javax.security.sasl.SaslClient Java Examples

The following examples show how to use javax.security.sasl.SaslClient. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: SaslOutputStream.java    From openjdk-jdk9 with GNU General Public License v2.0 6 votes vote down vote up
SaslOutputStream(SaslClient sc, OutputStream out) throws SaslException {
    super(out);
    this.sc = sc;

    if (debug) {
        System.err.println("SaslOutputStream: " + out);
    }

    String str = (String) sc.getNegotiatedProperty(Sasl.RAW_SEND_SIZE);
    if (str != null) {
        try {
            rawSendSize = Integer.parseInt(str);
        } catch (NumberFormatException e) {
            throw new SaslException(Sasl.RAW_SEND_SIZE +
                " property must be numeric string: " + str);
        }
    }
}
 
Example #2
Source File: SaslOutputStream.java    From jdk8u_jdk with GNU General Public License v2.0 6 votes vote down vote up
SaslOutputStream(SaslClient sc, OutputStream out) throws SaslException {
    super(out);
    this.sc = sc;

    if (debug) {
        System.err.println("SaslOutputStream: " + out);
    }

    String str = (String) sc.getNegotiatedProperty(Sasl.RAW_SEND_SIZE);
    if (str != null) {
        try {
            rawSendSize = Integer.parseInt(str);
        } catch (NumberFormatException e) {
            throw new SaslException(Sasl.RAW_SEND_SIZE +
                " property must be numeric string: " + str);
        }
    }
}
 
Example #3
Source File: FastSaslClientFactory.java    From Bats with Apache License 2.0 6 votes vote down vote up
@Override
public SaslClient createSaslClient(String[] mechanisms, String authorizationId, String protocol, String serverName,
                                   Map<String, ?> props, CallbackHandler cbh) throws SaslException {
  for (final String mechanism : mechanisms) {
    final List<SaslClientFactory> factories = clientFactories.get(mechanism);
    if (factories != null) {
      for (final SaslClientFactory factory : factories) {
        final SaslClient saslClient = factory.createSaslClient(new String[]{mechanism}, authorizationId, protocol,
            serverName, props, cbh);
        if (saslClient != null) {
          return saslClient;
        }
      }
    }
  }
  return null;
}
 
Example #4
Source File: SaslOutputStream.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
SaslOutputStream(SaslClient sc, OutputStream out) throws SaslException {
    super(out);
    this.sc = sc;

    if (debug) {
        System.err.println("SaslOutputStream: " + out);
    }

    String str = (String) sc.getNegotiatedProperty(Sasl.RAW_SEND_SIZE);
    if (str != null) {
        try {
            rawSendSize = Integer.parseInt(str);
        } catch (NumberFormatException e) {
            throw new SaslException(Sasl.RAW_SEND_SIZE +
                " property must be numeric string: " + str);
        }
    }
}
 
Example #5
Source File: Sasl.java    From java-dcp-client with Apache License 2.0 6 votes vote down vote up
/**
 * Creates a new {@link SaslClient} and first tries the JVM built in clients before falling back
 * to our custom implementations. The mechanisms are tried in the order they arrive.
 */
public static SaslClient createSaslClient(String[] mechanisms, String authorizationId, String protocol,
                                          String serverName, Map<String, ?> props, CallbackHandler cbh) throws SaslException {

  boolean enableScram = Boolean.parseBoolean(System.getProperty("com.couchbase.scramEnabled", "true"));

  for (String mech : mechanisms) {
    String[] mechs = new String[]{mech};

    SaslClient client = javax.security.sasl.Sasl.createSaslClient(
        mechs, authorizationId, protocol, serverName, props, cbh
    );

    if (client == null && enableScram) {
      client = SASL_FACTORY.createSaslClient(
          mechs, authorizationId, protocol, serverName, props, cbh
      );
    }

    if (client != null) {
      return client;
    }
  }

  return null;
}
 
Example #6
Source File: AuthenticationOutcomeListener.java    From Bats with Apache License 2.0 6 votes vote down vote up
@Override
public <CC extends ClientConnection> SaslMessage process(SaslChallengeContext<CC> context) throws Exception {
  final SaslClient saslClient = context.connection.getSaslClient();

  if (saslClient.isComplete()) {
    handleSuccess(context);
    return null;
  } else {
    // server completed before client; so try once, fail otherwise
    evaluateChallenge(context.ugi, saslClient, context.challenge.getData().toByteArray()); // discard response

    if (saslClient.isComplete()) {
      handleSuccess(context);
      return null;
    } else {
      throw new SaslException("Server allegedly succeeded authentication, but client did not. Suspicious?");
    }
  }
}
 
