org.apache.directory.server.ldap.handlers.sasl.digestMD5

Class DigestMd5CallbackHandler

java.lang.Object

org.apache.directory.server.ldap.handlers.sasl.AbstractSaslCallbackHandler

org.apache.directory.server.ldap.handlers.sasl.digestMD5.DigestMd5CallbackHandler

All Implemented Interfaces:

javax.security.auth.callback.CallbackHandler

public class DigestMd5CallbackHandler
extends AbstractSaslCallbackHandler

Field Summary

Fields

Modifier and Type	Field and Description
private java.lang.String	bindDn
private static org.slf4j.Logger	LOG
private org.apache.directory.api.ldap.model.schema.SchemaManager	schemaManager A SchemaManager instance

Fields inherited from class org.apache.directory.server.ldap.handlers.sasl.AbstractSaslCallbackHandler

adminSession, bindRequest, directoryService, ldapSession

Constructor Summary

Constructors

Constructor and Description
DigestMd5CallbackHandler(LdapSession ldapSession, CoreSession adminSession, org.apache.directory.api.ldap.model.message.BindRequest bindRequest) Creates a new instance of DigestMd5CallbackHandler.

Method Summary

Modifier and Type	Method and Description
protected void	authorize(javax.security.sasl.AuthorizeCallback authorizeCB) Final check to authorize user.
protected org.apache.directory.api.ldap.model.entry.Attribute	lookupPassword(java.lang.String username, java.lang.String realm) Implementors set the password based on a lookup, using the username and realm as keys.

Methods inherited from class org.apache.directory.server.ldap.handlers.sasl.AbstractSaslCallbackHandler

getContext, getEnvironment, getRealm, getUsername, handle

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

LOG

private static final org.slf4j.Logger LOG

bindDn

private java.lang.String bindDn

schemaManager

private org.apache.directory.api.ldap.model.schema.SchemaManager schemaManager

A SchemaManager instance

Constructor Detail

DigestMd5CallbackHandler

public DigestMd5CallbackHandler(LdapSession ldapSession,
                                CoreSession adminSession,
                                org.apache.directory.api.ldap.model.message.BindRequest bindRequest)

Creates a new instance of DigestMd5CallbackHandler.

Parameters:

ldapSession - the mina IoSession

adminSession - the admin session

bindRequest - the bind message

Method Detail

lookupPassword

protected org.apache.directory.api.ldap.model.entry.Attribute lookupPassword(java.lang.String username,
                                                                             java.lang.String realm)

Description copied from class: AbstractSaslCallbackHandler

Implementors set the password based on a lookup, using the username and realm as keys.

• For DIGEST-MD5, lookup password based on username and realm.
• For CRAM-MD5, lookup password based on username.
• For GSSAPI, this callback is unused.

Specified by:

lookupPassword in class AbstractSaslCallbackHandler

Parameters:

username - The username.

realm - The realm.

Returns:

The Password entry attribute resulting from the lookup. It may contain more than one password

authorize

protected void authorize(javax.security.sasl.AuthorizeCallback authorizeCB)

Description copied from class: AbstractSaslCallbackHandler

Final check to authorize user. Used by all SASL mechanisms. This is the only callback used by GSSAPI. Implementors use setAuthorizedID() to set the base Dn after canonicalization. Implementors must setAuthorized() to true if authentication was successful.

Specified by:

authorize in class AbstractSaslCallbackHandler

Parameters:

authorizeCB - An AuthorizeCallback.