Package org.wildfly.security.sasl.gssapi

Class GssapiClient

java.lang.Object

org.wildfly.security.sasl.util.AbstractSaslParticipant

org.wildfly.security.sasl.gssapi.AbstractGssapiMechanism

org.wildfly.security.sasl.gssapi.GssapiClient

All Implemented Interfaces:

SaslClient, SaslWrapper

final class GssapiClient
extends AbstractGssapiMechanism
implements SaslClient

SaslClient for the GSSAPI mechanism as defined by RFC 4752

Author:

Darran Lofthouse

Nested Class Summary

Nested classes/interfaces inherited from class org.wildfly.security.sasl.gssapi.AbstractGssapiMechanism

AbstractGssapiMechanism.GssapiWrapper, AbstractGssapiMechanism.QOP

Field Summary

Fields

Modifier and Type	Field	Description
private String	authorizationId
private static int	CHALLENGE_RESPONSE_STATE
private static int	INITIAL_CHALLENGE_STATE
private static int	SECURITY_LAYER_NEGOTIATION_STATE

Fields inherited from class org.wildfly.security.sasl.gssapi.AbstractGssapiMechanism

actualMaxReceiveBuffer, configuredMaxReceiveBuffer, DEFAULT_MAX_BUFFER_SIZE, gssContext, maxBuffer, orderedQops, relaxComplianceChecks, selectedQop

Fields inherited from class org.wildfly.security.sasl.util.AbstractSaslParticipant

COMPLETE_STATE, FAILED_STATE, NO_BYTES

Fields inherited from interface org.wildfly.security.sasl.util.SaslWrapper

IDENTITY

Constructor Summary

Constructors

Constructor	Description
GssapiClient(String protocol, String serverName, Map<String,?> props, CallbackHandler callbackHandler, String authorizationId)

Method Summary

Modifier and Type	Method	Description
private static <T> T	doPrivileged(PrivilegedAction<T> action)
byte[]	evaluateChallenge(byte[] challenge)
protected byte[]	evaluateMessage(int state, byte[] message)
private AbstractGssapiMechanism.QOP	findAgreeableQop(byte securityLayer)
boolean	hasInitialResponse()
void	init()
private static byte[]	initSecContext(GSSContext gssContext, byte[] inputBuf, int offset, int len)
private boolean	isCompatibleWithGssContext(AbstractGssapiMechanism.QOP qop)
private boolean	mayRequireSecurityLater(AbstractGssapiMechanism.QOP[] preferredQop)

Methods inherited from class org.wildfly.security.sasl.gssapi.AbstractGssapiMechanism

dispose, getNegotiatedProperty, intToNetworkOrderBytes, networkOrderBytesToInt, parsePreferredQop

Methods inherited from class org.wildfly.security.sasl.util.AbstractSaslParticipant

assertComplete, evaluateMessage, getCallbackHandler, getIntProperty, getMechanismName, getProtocol, getServerName, getStringProperty, getWrapper, handleCallbacks, isComplete, negotiationComplete, setNegotiationState, setWrapper, tryHandleCallbacks, unwrap, wrap

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface javax.security.sasl.SaslClient

dispose, getMechanismName, getNegotiatedProperty, isComplete, unwrap, wrap

Field Detail

INITIAL_CHALLENGE_STATE

private static final int INITIAL_CHALLENGE_STATE

See Also:

Constant Field Values

CHALLENGE_RESPONSE_STATE

private static final int CHALLENGE_RESPONSE_STATE

See Also:

Constant Field Values

SECURITY_LAYER_NEGOTIATION_STATE

private static final int SECURITY_LAYER_NEGOTIATION_STATE

See Also:

Constant Field Values

authorizationId

private final String authorizationId

Constructor Detail

GssapiClient

GssapiClient(String protocol,
             String serverName,
             Map<String,?> props,
             CallbackHandler callbackHandler,
             String authorizationId)
      throws SaslException

Throws:

SaslException

Method Detail

mayRequireSecurityLater

private boolean mayRequireSecurityLater(AbstractGssapiMechanism.QOP[] preferredQop)

findAgreeableQop

private AbstractGssapiMechanism.QOP findAgreeableQop(byte securityLayer)
                                              throws SaslException

Throws:

SaslException

isCompatibleWithGssContext

private boolean isCompatibleWithGssContext(AbstractGssapiMechanism.QOP qop)

init

public void init()

Overrides:

init in class AbstractSaslParticipant

hasInitialResponse

public boolean hasInitialResponse()

Specified by:

hasInitialResponse in interface SaslClient

evaluateChallenge

public byte[] evaluateChallenge(byte[] challenge)
                         throws SaslException

Specified by:

evaluateChallenge in interface SaslClient

Throws:

SaslException

evaluateMessage

protected byte[] evaluateMessage(int state,
                                 byte[] message)
                          throws SaslException

Specified by:

evaluateMessage in class AbstractSaslParticipant

Throws:

SaslException

initSecContext

private static byte[] initSecContext(GSSContext gssContext,
                                     byte[] inputBuf,
                                     int offset,
                                     int len)
                              throws GSSException

Throws:

GSSException

doPrivileged

private static <T> T doPrivileged(PrivilegedAction<T> action)