Example #7
Source File: SaslOutputStream.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
SaslOutputStream(SaslClient sc, OutputStream out) throws SaslException {
    super(out);
    this.sc = sc;

    if (debug) {
        System.err.println("SaslOutputStream: " + out);
    }

    String str = (String) sc.getNegotiatedProperty(Sasl.RAW_SEND_SIZE);
    if (str != null) {
        try {
            rawSendSize = Integer.parseInt(str);
        } catch (NumberFormatException e) {
            throw new SaslException(Sasl.RAW_SEND_SIZE +
                " property must be numeric string: " + str);
        }
    }
}
 
Example #8
Source File: AuthenticationOutcomeListener.java    From Bats with Apache License 2.0 6 votes vote down vote up
public void initiate(final String mechanismName) {
  logger.trace("Initiating SASL exchange.");
  try {
    final ByteString responseData;
    final SaslClient saslClient = connection.getSaslClient();
    if (saslClient.hasInitialResponse()) {
      responseData = ByteString.copyFrom(evaluateChallenge(ugi, saslClient, new byte[0]));
    } else {
      responseData = ByteString.EMPTY;
    }
    client.send(new AuthenticationOutcomeListener<>(client, connection, saslRpcType, ugi, completionListener),
        connection,
        saslRpcType,
        SaslMessage.newBuilder()
            .setMechanism(mechanismName)
            .setStatus(SaslStatus.SASL_START)
            .setData(responseData)
            .build(),
        SaslMessage.class,
        true /* the connection will not be backed up at this point */);
    logger.trace("Initiated SASL exchange.");
  } catch (final Exception e) {
    completionListener.failed(RpcException.mapException(e));
  }
}
 
Example #9
Source File: ControlConnection.java    From Bats with Apache License 2.0 6 votes vote down vote up
@Override
public void setSaslClient(final SaslClient saslClient) {
  checkState(this.saslClient == null);
  this.saslClient = saslClient;

  // If encryption is enabled set the backend wrapper instance corresponding to this SaslClient in the connection
  // object. This is later used to do wrap/unwrap in handlers.
  if (isEncryptionEnabled()) {
    saslCodec = new SaslCodec() {
      @Override
      public byte[] wrap(byte[] data, int offset, int len) throws SaslException {
        assert saslClient != null;
        return saslClient.wrap(data, offset, len);
      }

      @Override
      public byte[] unwrap(byte[] data, int offset, int len) throws SaslException {
        assert saslClient != null;
        return saslClient.unwrap(data, offset, len);
      }
    };
  }
}
 
Example #10
Source File: SaslInputStream.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
SaslInputStream(SaslClient sc, InputStream in) throws SaslException {
    super();
    this.in = in;
    this.sc = sc;

    String str = (String) sc.getNegotiatedProperty(Sasl.MAX_BUFFER);
    if (str != null) {
        try {
            recvMaxBufSize = Integer.parseInt(str);
        } catch (NumberFormatException e) {
            throw new SaslException(Sasl.MAX_BUFFER +
                " property must be numeric string: " + str);
        }
    }
    saslBuffer = new byte[recvMaxBufSize];
}
 
Example #11
Source File: SaslOutputStream.java    From hottub with GNU General Public License v2.0 6 votes vote down vote up
SaslOutputStream(SaslClient sc, OutputStream out) throws SaslException {
    super(out);
    this.sc = sc;

    if (debug) {
        System.err.println("SaslOutputStream: " + out);
    }

    String str = (String) sc.getNegotiatedProperty(Sasl.RAW_SEND_SIZE);
    if (str != null) {
        try {
            rawSendSize = Integer.parseInt(str);
        } catch (NumberFormatException e) {
            throw new SaslException(Sasl.RAW_SEND_SIZE +
                " property must be numeric string: " + str);
        }
    }
}
 
Example #12
Source File: SaslInputStream.java    From jdk8u_jdk with GNU General Public License v2.0 6 votes vote down vote up
SaslInputStream(SaslClient sc, InputStream in) throws SaslException {
    super();
    this.in = in;
    this.sc = sc;

