Package org.opends.server.extensions
Class CRAMMD5SASLMechanismHandler
java.lang.Object
org.opends.server.api.SASLMechanismHandler<CramMd5SaslMechanismHandlerCfg>
org.opends.server.extensions.CRAMMD5SASLMechanismHandler
- All Implemented Interfaces:
ConfigurationChangeListener<CramMd5SaslMechanismHandlerCfg>
public final class CRAMMD5SASLMechanismHandler
extends SASLMechanismHandler<CramMd5SaslMechanismHandlerCfg>
implements ConfigurationChangeListener<CramMd5SaslMechanismHandlerCfg>
This class provides an implementation of a SASL mechanism that authenticates clients through CRAM-MD5.
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionapplyConfigurationChange
(CramMd5SaslMechanismHandlerCfg configuration) Applies the configuration changes to this change listener.void
Performs any finalization that may be necessary for this SASL mechanism handler.Returns the SASL mechanism name.void
initializeSASLMechanismHandler
(CramMd5SaslMechanismHandlerCfg configuration, ServerContext serverContext) Initializes this SASL mechanism handler based on the information in the provided configuration entry.boolean
isConfigurationAcceptable
(CramMd5SaslMechanismHandlerCfg configuration, List<LocalizableMessage> unacceptableReasons) Indicates whether the provided configuration is acceptable for this SASL mechanism handler.boolean
isConfigurationChangeAcceptable
(CramMd5SaslMechanismHandlerCfg configuration, List<LocalizableMessage> unacceptableReasons) Indicates whether the proposed change to the configuration is acceptable to this change listener.boolean
Indicates whether this SASL mechanism is password-based or uses some other form of credentials (e.g., an SSL client certificate or Kerberos ticket).boolean
isSecure()
Indicates whether this SASL mechanism should be considered secure (i.e., it does not expose the authentication credentials in a manner that is useful to a third-party observer, and other aspects of the authentication are generally secure).void
processSASLBind
(BindOperation bindOp) Processes the SASL bind operation.
-
Constructor Details
-
CRAMMD5SASLMechanismHandler
public CRAMMD5SASLMechanismHandler()
-
-
Method Details
-
getMechanismName
Description copied from class:SASLMechanismHandler
Returns the SASL mechanism name.- Specified by:
getMechanismName
in classSASLMechanismHandler<CramMd5SaslMechanismHandlerCfg>
- Returns:
- the SASL mechanism name.
-
initializeSASLMechanismHandler
public void initializeSASLMechanismHandler(CramMd5SaslMechanismHandlerCfg configuration, ServerContext serverContext) Description copied from class:SASLMechanismHandler
Initializes this SASL mechanism handler based on the information in the provided configuration entry. It should also register itself with the Directory Server for the particular kinds of SASL mechanisms that it will process.- Specified by:
initializeSASLMechanismHandler
in classSASLMechanismHandler<CramMd5SaslMechanismHandlerCfg>
- Parameters:
configuration
- The configuration to use to initialize this SASL mechanism handler.serverContext
- The server context
-
finalizeSASLMechanismHandler
public void finalizeSASLMechanismHandler()Description copied from class:SASLMechanismHandler
Performs any finalization that may be necessary for this SASL mechanism handler. By default, no finalization is performed.- Overrides:
finalizeSASLMechanismHandler
in classSASLMechanismHandler<CramMd5SaslMechanismHandlerCfg>
-
processSASLBind
Description copied from class:SASLMechanismHandler
Processes the SASL bind operation. SASL mechanism implementations must ensure that the following actions are taken during the processing of this method:- The
BindOperation.setResultCode
method must be used to set the appropriate result code. - If the SASL processing gets far enough to be able to map the request to a user entry (regardless of whether
the authentication is ultimately successful), then this method must call the
BindOperation.setSASLAuthUserEntry
method to provide it with the entry for the user that attempted to authenticate. - If the bind processing was successful, then the
BindOperation.setAuthenticationInfo
method must be used to set the authentication info for the bind operation. - If the bind processing was not successful, then the
BindOperation.setAuthFailureReason
method should be used to provide a message explaining why the authentication failed.
- Specified by:
processSASLBind
in classSASLMechanismHandler<CramMd5SaslMechanismHandlerCfg>
- Parameters:
bindOp
- The SASL bind operation to be processed.
- The
-
isPasswordBased
public boolean isPasswordBased()Description copied from class:SASLMechanismHandler
Indicates whether this SASL mechanism is password-based or uses some other form of credentials (e.g., an SSL client certificate or Kerberos ticket).- Specified by:
isPasswordBased
in classSASLMechanismHandler<CramMd5SaslMechanismHandlerCfg>
- Returns:
true
if this SASL mechanism is password-based, orfalse
if it uses some other form of credentials.
-
isSecure
public boolean isSecure()Description copied from class:SASLMechanismHandler
Indicates whether this SASL mechanism should be considered secure (i.e., it does not expose the authentication credentials in a manner that is useful to a third-party observer, and other aspects of the authentication are generally secure).- Specified by:
isSecure
in classSASLMechanismHandler<CramMd5SaslMechanismHandlerCfg>
- Returns:
true
if this SASL mechanism should be considered secure, orfalse
if not.
-
isConfigurationAcceptable
public boolean isConfigurationAcceptable(CramMd5SaslMechanismHandlerCfg configuration, List<LocalizableMessage> unacceptableReasons) Description copied from class:SASLMechanismHandler
Indicates whether the provided configuration is acceptable for this SASL mechanism handler. It should be possible to call this method on an uninitialized SASL mechanism handler instance in order to determine whether the SASL mechanism handler would be able to use the provided configuration.- Overrides:
isConfigurationAcceptable
in classSASLMechanismHandler<CramMd5SaslMechanismHandlerCfg>
- Parameters:
configuration
- The SASL mechanism handler configuration for which to make the determination.unacceptableReasons
- A list that may be used to hold the reasons that the provided configuration is not acceptable.- Returns:
true
if the provided configuration is acceptable for this SASL mechanism handler, orfalse
if not.
-
isConfigurationChangeAcceptable
public boolean isConfigurationChangeAcceptable(CramMd5SaslMechanismHandlerCfg configuration, List<LocalizableMessage> unacceptableReasons) Description copied from interface:ConfigurationChangeListener
Indicates whether the proposed change to the configuration is acceptable to this change listener.- Specified by:
isConfigurationChangeAcceptable
in interfaceConfigurationChangeListener<CramMd5SaslMechanismHandlerCfg>
- Parameters:
configuration
- The new configuration containing the changes.unacceptableReasons
- A list that can be used to hold messages about why the provided configuration is not acceptable.- Returns:
- Returns
true
if the proposed change is acceptable, orfalse
if it is not.
-
applyConfigurationChange
Description copied from interface:ConfigurationChangeListener
Applies the configuration changes to this change listener.- Specified by:
applyConfigurationChange
in interfaceConfigurationChangeListener<CramMd5SaslMechanismHandlerCfg>
- Parameters:
configuration
- The new configuration containing the changes.- Returns:
- Returns information about the result of changing the configuration.
-