Module

Package org.xnio.sasl

Class SaslUtils

java.lang.Object

org.xnio.sasl.SaslUtils

public final class SaslUtils
extends java.lang.Object

Utility methods for handling SASL authentication using NIO-style programming methods.

Author:

David M. Lloyd

Field Summary

Fields

Modifier and Type	Field	Description
static byte[]	EMPTY_BYTES	A zero-length byte array, useful for sending and receiving empty SASL messages.

Method Summary

Modifier and Type	Method	Description
static java.util.Map<java.lang.String,java.lang.Object>	createPropertyMap(OptionMap optionMap, boolean secure)	Create a SASL property map from an XNIO option map.
static byte[]	evaluateChallenge(javax.security.sasl.SaslClient client, java.nio.ByteBuffer source)	Evaluate a sasl challenge.
static boolean	evaluateChallenge(javax.security.sasl.SaslClient client, java.nio.ByteBuffer destination, java.nio.ByteBuffer source)	Evaluate a sasl challenge.
static byte[]	evaluateResponse(javax.security.sasl.SaslServer server, java.nio.ByteBuffer source)	Evaluate a sasl response.
static boolean	evaluateResponse(javax.security.sasl.SaslServer server, java.nio.ByteBuffer destination, java.nio.ByteBuffer source)	Evaluate a sasl response.
static java.util.Iterator<javax.security.sasl.SaslClientFactory>	getSaslClientFactories()	Returns an iterator of all of the registered SaslClientFactorys where the order is based on the order of the Provider registration and/or class path order.
static java.util.Iterator<javax.security.sasl.SaslClientFactory>	getSaslClientFactories(java.lang.ClassLoader classLoader, boolean includeGlobal)	Returns an iterator of all of the registered SaslClientFactorys where the order is based on the order of the Provider registration and/or class path order.
static java.util.Iterator<javax.security.sasl.SaslServerFactory>	getSaslServerFactories()	Returns an iterator of all of the registered SaslServerFactorys where the order is based on the order of the Provider registration and/or class path order.
static java.util.Iterator<javax.security.sasl.SaslServerFactory>	getSaslServerFactories(java.lang.ClassLoader classLoader, boolean includeGlobal)	Returns an iterator of all of the registered SaslServerFactorys where the order is based on the order of the Provider registration and/or class path order.
static byte[]	unwrap(javax.security.sasl.SaslClient client, java.nio.ByteBuffer source)	Unwrap a message.
static void	unwrap(javax.security.sasl.SaslClient client, java.nio.ByteBuffer destination, java.nio.ByteBuffer source)	Unwrap a message.
static byte[]	unwrap(javax.security.sasl.SaslServer server, java.nio.ByteBuffer source)	Unwrap a message.
static void	unwrap(javax.security.sasl.SaslServer server, java.nio.ByteBuffer destination, java.nio.ByteBuffer source)	Unwrap a message.
static byte[]	wrap(javax.security.sasl.SaslClient client, java.nio.ByteBuffer source)	Wrap a message.
static void	wrap(javax.security.sasl.SaslClient client, java.nio.ByteBuffer destination, java.nio.ByteBuffer source)	Wrap a message.
static byte[]	wrap(javax.security.sasl.SaslServer server, java.nio.ByteBuffer source)	Wrap a message.
static void	wrap(javax.security.sasl.SaslServer server, java.nio.ByteBuffer destination, java.nio.ByteBuffer source)	Wrap a message.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

EMPTY_BYTES

public static final byte[] EMPTY_BYTES

A zero-length byte array, useful for sending and receiving empty SASL messages.

Method Detail

getSaslServerFactories

public static java.util.Iterator<javax.security.sasl.SaslServerFactory> getSaslServerFactories(java.lang.ClassLoader classLoader,
                                                                                               boolean includeGlobal)

Returns an iterator of all of the registered SaslServerFactorys where the order is based on the order of the Provider registration and/or class path order. Class path providers are listed before global providers; in the event of a name conflict, the class path provider is preferred.

Parameters:

classLoader - the class loader to use

includeGlobal - true to include globally registered providers, false to exclude them

Returns:

the Iterator of SaslServerFactorys

getSaslServerFactories

public static java.util.Iterator<javax.security.sasl.SaslServerFactory> getSaslServerFactories()

Returns an iterator of all of the registered SaslServerFactorys where the order is based on the order of the Provider registration and/or class path order.

Returns:

the Iterator of SaslServerFactorys

getSaslClientFactories

public static java.util.Iterator<javax.security.sasl.SaslClientFactory> getSaslClientFactories(java.lang.ClassLoader classLoader,
                                                                                               boolean includeGlobal)

Returns an iterator of all of the registered SaslClientFactorys where the order is based on the order of the Provider registration and/or class path order. Class path providers are listed before global providers; in the event of a name conflict, the class path provider is preferred.