    String str = (String) sc.getNegotiatedProperty(Sasl.MAX_BUFFER);
    if (str != null) {
        try {
            recvMaxBufSize = Integer.parseInt(str);
        } catch (NumberFormatException e) {
            throw new SaslException(Sasl.MAX_BUFFER +
                " property must be numeric string: " + str);
        }
    }
    saslBuffer = new byte[recvMaxBufSize];
}
 
Example #13
Source File: Sasl.java    From couchbase-jvm-core with Apache License 2.0 6 votes vote down vote up
/**
 * Creates a new {@link SaslClient} and first tries the JVM built in clients before falling back
 * to our custom implementations. The mechanisms are tried in the order they arrive.
 */
public static SaslClient createSaslClient(String[] mechanisms, String authorizationId, String protocol,
    String serverName, Map<String, ?> props, CallbackHandler cbh) throws SaslException {

    boolean enableScram = Boolean.parseBoolean(System.getProperty("com.couchbase.scramEnabled", "true"));

    for (String mech : mechanisms) {
        String[] mechs = new String[] { mech };

        SaslClient client = javax.security.sasl.Sasl.createSaslClient(
            mechs, authorizationId, protocol, serverName, props, cbh
        );

        if (client == null && enableScram) {
            client = SASL_FACTORY.createSaslClient(
                mechs, authorizationId, protocol, serverName, props, cbh
            );
        }

        if (client != null) {
            return client;
        }
    }

    return null;
}
 
Example #14
Source File: SaslInputStream.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
SaslInputStream(SaslClient sc, InputStream in) throws SaslException {
    super();
    this.in = in;
    this.sc = sc;

    String str = (String) sc.getNegotiatedProperty(Sasl.MAX_BUFFER);
    if (str != null) {
        try {
            recvMaxBufSize = Integer.parseInt(str);
        } catch (NumberFormatException e) {
            throw new SaslException(Sasl.MAX_BUFFER +
                " property must be numeric string: " + str);
        }
    }
    saslBuffer = new byte[recvMaxBufSize];
}
 
Example #15
Source File: SaslResponseCallbackTest.java    From mongodb-async-driver with Apache License 2.0 6 votes vote down vote up
/**
 * Test method for {@link SaslResponseCallback#isLightWeight}.
 *
 * @throws ExecutionException
 *             On a test failure.
 * @throws InterruptedException
 *             On a test failure.
 */
@Test
public void testIsLightWeight() throws InterruptedException,
        ExecutionException {
    final SaslClient mockClient = createMock(SaslClient.class);
    final Connection mockConnection = createMock(Connection.class);
    final FutureCallback<Boolean> results = new FutureCallback<Boolean>();

    replay(mockClient, mockConnection);

    final SaslResponseCallback callback = new SaslResponseCallback(
            mockClient, mockConnection, results);

    assertThat(callback.isLightWeight(), is(true));

    verify(mockClient, mockConnection);
}
 
Example #16
Source File: SaslInputStream.java    From jdk8u-dev-jdk with GNU General Public License v2.0 6 votes vote down vote up
SaslInputStream(SaslClient sc, InputStream in) throws SaslException {
    super();
    this.in = in;
    this.sc = sc;

    String str = (String) sc.getNegotiatedProperty(Sasl.MAX_BUFFER);
    if (str != null) {
        try {
            recvMaxBufSize = Integer.parseInt(str);
        } catch (NumberFormatException e) {
            throw new SaslException(Sasl.MAX_BUFFER +
                " property must be numeric string: " + str);
        }
    }
    saslBuffer = new byte[recvMaxBufSize];
}
 
Example #17
Source File: SaslInputStream.java    From openjdk-jdk8u with GNU General Public License v2.0 6 votes vote down vote up
SaslInputStream(SaslClient sc, InputStream in) throws SaslException {
    super();
    this.in = in;
    this.sc = sc;

    String str = (String) sc.getNegotiatedProperty(Sasl.MAX_BUFFER);
    if (str != null) {
        try {
            recvMaxBufSize = Integer.parseInt(str);
        } catch (NumberFormatException e) {
            throw new SaslException(Sasl.MAX_BUFFER +
                " property must be numeric string: " + str);
        }
    }
    saslBuffer = new byte[recvMaxBufSize];
}
 
Example #18
Source File: SaslInputStream.java    From openjdk-8 with GNU General Public License v2.0 6 votes vote down vote up
SaslInputStream(SaslClient sc, InputStream in) throws SaslException {
    super();
    this.in = in;
    this.sc = sc;

