T
- The type of configuration handled by this SASL mechanism handler.@PublicAPI(stability=VOLATILE, mayInstantiate=false, mayExtend=true, mayInvoke=false) public abstract class SASLMechanismHandler<T extends SaslMechanismHandlerCfg> extends Object
Constructor and Description |
---|
SASLMechanismHandler() |
Modifier and Type | Method and Description |
---|---|
void |
finalizeSASLMechanismHandler()
Performs any finalization that may be necessary for this SASL mechanism handler.
|
abstract void |
initializeSASLMechanismHandler(T configuration)
Initializes this SASL mechanism handler based on the information in the provided configuration entry.
|
boolean |
isConfigurationAcceptable(T configuration,
List<LocalizableMessage> unacceptableReasons)
Indicates whether the provided configuration is acceptable for this SASL mechanism handler.
|
abstract boolean |
isPasswordBased(String mechanism)
Indicates whether the specified SASL mechanism is password-based or uses some other form of credentials (e.g., an
SSL client certificate or Kerberos ticket).
|
abstract boolean |
isSecure(String mechanism)
Indicates whether the specified SASL mechanism should be considered secure (i.e., it does not expose the
authentication credentials in a manner that is useful to a third-party observer, and other aspects of the
authentication are generally secure).
|
abstract void |
processSASLBind(BindOperation bindOperation)
Processes the SASL bind operation.
|
public abstract void initializeSASLMechanismHandler(T configuration) throws ConfigException, InitializationException
configuration
- The configuration to use to initialize this SASL mechanism handler.ConfigException
- If an unrecoverable problem arises in the process of performing the initialization.InitializationException
- If a problem occurs during initialization that is not related to the server configuration.public boolean isConfigurationAcceptable(T configuration, List<LocalizableMessage> unacceptableReasons)
configuration
- The SASL mechanism handler configuration for which to make the determination.unacceptableReasons
- A list that may be used to hold the reasons that the provided configuration is not acceptable.true
if the provided configuration is acceptable for this SASL mechanism handler, or
false
if not.public void finalizeSASLMechanismHandler()
public abstract void processSASLBind(BindOperation bindOperation)
BindOperation.setResultCode
method must be used to set the appropriate result code.BindOperation.setSASLAuthUserEntry
method to provide it with the entry for the user that attempted to
authenticate.BindOperation.setAuthenticationInfo
method must be
used to set the authentication info for the bind operation.BindOperation.setAuthFailureReason
method should
be used to provide a message explaining why the authentication failed.bindOperation
- The SASL bind operation to be processed.public abstract boolean isPasswordBased(String mechanism)
mechanism
- The name of the mechanism for which to make the determination. This will only be invoked with names of
mechanisms for which this handler has previously registered.true
if this SASL mechanism is password-based, or false
if it uses some other form of
credentials.public abstract boolean isSecure(String mechanism)
mechanism
- The name of the mechanism for which to make the determination. This will only be invoked with names of
mechanisms for which this handler has previously registered.true
if this SASL mechanism should be considered secure, or false
if not.Copyright 2010-2022 ForgeRock AS.