Parameters:

classLoader - the class loader to use

includeGlobal - true to include globally registered providers, false to exclude them

Returns:

the Iterator of SaslClientFactorys

getSaslClientFactories

public static java.util.Iterator<javax.security.sasl.SaslClientFactory> getSaslClientFactories()

Returns an iterator of all of the registered SaslClientFactorys where the order is based on the order of the Provider registration and/or class path order.

Returns:

the Iterator of SaslClientFactorys

evaluateChallenge

public static boolean evaluateChallenge(javax.security.sasl.SaslClient client,
                                        java.nio.ByteBuffer destination,
                                        java.nio.ByteBuffer source)
                                 throws javax.security.sasl.SaslException

Evaluate a sasl challenge. If the result is false then the negotiation is not yet complete and the data written into the destination buffer needs to be sent to the server as a response. If the result is true then negotiation was successful and no response needs to be sent to the server.

The source buffer should have its position and remaining length set to encompass exactly one SASL message. The SASL message itself does not encode any length information so it is up to the protocol implementer to ensure that the message is properly framed.

Parameters:

client - the SASL client to use to evaluate the challenge message

destination - the destination buffer into which the response message should be written, if any

source - the source buffer from which the challenge message should be read

Returns:

true if negotiation is complete and successful, false otherwise

Throws:

javax.security.sasl.SaslException - if negotiation failed or another error occurred

evaluateChallenge

public static byte[] evaluateChallenge(javax.security.sasl.SaslClient client,
                                       java.nio.ByteBuffer source)
                                throws javax.security.sasl.SaslException

Evaluate a sasl challenge. If the result is non-null then the negotiation is not yet complete and the data returned needs to be sent to the server as a response. If the result is null then negotiation was successful and no response needs to be sent to the server.

The source buffer should have its position and remaining length set to encompass exactly one SASL message. The SASL message itself does not encode any length information so it is up to the protocol implementer to ensure that the message is properly framed.

Parameters:

client - the SASL client to use to evaluate the challenge message

source - the source buffer from which the challenge message should be read

Returns:

null if negotiation is complete and successful, or the response otherwise

Throws:

javax.security.sasl.SaslException - if negotiation failed or another error occurred

evaluateResponse

public static boolean evaluateResponse(javax.security.sasl.SaslServer server,
                                       java.nio.ByteBuffer destination,
                                       java.nio.ByteBuffer source)
                                throws javax.security.sasl.SaslException

Evaluate a sasl response. If the result is false then the negotiation is not yet complete and the data written into the destination buffer needs to be sent to the server as a response. If the result is true then negotiation was successful and no response needs to be sent to the client (other than a successful completion message, depending on the protocol).

The source buffer should have its position and remaining length set to encompass exactly one SASL message. The SASL message itself does not encode any length information so it is up to the protocol implementer to ensure that the message is properly framed.

Parameters:

server - the SASL server to use to evaluate the response message

destination - the destination buffer into which the response message should be written, if any

source - the source buffer from which the response message should be read

Returns:

true if negotiation is complete and successful, false otherwise

Throws:

javax.security.sasl.SaslException - if negotiation failed or another error occurred

evaluateResponse

public static byte[] evaluateResponse(javax.security.sasl.SaslServer server,
                                      java.nio.ByteBuffer source)
                               throws javax.security.sasl.SaslException

Evaluate a sasl response. If the result is non-null then the negotiation is not yet complete and the data returned needs to be sent to the server as a response. If the result is null then negotiation was successful and no response needs to be sent to the client (other than a successful completion message, depending on the protocol).

The source buffer should have its position and remaining length set to encompass exactly one SASL message. The SASL message itself does not encode any length information so it is up to the protocol implementer to ensure that the message is properly framed.

Parameters:

server - the SASL server to use to evaluate the response message

source - the source buffer from which the response message should be read

Returns:

true if negotiation is complete and successful, false otherwise

Throws:

javax.security.sasl.SaslException - if negotiation failed or another error occurred

wrap

public static void wrap(javax.security.sasl.SaslClient client,
                        java.nio.ByteBuffer destination,
                        java.nio.ByteBuffer source)
                 throws javax.security.sasl.SaslException

Wrap a message. Wrapping occurs from the source buffer to the destination idea.

The source buffer should have its position and remaining length set to encompass exactly one SASL message (without the length field). The SASL message itself does not encode any length information so it is up to the protocol implementer to ensure that the message is properly framed.

Parameters:

client - the SASL client to wrap with

destination - the buffer into which bytes should be written

source - the buffers from which bytes should be read

Throws:

javax.security.sasl.SaslException - if a SASL error occurs

See Also:

SaslClient.wrap(byte[], int, int)

wrap

public static byte[] wrap(javax.security.sasl.SaslClient client,
                          java.nio.ByteBuffer source)
                   throws javax.security.sasl.SaslException

Wrap a message. Wrapping occurs from the source buffer to the destination idea.