    String str = (String) sc.getNegotiatedProperty(Sasl.MAX_BUFFER);
    if (str != null) {
        try {
            recvMaxBufSize = Integer.parseInt(str);
        } catch (NumberFormatException e) {
            throw new SaslException(Sasl.MAX_BUFFER +
                " property must be numeric string: " + str);
        }
    }
    saslBuffer = new byte[recvMaxBufSize];
}
 
Example #19
Source File: TSaslClientTransport.java    From incubator-retired-blur with Apache License 2.0 6 votes vote down vote up
/**
 * Performs the client side of the initial portion of the Thrift SASL
 * protocol. Generates and sends the initial response to the server, including
 * which mechanism this client wants to use.
 */
@Override
protected void handleSaslStartMessage() throws TTransportException, SaslException {
  SaslClient saslClient = getSaslClient();

  byte[] initialResponse = new byte[0];
  if (saslClient.hasInitialResponse())
    initialResponse = saslClient.evaluateChallenge(initialResponse);

  LOGGER.debug("Sending mechanism name {} and initial response of length {}", mechanism,
      initialResponse.length);

  byte[] mechanismBytes = mechanism.getBytes();
  sendSaslMessage(NegotiationStatus.START,
                  mechanismBytes);
  // Send initial response
  sendSaslMessage(saslClient.isComplete() ? NegotiationStatus.COMPLETE : NegotiationStatus.OK,
                  initialResponse);
  underlyingTransport.flush();
}
 
Example #20
Source File: SaslOutputStream.java    From jdk8u-dev-jdk with GNU General Public License v2.0 6 votes vote down vote up
SaslOutputStream(SaslClient sc, OutputStream out) throws SaslException {
    super(out);
    this.sc = sc;

    if (debug) {
        System.err.println("SaslOutputStream: " + out);
    }

    String str = (String) sc.getNegotiatedProperty(Sasl.RAW_SEND_SIZE);
    if (str != null) {
        try {
            rawSendSize = Integer.parseInt(str);
        } catch (NumberFormatException e) {
            throw new SaslException(Sasl.RAW_SEND_SIZE +
                " property must be numeric string: " + str);
        }
    }
}
 
Example #21
Source File: SaslOutputStream.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 6 votes vote down vote up
SaslOutputStream(SaslClient sc, OutputStream out) throws SaslException {
    super(out);
    this.sc = sc;

    if (debug) {
        System.err.println("SaslOutputStream: " + out);
    }

    String str = (String) sc.getNegotiatedProperty(Sasl.RAW_SEND_SIZE);
    if (str != null) {
        try {
            rawSendSize = Integer.parseInt(str);
        } catch (NumberFormatException e) {
            throw new SaslException(Sasl.RAW_SEND_SIZE +
                " property must be numeric string: " + str);
        }
    }
}
 
Example #22
Source File: KerberosAuthenticationManagerTest.java    From qpid-broker-j with Apache License 2.0 6 votes vote down vote up
private AuthenticationResult authenticate(final SaslNegotiator negotiator) throws Exception
{
    final LoginContext lc = UTILS.createKerberosKeyTabLoginContext(getTestName(),
                                                                   CLIENT_PRINCIPAL_FULL_NAME,
                                                                   _clientKeyTabFile);

    Subject clientSubject = null;
    try
    {
        lc.login();
        clientSubject = lc.getSubject();
        debug("LoginContext subject {}", clientSubject);
        final SaslClient saslClient = createSaslClient(clientSubject);
        return performNegotiation(clientSubject, saslClient, negotiator);
    }
    finally
    {
        if (clientSubject != null)
        {
            lc.logout();
        }
    }
}
 
Example #23
Source File: SaslTestCase.java    From wildfly-core with GNU Lesser General Public License v2.1 5 votes vote down vote up
@Test
public void testSaslAuthenticationDigest() throws Exception {
    init();
    ServiceName serviceName = Capabilities.SASL_AUTHENTICATION_FACTORY_RUNTIME_CAPABILITY.getCapabilityServiceName("MySaslAuth");
    SaslAuthenticationFactory authFactory = (SaslAuthenticationFactory) services.getContainer().getService(serviceName).getValue();

