org.apache.directory.server.ldap.handlers.sasl.plain

Class PlainSaslServer

java.lang.Object

org.apache.directory.server.ldap.handlers.sasl.AbstractSaslServer

org.apache.directory.server.ldap.handlers.sasl.plain.PlainSaslServer

All Implemented Interfaces:

javax.security.sasl.SaslServer

public class PlainSaslServer
extends AbstractSaslServer

A SaslServer implementation for PLAIN based SASL mechanism. This is required unfortunately because the JDK's SASL provider does not support this mechanism.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
private static class	PlainSaslServer.InitialResponse The different state used by the iInitialResponse decoding
private static class	PlainSaslServer.NegotiationState The possible states for the negotiation of a PLAIN mechanism.

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	SASL_PLAIN_AUTHCID The authcid property stored into the LdapSession instance
static java.lang.String	SASL_PLAIN_AUTHZID The authzid property stored into the LdapSession instance
static java.lang.String	SASL_PLAIN_PASSWORD The password property stored into the LdapSession instance
private PlainSaslServer.NegotiationState	state The current negotiation state

Constructor Summary

Constructors

Constructor and Description
PlainSaslServer(LdapSession ldapSession, CoreSession adminSession, org.apache.directory.api.ldap.model.message.BindRequest bindRequest) Creates a new instance of PlainSaslServer.

Method Summary

Modifier and Type	Method and Description
private CoreSession	authenticate(java.lang.String user, java.lang.String password) Try to authenticate the user against the underlying LDAP server.
byte[]	evaluateResponse(byte[] initialResponse)
java.lang.String	getMechanismName()
boolean	isComplete()

Methods inherited from class org.apache.directory.server.ldap.handlers.sasl.AbstractSaslServer

dispose, getAdminSession, getAuthorizationID, getBindRequest, getLdapSession, getNegotiatedProperty, unwrap, wrap

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

SASL_PLAIN_AUTHZID

public static final java.lang.String SASL_PLAIN_AUTHZID

The authzid property stored into the LdapSession instance

See Also:

Constant Field Values

SASL_PLAIN_AUTHCID

public static final java.lang.String SASL_PLAIN_AUTHCID

The authcid property stored into the LdapSession instance

See Also:

Constant Field Values

SASL_PLAIN_PASSWORD

public static final java.lang.String SASL_PLAIN_PASSWORD

The password property stored into the LdapSession instance

See Also:

Constant Field Values

state

private PlainSaslServer.NegotiationState state

The current negotiation state

Constructor Detail

PlainSaslServer

public PlainSaslServer(LdapSession ldapSession,
                       CoreSession adminSession,
                       org.apache.directory.api.ldap.model.message.BindRequest bindRequest)

Creates a new instance of PlainSaslServer.

Parameters:

bindRequest - The associated BindRequest object

ldapSession - The associated LdapSession instance

Method Detail

getMechanismName

public java.lang.String getMechanismName()

evaluateResponse

public byte[] evaluateResponse(byte[] initialResponse)
                        throws javax.security.sasl.SaslException

Throws:

javax.security.sasl.SaslException

isComplete

public boolean isComplete()

authenticate

private CoreSession authenticate(java.lang.String user,
                                 java.lang.String password)
                          throws javax.naming.InvalidNameException,
                                 java.lang.Exception

Try to authenticate the user against the underlying LDAP server. The SASL PLAIN authentication is based on the entry which uid is equal to the user name we received.

Throws:

javax.naming.InvalidNameException

java.lang.Exception