Package org.wildfly.security.sasl.gs2
Class Gs2SaslClient
- java.lang.Object
-
- org.wildfly.security.sasl.util.AbstractSaslParticipant
-
- org.wildfly.security.sasl.util.AbstractSaslClient
-
- org.wildfly.security.sasl.gs2.Gs2SaslClient
-
- All Implemented Interfaces:
SaslClient,SaslWrapper
final class Gs2SaslClient extends AbstractSaslClient
SaslClient for the GS2 mechanism family as defined by RFC 5801.- Author:
- Farah Juma
-
-
Field Summary
Fields Modifier and Type Field Description private byte[]bindingDataprivate StringbindingTypeprivate org.wildfly.common.bytes.ByteStringBuildergs2HeaderExcludingNonStdFlagprivate GSSContextgssContextprivate Oidmechanismprivate booleanplusprivate static intST_CHALLENGE_RESPONSEprivate static intST_INITIAL_CHALLENGE-
Fields inherited from class org.wildfly.security.sasl.util.AbstractSaslParticipant
COMPLETE_STATE, FAILED_STATE, NO_BYTES
-
Fields inherited from interface org.wildfly.security.sasl.util.SaslWrapper
IDENTITY
-
-
Constructor Summary
Constructors Constructor Description Gs2SaslClient(String mechanismName, String protocol, String serverName, CallbackHandler callbackHandler, String authorizationId, Map<String,?> props, GSSManager gssManager, boolean plus, String bindingType, byte[] bindingData)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description private org.wildfly.common.bytes.ByteStringBuildercreateGs2HeaderExcludingNonStdFlag()Create a GS2 header, excluding the initial gs2-nonstd-flag, where: gs2-header = [gs2-nonstd-flag "," ] gs2-cb-flag "," [gs2-authzid] "," UTF8-1-safe = %x01-2B / %x2D-3C / %x3E-7F UTF8-2 = <as defined in RFC 3629 (STD 63)> UTF8-3 = <as defined in RFC 3629 (STD 63)> UTF8-4 = <as defined in RFC 3629 (STD 63)> UTF8-char-safe = UTF8-1-safe / UTF8-2 / UTF8-3 / UTF8-4 saslname = 1*(UTF8-char-safe / "=2C" / "=3D") gs2-authzid = "a=" saslname gs2-nonstd-flag = "F" cb-name = 1*(ALPHA / DIGIT / "." / "-") gs2-cb-flag = ("p=" cb-name) / "n" / "y"voiddispose()Dispose of this participant.private static <T> TdoPrivileged(PrivilegedAction<T> action)protected byte[]evaluateMessage(int state, byte[] challenge)voidinit()private static byte[]initSecContext(GSSContext gssContext, byte[] inputBuf, int offset, int len)private byte[]modifyInitialContextToken(byte[] token)Modify the given token by removing the initial context token header, if present, and prefix the resulting token with a GS2 header.-
Methods inherited from class org.wildfly.security.sasl.util.AbstractSaslClient
evaluateChallenge, getAuthorizationId, hasInitialResponse
-
Methods inherited from class org.wildfly.security.sasl.util.AbstractSaslParticipant
assertComplete, evaluateMessage, getCallbackHandler, getIntProperty, getMechanismName, getNegotiatedProperty, getProtocol, getServerName, getStringProperty, getWrapper, handleCallbacks, isComplete, negotiationComplete, setNegotiationState, setWrapper, tryHandleCallbacks, unwrap, wrap
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface javax.security.sasl.SaslClient
getMechanismName, getNegotiatedProperty, isComplete, unwrap, wrap
-
-
-
-
Field Detail
-
ST_INITIAL_CHALLENGE
private static final int ST_INITIAL_CHALLENGE
- See Also:
- Constant Field Values
-
ST_CHALLENGE_RESPONSE
private static final int ST_CHALLENGE_RESPONSE
- See Also:
- Constant Field Values
-
plus
private final boolean plus
-
bindingData
private final byte[] bindingData
-
bindingType
private final String bindingType
-
mechanism
private final Oid mechanism
-
gssContext
private GSSContext gssContext
-
gs2HeaderExcludingNonStdFlag
private org.wildfly.common.bytes.ByteStringBuilder gs2HeaderExcludingNonStdFlag
-
-
Constructor Detail
-
Gs2SaslClient
Gs2SaslClient(String mechanismName, String protocol, String serverName, CallbackHandler callbackHandler, String authorizationId, Map<String,?> props, GSSManager gssManager, boolean plus, String bindingType, byte[] bindingData) throws SaslException
- Throws:
SaslException
-
-
Method Detail
-
dispose
public void dispose() throws SaslExceptionDescription copied from class:AbstractSaslParticipantDispose of this participant.- Specified by:
disposein interfaceSaslClient- Overrides:
disposein classAbstractSaslParticipant- Throws:
SaslException- if disposal failed
-
init
public void init()
- Overrides:
initin classAbstractSaslParticipant
-
evaluateMessage
protected byte[] evaluateMessage(int state, byte[] challenge) throws SaslException- Specified by:
evaluateMessagein classAbstractSaslParticipant- Throws:
SaslException
-
createGs2HeaderExcludingNonStdFlag
private org.wildfly.common.bytes.ByteStringBuilder createGs2HeaderExcludingNonStdFlag()
Create a GS2 header, excluding the initial gs2-nonstd-flag, where: gs2-header = [gs2-nonstd-flag "," ] gs2-cb-flag "," [gs2-authzid] "," UTF8-1-safe = %x01-2B / %x2D-3C / %x3E-7F UTF8-2 = <as defined in RFC 3629 (STD 63)> UTF8-3 = <as defined in RFC 3629 (STD 63)> UTF8-4 = <as defined in RFC 3629 (STD 63)> UTF8-char-safe = UTF8-1-safe / UTF8-2 / UTF8-3 / UTF8-4 saslname = 1*(UTF8-char-safe / "=2C" / "=3D") gs2-authzid = "a=" saslname gs2-nonstd-flag = "F" cb-name = 1*(ALPHA / DIGIT / "." / "-") gs2-cb-flag = ("p=" cb-name) / "n" / "y"- Returns:
- the GS2 header, excluding the initial gs2-nonstd-flag
-
modifyInitialContextToken
private byte[] modifyInitialContextToken(byte[] token) throws GSSExceptionModify the given token by removing the initial context token header, if present, and prefix the resulting token with a GS2 header.- Parameters:
token- the initial context token- Returns:
- the modified token
- Throws:
GSSException- if the given initial context token is invalid
-
initSecContext
private static byte[] initSecContext(GSSContext gssContext, byte[] inputBuf, int offset, int len) throws GSSException
- Throws:
GSSException
-
doPrivileged
private static <T> T doPrivileged(PrivilegedAction<T> action)
-
-