    SaslServer server = authFactory.createMechanism(SaslMechanismInformation.Names.DIGEST_SHA);
    SaslClient client = Sasl.createSaslClient(new String[]{SaslMechanismInformation.Names.DIGEST_SHA},
            "firstUser", "myProtocol", "TestingServer", Collections.<String, Object>emptyMap(), clientCallbackHandler("firstUser", "DigestRealm", "clearPassword"));

    testSaslServerClient(server, client);
}
 
Example #24
Source File: SaslResponseCallbackTest.java    From mongodb-async-driver with Apache License 2.0 5 votes vote down vote up
/**
 * Test method for {@link SaslResponseCallback#handle(Reply)}.
 *
 * @throws ExecutionException
 *             On a test failure.
 * @throws InterruptedException
 *             On a test failure.
 * @throws SaslException
 *             On a test failure.
 */
@Test
public void testHandleMissingDoneField() throws InterruptedException,
        ExecutionException, SaslException {
    final SaslClient mockClient = createMock(SaslClient.class);
    final Connection mockConnection = createMock(Connection.class);
    final FutureCallback<Boolean> results = new FutureCallback<Boolean>();

    final SaslResponseCallback callback = new SaslResponseCallback(
            mockClient, mockConnection, results);

    expect(mockClient.evaluateChallenge(aryEq(new byte[1]))).andReturn(
            new byte[3]);

    final Document command = BuilderFactory.start().add("saslContinue", 1)
            .add("conversationId", 1L).add("payload", new byte[3]).build();
    mockConnection.send(new Command(SaslResponseCallback.EXTERNAL,
            Command.COMMAND_COLLECTION, command), callback);
    expectLastCall();

    replay(mockClient, mockConnection);

    final Document doc = BuilderFactory.start().add("ok", 1)
            .add("conversationId", 1L).add("payload", new byte[1]).build();
    final Reply reply = new Reply(1, 0, 0, Collections.singletonList(doc),
            true, false, false, false);

    callback.handle(reply);

    verify(mockClient, mockConnection);

    try {
        results.get(1, TimeUnit.MICROSECONDS);
        fail("Should have timed out.");
    }
    catch (final TimeoutException good) {
        // Good.
    }
}
 
Example #25
Source File: XMessageBuilder.java    From FoxTelem with GNU General Public License v3.0 5 votes vote down vote up
public XMessage buildExternalAuthStart(String database) {
    CallbackHandler callbackHandler = new CallbackHandler() {
        public void handle(Callback[] callbacks) throws UnsupportedCallbackException {
            for (Callback c : callbacks) {
                if (NameCallback.class.isAssignableFrom(c.getClass())) {
                    // TODO ((NameCallback) c).setName(user);
                    throw new UnsupportedCallbackException(c);
                } else if (PasswordCallback.class.isAssignableFrom(c.getClass())) {
                    // TODO ((PasswordCallback) c).setPassword(password.toCharArray());
                    throw new UnsupportedCallbackException(c);
                } else {
                    throw new UnsupportedCallbackException(c);
                }
            }
        }
    };
    try {
        // now we create the client object we use which can handle EXTERNAL mechanism for "X Protocol" to "serverName"
        String[] mechanisms = new String[] { "EXTERNAL" };
        String authorizationId = database == null || database.trim().length() == 0 ? null : database; // as per protocol spec
        String protocol = "X Protocol";
        Map<String, ?> props = null;
        // TODO: >> serverName. Is this of any use in our X Protocol exchange? Should be defined to be blank or something.
        String serverName = "<unknown>";
        SaslClient saslClient = Sasl.createSaslClient(mechanisms, authorizationId, protocol, serverName, props, callbackHandler);

        // now just pass the details to the X Protocol auth start message
        AuthenticateStart.Builder authStartBuilder = AuthenticateStart.newBuilder();
        authStartBuilder.setMechName("EXTERNAL");
        // saslClient will build the SASL response message
        authStartBuilder.setAuthData(ByteString.copyFrom(saslClient.evaluateChallenge(null)));

        return new XMessage(authStartBuilder.build());
    } catch (SaslException ex) {
        // TODO: better exception, should introduce a new exception class for auth?
        throw new RuntimeException(ex);
    }
}
 
