Package org.opends.server.extensions

Class AnonymousSASLMechanismHandler

java.lang.Object

org.opends.server.api.SASLMechanismHandler<AnonymousSaslMechanismHandlerCfg>

org.opends.server.extensions.AnonymousSASLMechanismHandler

public class AnonymousSASLMechanismHandler
extends SASLMechanismHandler<AnonymousSaslMechanismHandlerCfg>

This class provides an implementation of a SASL mechanism, as defined in RFC 4505, that does not perform any authentication. That is, anyone attempting to bind with this SASL mechanism will be successful and will be given the rights of an unauthenticated user. The request may or may not include a set of SASL credentials which will serve as trace information. If provided, then that trace information will be written to the server error log.

Constructor Summary

Constructors

Constructor	Description
AnonymousSASLMechanismHandler()	Creates a new instance of this SASL mechanism handler.

Method Summary

Modifier and Type	Method	Description
void	finalizeSASLMechanismHandler()	Performs any finalization that may be necessary for this SASL mechanism handler.
String	getMechanismName()	Returns the SASL mechanism name.
void	initializeSASLMechanismHandler(AnonymousSaslMechanismHandlerCfg configuration, ServerContext serverContext)	Initializes this SASL mechanism handler based on the information in the provided configuration entry.
boolean	isPasswordBased()	Indicates whether this SASL mechanism is password-based or uses some other form of credentials (e.g., an SSL client certificate or Kerberos ticket).
boolean	isSecure()	Indicates whether this SASL mechanism should be considered secure (i.e., it does not expose the authentication credentials in a manner that is useful to a third-party observer, and other aspects of the authentication are generally secure).
void	processSASLBind(BindOperation bindOperation)	Processes the SASL bind operation.

Methods inherited from class org.opends.server.api.SASLMechanismHandler

isConfigurationAcceptable

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AnonymousSASLMechanismHandler

public AnonymousSASLMechanismHandler()

Creates a new instance of this SASL mechanism handler. No initialization should be done in this method, as it should all be performed in the initializeSASLMechanismHandler method.

Method Detail

getMechanismName

public String getMechanismName()

Description copied from class: SASLMechanismHandler

Returns the SASL mechanism name.

Specified by:

getMechanismName in class SASLMechanismHandler<AnonymousSaslMechanismHandlerCfg>

Returns:

the SASL mechanism name.

initializeSASLMechanismHandler

public void initializeSASLMechanismHandler(AnonymousSaslMechanismHandlerCfg configuration,
                                           ServerContext serverContext)

Description copied from class: SASLMechanismHandler

Initializes this SASL mechanism handler based on the information in the provided configuration entry. It should also register itself with the Directory Server for the particular kinds of SASL mechanisms that it will process.

Specified by:

initializeSASLMechanismHandler in class SASLMechanismHandler<AnonymousSaslMechanismHandlerCfg>

Parameters:

configuration - The configuration to use to initialize this SASL mechanism handler.

serverContext - The server context

finalizeSASLMechanismHandler

public void finalizeSASLMechanismHandler()

Description copied from class: SASLMechanismHandler

Performs any finalization that may be necessary for this SASL mechanism handler. By default, no finalization is performed.

Overrides:

finalizeSASLMechanismHandler in class SASLMechanismHandler<AnonymousSaslMechanismHandlerCfg>

processSASLBind

public void processSASLBind(BindOperation bindOperation)

Description copied from class: SASLMechanismHandler

Processes the SASL bind operation. SASL mechanism implementations must ensure that the following actions are taken during the processing of this method:

• The BindOperation.setResultCode method must be used to set the appropriate result code.
• If the SASL processing gets far enough to be able to map the request to a user entry (regardless of whether the authentication is ultimately successful), then this method must call the BindOperation.setSASLAuthUserEntry method to provide it with the entry for the user that attempted to authenticate.
• If the bind processing was successful, then the BindOperation.setAuthenticationInfo method must be used to set the authentication info for the bind operation.
• If the bind processing was not successful, then the BindOperation.setAuthFailureReason method should be used to provide a message explaining why the authentication failed.

Specified by:

processSASLBind in class SASLMechanismHandler<AnonymousSaslMechanismHandlerCfg>

Parameters:

bindOperation - The SASL bind operation to be processed.

isPasswordBased

public boolean isPasswordBased()

Description copied from class: SASLMechanismHandler

Indicates whether this SASL mechanism is password-based or uses some other form of credentials (e.g., an SSL client certificate or Kerberos ticket).

Specified by:

isPasswordBased in class SASLMechanismHandler<AnonymousSaslMechanismHandlerCfg>

Returns:

true if this SASL mechanism is password-based, or false if it uses some other form of credentials.

isSecure

public boolean isSecure()

Description copied from class: SASLMechanismHandler

Indicates whether this SASL mechanism should be considered secure (i.e., it does not expose the authentication credentials in a manner that is useful to a third-party observer, and other aspects of the authentication are generally secure).

Specified by:

isSecure in class SASLMechanismHandler<AnonymousSaslMechanismHandlerCfg>

Returns:

true if this SASL mechanism should be considered secure, or false if not.