AbstractSaslCallbackHandler

java.lang.Object
- org.apache.directory.server.ldap.handlers.sasl.AbstractSaslCallbackHandler

All Implemented Interfaces:

javax.security.auth.callback.CallbackHandler

Direct Known Subclasses:

CramMd5CallbackHandler, DigestMd5CallbackHandler, GssapiCallbackHandler
```
public abstract class AbstractSaslCallbackHandler
extends java.lang.Object
implements javax.security.auth.callback.CallbackHandler
```
Base class for all SASL CallbackHandlers. Implementations of SASL mechanisms selectively override the methods relevant to their mechanism.

See Also:

CallbackHandler

Field Summary

Fields
Modifier and Type	Field and Description
`protected CoreSession`	`adminSession` The admin core session
`protected org.apache.directory.api.ldap.model.message.BindRequest`	`bindRequest` The associated BindRequest
`protected DirectoryService`	`directoryService` A reference on the DirectoryService instance
`private static org.apache.directory.api.ldap.model.message.Control[]`	`EMPTY` An empty control array
`protected LdapSession`	`ldapSession` The reference on the user ldap session
`private static org.slf4j.Logger`	`LOG` The logger instance
`private java.lang.String`	`realm`
`private java.lang.String`	`username`

Constructor Summary

Constructors
Modifier	Constructor and Description
`protected`	`AbstractSaslCallbackHandler(DirectoryService directoryService, org.apache.directory.api.ldap.model.message.BindRequest bindRequest)` Creates a new instance of AbstractSaslCallbackHandler.

Method Summary

All Methods Instance Methods Abstract Methods Concrete Methods
Modifier and Type	Method and Description
`protected abstract void`	`authorize(javax.security.sasl.AuthorizeCallback callback)` Final check to authorize user.
`protected javax.naming.ldap.LdapContext`	`getContext(org.apache.mina.core.session.IoSession session, org.apache.directory.api.ldap.model.message.BindRequest bindRequest, java.util.Hashtable<java.lang.String,java.lang.Object> env)` Convenience method for acquiring an `LdapContext` for the client to use for the duration of a session.
`protected java.util.Hashtable<java.lang.String,java.lang.Object>`	`getEnvironment(org.apache.mina.core.session.IoSession session)` Convenience method for getting an environment suitable for acquiring an `LdapContext` for the client.
`protected java.lang.String`	`getRealm()` Implementors use this method to access the realm resulting from a callback.
`protected java.lang.String`	`getUsername()` Implementors use this method to access the username resulting from a callback.
`void`	`handle(javax.security.auth.callback.Callback[] callbacks)` SaslServer will use this method to call various callbacks, depending on the SASL mechanism in use for a session.
`protected abstract org.apache.directory.api.ldap.model.entry.Attribute`	`lookupPassword(java.lang.String username, java.lang.String realm)` Implementors set the password based on a lookup, using the username and realm as keys.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - LOG
```
private static final org.slf4j.Logger LOG
```
    The logger instance
  - EMPTY
```
private static final org.apache.directory.api.ldap.model.message.Control[] EMPTY
```
    An empty control array
  - username
```
private java.lang.String username
```
  - realm
```
private java.lang.String realm
```
  - ldapSession
```
protected LdapSession ldapSession
```
    The reference on the user ldap session
  - adminSession
```
protected CoreSession adminSession
```
    The admin core session
  - directoryService
```
protected final DirectoryService directoryService
```
    A reference on the DirectoryService instance
  - bindRequest
```
protected final org.apache.directory.api.ldap.model.message.BindRequest bindRequest
```
    The associated BindRequest
- Constructor Detail
  - AbstractSaslCallbackHandler
```
protected AbstractSaslCallbackHandler(DirectoryService directoryService,
                                      org.apache.directory.api.ldap.model.message.BindRequest bindRequest)
```
    Creates a new instance of AbstractSaslCallbackHandler.
    
    Parameters:
    
    directoryService -
- Method Detail
  - getUsername
```
protected java.lang.String getUsername()
```
    Implementors use this method to access the username resulting from a callback. Callback default name will be username, eg 'hnelson', for CRAM-MD5 and DIGEST-MD5. The NameCallback is not used by GSSAPI.
  - getRealm
```
protected java.lang.String getRealm()
```
    Implementors use this method to access the realm resulting from a callback. Callback default text will be realm name, eg 'example.com', for DIGEST-MD5. The RealmCallback is not used by GSSAPI nor by CRAM-MD5.
  - lookupPassword
```
protected abstract org.apache.directory.api.ldap.model.entry.Attribute lookupPassword(java.lang.String username,
                                                                                      java.lang.String realm)
```
    Implementors set the password based on a lookup, using the username and realm as keys.
    - For DIGEST-MD5, lookup password based on username and realm.
    - For CRAM-MD5, lookup password based on username.
    - For GSSAPI, this callback is unused.
    Parameters:
    
    username - The username.
    
    realm - The realm.
    
    Returns:
    
    The Password entry attribute resulting from the lookup. It may contain more than one password
  - authorize
```
protected abstract void authorize(javax.security.sasl.AuthorizeCallback callback)
                           throws java.lang.Exception
```
    Final check to authorize user. Used by all SASL mechanisms. This is the only callback used by GSSAPI. Implementors use setAuthorizedID() to set the base Dn after canonicalization. Implementors must setAuthorized() to true if authentication was successful.
    
    Parameters:
    
    callback - An AuthorizeCallback.
    
    Throws:
    
    java.lang.Exception
  - handle
```
public void handle(javax.security.auth.callback.Callback[] callbacks)
```
    SaslServer will use this method to call various callbacks, depending on the SASL mechanism in use for a session.
    
    Specified by:
    
    handle in interface javax.security.auth.callback.CallbackHandler
    
    Parameters:
    
    callbacks - An array of one or more callbacks.
  - getContext
```
protected javax.naming.ldap.LdapContext getContext(org.apache.mina.core.session.IoSession session,
                                                   org.apache.directory.api.ldap.model.message.BindRequest bindRequest,
                                                   java.util.Hashtable<java.lang.String,java.lang.Object> env)
```
    Convenience method for acquiring an LdapContext for the client to use for the duration of a session.
    
    Parameters:
    
    session - The current session.
    
    bindRequest - The current BindRequest.
    
    env - An environment to be used to acquire an LdapContext.
    
    Returns:
    
    An LdapContext for the client.
  - getEnvironment
```
protected java.util.Hashtable<java.lang.String,java.lang.Object> getEnvironment(org.apache.mina.core.session.IoSession session)
```
    Convenience method for getting an environment suitable for acquiring an LdapContext for the client.
    
    Parameters:
    
    session - The current session.
    
    Returns:
    
    An environment suitable for acquiring an LdapContext for the client.

Class AbstractSaslCallbackHandler

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

LOG

EMPTY

username

realm

ldapSession

adminSession

directoryService

bindRequest

Constructor Detail

AbstractSaslCallbackHandler

Method Detail

getUsername

getRealm

lookupPassword

authorize

handle

getContext

getEnvironment