Example #26
Source File: SaslOutputStream.java    From big-c with Apache License 2.0 5 votes vote down vote up
/**
 * Constructs a SASLOutputStream from an OutputStream and a SaslClient <br>
 * Note: if the specified OutputStream or SaslClient is null, a
 * NullPointerException may be thrown later when they are used.
 * 
 * @param outStream
 *          the OutputStream to be processed
 * @param saslClient
 *          an initialized SaslClient object
 */
public SaslOutputStream(OutputStream outStream, SaslClient saslClient) {
  this.saslServer = null;
  this.saslClient = saslClient;
  String qop = (String) saslClient.getNegotiatedProperty(Sasl.QOP);
  this.useWrap = qop != null && !"auth".equalsIgnoreCase(qop);
  if (useWrap) {
    this.outStream = new BufferedOutputStream(outStream, 64*1024);
  } else {
    this.outStream = outStream;
  }
}
 
Example #27
Source File: XMessageBuilder.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
public XMessage buildExternalAuthStart(String database) {
    CallbackHandler callbackHandler = new CallbackHandler() {
        public void handle(Callback[] callbacks) throws UnsupportedCallbackException {
            for (Callback c : callbacks) {
                if (NameCallback.class.isAssignableFrom(c.getClass())) {
                    // TODO ((NameCallback) c).setName(user);
                    throw new UnsupportedCallbackException(c);
                } else if (PasswordCallback.class.isAssignableFrom(c.getClass())) {
                    // TODO ((PasswordCallback) c).setPassword(password.toCharArray());
                    throw new UnsupportedCallbackException(c);
                } else {
                    throw new UnsupportedCallbackException(c);
                }
            }
        }
    };
    try {
        // now we create the client object we use which can handle EXTERNAL mechanism for "X Protocol" to "serverName"
        String[] mechanisms = new String[] { "EXTERNAL" };
        String authorizationId = database == null || database.trim().length() == 0 ? null : database; // as per protocol spec
        String protocol = "X Protocol";
        Map<String, ?> props = null;
        // TODO: >> serverName. Is this of any use in our X Protocol exchange? Should be defined to be blank or something.
        String serverName = "<unknown>";
        SaslClient saslClient = Sasl.createSaslClient(mechanisms, authorizationId, protocol, serverName, props, callbackHandler);

        // now just pass the details to the X Protocol auth start message
        AuthenticateStart.Builder authStartBuilder = AuthenticateStart.newBuilder();
        authStartBuilder.setMechName("EXTERNAL");
        // saslClient will build the SASL response message
        authStartBuilder.setAuthData(ByteString.copyFrom(saslClient.evaluateChallenge(null)));

        return new XMessage(authStartBuilder.build());
    } catch (SaslException ex) {
        // TODO: better exception, should introduce a new exception class for auth?
        throw new RuntimeException(ex);
    }
}
 
Example #28
Source File: ShaSaslClientFactory.java    From couchbase-jvm-core with Apache License 2.0 5 votes vote down vote up
@Override
public SaslClient createSaslClient(String[] mechanisms, String authorizationId, String protocol,
    String serverName, Map<String, ?> props, CallbackHandler cbh) throws SaslException {

    int sha = 0;

    for (String m : mechanisms) {
        if (m.equals(SCRAM_SHA512)) {
            sha = 512;
            break;
        } else if (m.equals(SCRAM_SHA256)) {
            sha = 256;
            break;
        } else if (m.equals(SCRAM_SHA1)) {
            sha = 1;
            break;
        }
    }

    if (sha == 0) {
        return null;
    }

    if (authorizationId != null) {
        throw new SaslException("authorizationId is not supported");
    }

    if (cbh == null) {
        throw new SaslException("Callback handler to get username/password required");
    }

    try {
        return new ShaSaslClient(cbh, sha);
    } catch (NoSuchAlgorithmException e) {
        return null;
    }
}
 
Example #29
Source File: FanOutOneBlockAsyncDFSOutputSaslHelper.java    From hbase with Apache License 2.0 5 votes vote down vote up
private CipherOption unwrap(CipherOption option, SaslClient saslClient) throws IOException {
  byte[] inKey = option.getInKey();
  if (inKey != null) {
    inKey = saslClient.unwrap(inKey, 0, inKey.length);
  }
  byte[] outKey = option.getOutKey();
  if (outKey != null) {
    outKey = saslClient.unwrap(outKey, 0, outKey.length);
  }
  return new CipherOption(option.getCipherSuite(), inKey, option.getInIv(), outKey,
      option.getOutIv());
}
 
Example #30
Source File: SaslUnwrapHandler.java    From hbase with Apache License 2.0 4 votes vote down vote up
public SaslUnwrapHandler(SaslClient saslClient) {
  this.saslClient = saslClient;
}