Package org.apache.qpid.jms.sasl

Interface Mechanism

    • Nested Class Summary

      Nested Classes 
      Modifier and Type Interface Description
      static class  Mechanism.PRIORITY
      Relative priority values used to arrange the found SASL mechanisms in a preferred order where the level of security generally defines the preference.

    • Method Detail

      • getPriority

        int getPriority()
        Returns:
        return the relative priority of this SASL mechanism.

      • getName

        String getName()
        Returns:
        the well known name of this SASL mechanism.

      • init

        void init​(Map<String,​String> options)
        Perform any configuration initiation required by the mechanism.
        Parameters:
        options - An immutable map of sasl options. Will always be non-null.

      • getInitialResponse

        byte[] getInitialResponse()
                   throws SaslException
        Create an initial response based on selected mechanism. May be null if there is no initial response.
        Returns:
        the initial response, or null if there isn't one.
        Throws:
        SaslException - if an error occurs computing the response.

      • getChallengeResponse

        byte[] getChallengeResponse​(byte[] challenge)
                     throws SaslException
        Create a response based on a given challenge from the remote peer.
        Parameters:
        challenge - the challenge that this Mechanism should response to.
        Returns:
        the response that answers the given challenge.
        Throws:
        SaslException - if an error occurs computing the response.

      • verifyCompletion

        void verifyCompletion()
               throws SaslException
        Verifies that the SASL exchange has completed successfully. This is an opportunity for the mechanism to ensure that all mandatory steps have been completed successfully and to cleanup and resources that are held by this Mechanism.
        Throws:
        SaslException - if the outcome of the SASL exchange is not valid for this Mechanism

      • setUsername

        void setUsername​(String username)
        Sets the user name value for this Mechanism. The Mechanism can ignore this value if it does not utilize user name in it's authentication processing.
        Parameters:
        username - The user name given.

      • getUsername

        String getUsername()
        Returns the configured user name value for this Mechanism.
        Returns:
        the currently set user name value for this Mechanism.

      • setPassword

        void setPassword​(String username)
        Sets the password value for this Mechanism. The Mechanism can ignore this value if it does not utilize a password in it's authentication processing.
        Parameters:
        username - The user name given.

      • getPassword

        String getPassword()
        Returns the configured password value for this Mechanism.
        Returns:
        the currently set password value for this Mechanism.

      • isApplicable

        boolean isApplicable​(String username,
                     String password,
                     Principal localPrincipal)
        Allows the mechanism to determine if it can be used given the authentication provided.
        Parameters:
        username - The user name given to the client for authentication.
        password - The password given to the client for authentication.
        localPrincipal - The local Principal configured for the client for authentication.
        Returns:
        if this Mechanism is able to validate using the given credentials.

      • isEnabledByDefault

        boolean isEnabledByDefault()
        Allows the mechanism to indicate if it is enabled by default, or only when explicitly enabled through configuring the permitted sasl mechanisms.
        Returns:
        true if this Mechanism is enabled by default.

      • getAdditionalFailureInformation

        default String getAdditionalFailureInformation()
        Allows a mechanism to report additional information on the reason for authentication failure (e.g. provided in a challenge from the server)
        Returns:
        information on the reason for failure, or null if no such information is available