Package org.apache.qpid.jms.sasl

Interface Mechanism

All Superinterfaces:
Comparable<Mechanism>
All Known Implementing Classes:
AbstractMechanism, AnonymousMechanism, CramMD5Mechanism, ExternalMechanism, GssapiMechanism, PlainMechanism, ScramSHA1Mechanism, ScramSHA256Mechanism, ScramSHA512Mechanism, XOauth2Mechanism
public interface Mechanism extends Comparable<Mechanism>
Interface for all SASL authentication mechanism implementations.

  • Nested Class Summary

    Nested Classes
    Modifier and Type
    Interface
    Description
    static enum 
    Mechanism.PRIORITY
    Relative priority values used to arrange the found SASL mechanisms in a preferred order where the level of security generally defines the preference.

  • Method Summary

    Modifier and Type
    Method
    Description
    default String
    getAdditionalFailureInformation()
    Allows a mechanism to report additional information on the reason for authentication failure (e.g.
    byte[]
    getChallengeResponse(byte[] challenge)
    Create a response based on a given challenge from the remote peer.
    byte[]
    getInitialResponse()
    Create an initial response based on selected mechanism.
    String
    getName()
     
    String
    getPassword()
    Returns the configured password value for this Mechanism.
    int
    getPriority()
     
    String
    getUsername()
    Returns the configured user name value for this Mechanism.
    void
    init(Map<String,String> options)
    Perform any configuration initiation required by the mechanism.
    boolean
    isApplicable(String username, String password, Principal localPrincipal)
    Allows the mechanism to determine if it can be used given the authentication provided.
    boolean
    isEnabledByDefault()
    Allows the mechanism to indicate if it is enabled by default, or only when explicitly enabled through configuring the permitted sasl mechanisms.
    void
    setPassword(String username)
    Sets the password value for this Mechanism.
    void
    setUsername(String username)
    Sets the user name value for this Mechanism.
    void
    verifyCompletion()
    Verifies that the SASL exchange has completed successfully.

    Methods inherited from interface java.lang.Comparable

    compareTo

  • Method Details

    • getPriority

      int getPriority()
      Returns:
      return the relative priority of this SASL mechanism.

    • getName

      String getName()
      Returns:
      the well known name of this SASL mechanism.

    • init

      void init(Map<String,String> options)
      Perform any configuration initiation required by the mechanism.
      Parameters:
      options - An immutable map of sasl options. Will always be non-null.

    • getInitialResponse

      byte[] getInitialResponse() throws SaslException
      Create an initial response based on selected mechanism. May be null if there is no initial response.
      Returns:
      the initial response, or null if there isn't one.
      Throws:
      SaslException - if an error occurs computing the response.

    • getChallengeResponse

      byte[] getChallengeResponse(byte[] challenge) throws SaslException
      Create a response based on a given challenge from the remote peer.
      Parameters:
      challenge - the challenge that this Mechanism should response to.
      Returns:
      the response that answers the given challenge.
      Throws:
      SaslException - if an error occurs computing the response.

    • verifyCompletion

      void verifyCompletion() throws SaslException
      Verifies that the SASL exchange has completed successfully. This is an opportunity for the mechanism to ensure that all mandatory steps have been completed successfully and to cleanup and resources that are held by this Mechanism.
      Throws:
      SaslException - if the outcome of the SASL exchange is not valid for this Mechanism

    • setUsername

      void setUsername(String username)
      Sets the user name value for this Mechanism. The Mechanism can ignore this value if it does not utilize user name in it's authentication processing.
      Parameters:
      username - The user name given.

    • getUsername

      String getUsername()
      Returns the configured user name value for this Mechanism.
      Returns:
      the currently set user name value for this Mechanism.

    • setPassword

      void setPassword(String username)
      Sets the password value for this Mechanism. The Mechanism can ignore this value if it does not utilize a password in it's authentication processing.
      Parameters:
      username - The user name given.

    • getPassword

      String getPassword()
      Returns the configured password value for this Mechanism.
      Returns:
      the currently set password value for this Mechanism.

    • isApplicable

      boolean isApplicable(String username, String password, Principal localPrincipal)
      Allows the mechanism to determine if it can be used given the authentication provided.
      Parameters:
      username - The user name given to the client for authentication.
      password - The password given to the client for authentication.
      localPrincipal - The local Principal configured for the client for authentication.
      Returns:
      if this Mechanism is able to validate using the given credentials.

    • isEnabledByDefault

      boolean isEnabledByDefault()
      Allows the mechanism to indicate if it is enabled by default, or only when explicitly enabled through configuring the permitted sasl mechanisms.
      Returns:
      true if this Mechanism is enabled by default.

    • getAdditionalFailureInformation

      default String getAdditionalFailureInformation()
      Allows a mechanism to report additional information on the reason for authentication failure (e.g. provided in a challenge from the server)
      Returns:
      information on the reason for failure, or null if no such information is available