Package org.opends.server.extensions

Class ExternalSASLMechanismHandler

    • Constructor Detail

      • ExternalSASLMechanismHandler

        public ExternalSASLMechanismHandler()
        Creates a new instance of this SASL mechanism handler. No initialization should be done in this method, as it should all be performed in the initializeSASLMechanismHandler method.

    • Method Detail

      • processSASLBind

        public void processSASLBind​(BindOperation bindOperation)
        Description copied from class: SASLMechanismHandler
        Processes the SASL bind operation. SASL mechanism implementations must ensure that the following actions are taken during the processing of this method:
        • The BindOperation.setResultCode method must be used to set the appropriate result code.
        • If the SASL processing gets far enough to be able to map the request to a user entry (regardless of whether the authentication is ultimately successful), then this method must call the BindOperation.setSASLAuthUserEntry method to provide it with the entry for the user that attempted to authenticate.
        • If the bind processing was successful, then the BindOperation.setAuthenticationInfo method must be used to set the authentication info for the bind operation.
        • If the bind processing was not successful, then the BindOperation.setAuthFailureReason method should be used to provide a message explaining why the authentication failed.
        Specified by:
        processSASLBind in class SASLMechanismHandler<ExternalSaslMechanismHandlerCfg>
        Parameters:
        bindOperation - The SASL bind operation to be processed.

      • isPasswordBased

        public boolean isPasswordBased()
        Description copied from class: SASLMechanismHandler
        Indicates whether this SASL mechanism is password-based or uses some other form of credentials (e.g., an SSL client certificate or Kerberos ticket).
        Specified by:
        isPasswordBased in class SASLMechanismHandler<ExternalSaslMechanismHandlerCfg>
        Returns:
        true if this SASL mechanism is password-based, or false if it uses some other form of credentials.

      • isSecure

        public boolean isSecure()
        Description copied from class: SASLMechanismHandler
        Indicates whether this SASL mechanism should be considered secure (i.e., it does not expose the authentication credentials in a manner that is useful to a third-party observer, and other aspects of the authentication are generally secure).
        Specified by:
        isSecure in class SASLMechanismHandler<ExternalSaslMechanismHandlerCfg>
        Returns:
        true if this SASL mechanism should be considered secure, or false if not.

      • isConfigurationAcceptable

        public boolean isConfigurationAcceptable​(ExternalSaslMechanismHandlerCfg configuration,
                                         List<LocalizableMessage> unacceptableReasons)
        Description copied from class: SASLMechanismHandler
        Indicates whether the provided configuration is acceptable for this SASL mechanism handler. It should be possible to call this method on an uninitialized SASL mechanism handler instance in order to determine whether the SASL mechanism handler would be able to use the provided configuration.
        Overrides:
        isConfigurationAcceptable in class SASLMechanismHandler<ExternalSaslMechanismHandlerCfg>
        Parameters:
        configuration - The SASL mechanism handler configuration for which to make the determination.
        unacceptableReasons - A list that may be used to hold the reasons that the provided configuration is not acceptable.
        Returns:
        true if the provided configuration is acceptable for this SASL mechanism handler, or false if not.