The source buffer should have its position and remaining length set to encompass exactly one SASL message (without the length field). The SASL message itself does not encode any length information so it is up to the protocol implementer to ensure that the message is properly framed.

Parameters:

client - the SASL client to wrap with

source - the buffers from which bytes should be read

Returns:

the wrap result

Throws:

javax.security.sasl.SaslException - if a SASL error occurs

See Also:

SaslClient.wrap(byte[], int, int)

wrap

public static void wrap(javax.security.sasl.SaslServer server,
                        java.nio.ByteBuffer destination,
                        java.nio.ByteBuffer source)
                 throws javax.security.sasl.SaslException

Wrap a message. Wrapping occurs from the source buffer to the destination idea.

The source buffer should have its position and remaining length set to encompass exactly one SASL message (without the length field). The SASL message itself does not encode any length information so it is up to the protocol implementer to ensure that the message is properly framed.

Parameters:

server - the SASL server to wrap with

destination - the buffer into which bytes should be written

source - the buffers from which bytes should be read

Throws:

javax.security.sasl.SaslException - if a SASL error occurs

See Also:

SaslServer.wrap(byte[], int, int)

wrap

public static byte[] wrap(javax.security.sasl.SaslServer server,
                          java.nio.ByteBuffer source)
                   throws javax.security.sasl.SaslException

Wrap a message. Wrapping occurs from the source buffer to the destination idea.

The source buffer should have its position and remaining length set to encompass exactly one SASL message (without the length field). The SASL message itself does not encode any length information so it is up to the protocol implementer to ensure that the message is properly framed.

Parameters:

server - the SASL server to wrap with

source - the buffers from which bytes should be read

Returns:

the wrap result

Throws:

javax.security.sasl.SaslException - if a SASL error occurs

See Also:

SaslServer.wrap(byte[], int, int)

unwrap

public static void unwrap(javax.security.sasl.SaslClient client,
                          java.nio.ByteBuffer destination,
                          java.nio.ByteBuffer source)
                   throws javax.security.sasl.SaslException

Unwrap a message. Unwrapping occurs from the source buffer to the destination idea.

The source buffer should have its position and remaining length set to encompass exactly one SASL message (without the length field). The SASL message itself does not encode any length information so it is up to the protocol implementer to ensure that the message is properly framed.

Parameters:

client - the SASL client to unwrap with

destination - the buffer into which bytes should be written

source - the buffers from which bytes should be read

Throws:

javax.security.sasl.SaslException - if a SASL error occurs

See Also:

SaslClient.unwrap(byte[], int, int)

unwrap

public static byte[] unwrap(javax.security.sasl.SaslClient client,
                            java.nio.ByteBuffer source)
                     throws javax.security.sasl.SaslException

Unwrap a message. Unwrapping occurs from the source buffer to the destination idea.

The source buffer should have its position and remaining length set to encompass exactly one SASL message (without the length field). The SASL message itself does not encode any length information so it is up to the protocol implementer to ensure that the message is properly framed.

Parameters:

client - the SASL client to unwrap with

source - the buffers from which bytes should be read

Returns:

the wrap result

Throws:

javax.security.sasl.SaslException - if a SASL error occurs

See Also:

SaslClient.unwrap(byte[], int, int)

unwrap

public static void unwrap(javax.security.sasl.SaslServer server,
                          java.nio.ByteBuffer destination,
                          java.nio.ByteBuffer source)
                   throws javax.security.sasl.SaslException

Unwrap a message. Unwrapping occurs from the source buffer to the destination idea.

The source buffer should have its position and remaining length set to encompass exactly one SASL message (without the length field). The SASL message itself does not encode any length information so it is up to the protocol implementer to ensure that the message is properly framed.

Parameters:

server - the SASL server to unwrap with

destination - the buffer into which bytes should be written

source - the buffers from which bytes should be read

Throws:

javax.security.sasl.SaslException - if a SASL error occurs

See Also:

SaslServer.unwrap(byte[], int, int)

unwrap

public static byte[] unwrap(javax.security.sasl.SaslServer server,
                            java.nio.ByteBuffer source)
                     throws javax.security.sasl.SaslException

Unwrap a message. Unwrapping occurs from the source buffer to the destination idea.

The source buffer should have its position and remaining length set to encompass exactly one SASL message (without the length field). The SASL message itself does not encode any length information so it is up to the protocol implementer to ensure that the message is properly framed.

Parameters:

server - the SASL server to unwrap with

source - the buffers from which bytes should be read

Returns:

the wrap result

Throws:

javax.security.sasl.SaslException - if a SASL error occurs

See Also:

SaslServer.unwrap(byte[], int, int)

createPropertyMap

public static java.util.Map<java.lang.String,java.lang.Object> createPropertyMap(OptionMap optionMap,
                                                                                       boolean secure)

Create a SASL property map from an XNIO option map.

Parameters:

optionMap - the option map

secure - true if the channel is secure, false otherwise

Returns:

the property map