Package org.apache.thrift.transport.sasl

Interface SaslPeer

  • All Known Implementing Classes:
    ServerSaslPeer
    public interface SaslPeer
    A peer in a sasl negotiation.

    • Method Summary

      All Methods Instance Methods Abstract Methods Default Methods 
      Modifier and Type Method Description
      void dispose()
      Close this peer and release resources.
      byte[] evaluate​(byte[] negotiationMessage)
      Evaluate and validate the negotiation message (response/challenge) received from peer.
      boolean isAuthenticated()  
      boolean isDataProtected()
      This method can only be called when the negotiation is complete (isAuthenticated returns true).
      default byte[] unwrap​(byte[] data)
      Unwrap the whole byte array.
      byte[] unwrap​(byte[] data, int offset, int length)
      Unwrap protected data to raw bytes.
      default byte[] wrap​(byte[] data)
      Wrap the whole byte array.
      byte[] wrap​(byte[] data, int offset, int length)
      Wrap raw bytes to protect it.

    • Method Detail

      • evaluate

        byte[] evaluate​(byte[] negotiationMessage)
         throws TSaslNegotiationException
        Evaluate and validate the negotiation message (response/challenge) received from peer.
        Parameters:
        negotiationMessage - response/challenge received from peer.
        Returns:
        new response/challenge to send to peer, can be null if authentication becomes success.
        Throws:
        TSaslNegotiationException - if sasl authentication fails.

      • isAuthenticated

        boolean isAuthenticated()
        Returns:
        true if authentication is done.

      • isDataProtected

        boolean isDataProtected()
        This method can only be called when the negotiation is complete (isAuthenticated returns true). Otherwise it will throw IllegalStateExceptiion.
        Returns:
        if the qop requires some integrity/confidential protection.
        Throws:
        java.lang.IllegalStateException - if negotiation is not yet complete.

      • wrap

        byte[] wrap​(byte[] data,
            int offset,
            int length)
     throws TTransportException
        Wrap raw bytes to protect it.
        Parameters:
        data - raw bytes.
        offset - the start position of the content to wrap.
        length - the length of the content to wrap.
        Returns:
        bytes with protection to send to peer.
        Throws:
        TTransportException - if failure.

      • wrap

        default byte[] wrap​(byte[] data)
             throws TTransportException
        Wrap the whole byte array.
        Parameters:
        data - raw bytes.
        Returns:
        wrapped bytes.
        Throws:
        TTransportException - if failure.

      • unwrap

        byte[] unwrap​(byte[] data,
              int offset,
              int length)
       throws TTransportException
        Unwrap protected data to raw bytes.
        Parameters:
        data - protected data received from peer.
        offset - the start position of the content to unwrap.
        length - the length of the content to unwrap.
        Returns:
        raw bytes.
        Throws:
        TTransportException - if failed.

      • unwrap

        default byte[] unwrap​(byte[] data)
               throws TTransportException
        Unwrap the whole byte array.
        Parameters:
        data - wrapped bytes.
        Returns:
        raw bytes.
        Throws:
        TTransportException - if failure.

      • dispose

        void dispose()
        Close this peer and release resources.