup password based on username.
For GSSAPI, this callback is unused.

Parameters:: username - The username.; realm - The realm.
Returns:: The password resulting from the lookup.

authorize

protected abstract void authorize(javax.security.sasl.AuthorizeCallback callback)

Final check to authorize user. Used by all SASL mechanisms. This is the only callback used by GSSAPI. Implementors use setAuthorizedID() to set the base DN after canonicalization. Implementors must setAuthorized() to true if authentication was successful.

Parameters:: callback - An AuthorizeCallback.

handle

public void handle(javax.security.auth.callback.Callback[] callbacks)

SaslServer will use this method to call various callbacks, depending on the SASL mechanism in use for a session.

Specified by:: handle in interface javax.security.auth.callback.CallbackHandler

Parameters:: callbacks - An array of one or more callbacks.

getContext

protected javax.naming.ldap.LdapContext getContext(org.apache.mina.common.IoSession session,
                                                   org.apache.directory.shared.ldap.message.BindRequest bindRequest,
                                                   java.util.Hashtable<java.lang.String,java.lang.Object> env)

Convenience method for acquiring an LdapContext for the client to use for the duration of a session.

Parameters:: session - The current session.; bindRequest - The current BindRequest.; env - An environment to be used to acquire an LdapContext.
Returns:: An LdapContext for the client.

getEnvironment

protected java.util.Hashtable<java.lang.String,java.lang.Object> getEnvironment(org.apache.mina.common.IoSession session)

Convenience method for getting an environment suitable for acquiring an LdapContext for the client.

Parameters:: session - The current session.
Returns:: An environment suitable for acquiring an LdapContext for the client.