com.ibm.security.sasl.gsskerb

Class FactoryImpl

  1. java.lang.Object
  2. extended bycom.ibm.security.sasl.gsskerb.FactoryImpl
All implemented interfaces:
SaslClientFactory, SaslServerFactory

  1. public final class FactoryImpl
  2. extends java.lang.Object
  3. implements SaslClientFactory, SaslServerFactory
Client/server factory for GSSAPI (Kerberos V5) SASL client/server mechs. See GssKrb5Client/GssKrb5Server for input requirements.
Author:
Rosanna Lee

Constructor Summary

Constructor and Description
FactoryImpl()

Method Summary

Modifier and Type Method and Description
  1. SaslClient
createSaslClient(java.lang.String[] mechs,java.lang.String authorizationId,java.lang.String protocol,java.lang.String serverName,java.util.Map<java.lang.String,?> props,javax.security.auth.callback.CallbackHandler cbh)
  1. SaslServer
createSaslServer(java.lang.String mech,java.lang.String protocol,java.lang.String serverName,java.util.Map<java.lang.String,?> props,javax.security.auth.callback.CallbackHandler cbh)
  1. java.lang.String[]
getMechanismNames(java.util.Map<java.lang.String,?> props)
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

FactoryImpl

  1. public FactoryImpl()

Method Detail

createSaslClient

  1. public SaslClient createSaslClient( java.lang.String[] mechs,
  2. java.lang.String authorizationId,
  3. java.lang.String protocol,
  4. java.lang.String serverName,
  5. java.util.Map<java.lang.String,?> props,
  6. javax.security.auth.callback.CallbackHandler cbh)
  7. throws SaslException
Description copied from interface: SaslClientFactory
Creates a SaslClient using the parameters supplied.
Specified by:
Parameters:
mechs - The non-null list of mechanism names to try. Each is the IANA-registered name of a SASL mechanism. (e.g. "GSSAPI", "CRAM-MD5").
authorizationId - The possibly null protocol-dependent identification to be used for authorization. If null or empty, the server derives an authorization ID from the client's authentication credentials. When the SASL authentication completes successfully, the specified entity is granted access.
protocol - The non-null string name of the protocol for which the authentication is being performed (e.g., "ldap").
serverName - The non-null fully qualified host name of the server to authenticate to.
props - The possibly null set of properties used to select the SASL mechanism and to configure the authentication exchange of the selected mechanism. See the Sasl class for a list of standard properties. Other, possibly mechanism-specific, properties can be included. Properties not relevant to the selected mechanism are ignored.
cbh - The possibly null callback handler to used by the SASL mechanisms to get further information from the application/library to complete the authentication. For example, a SASL mechanism might require the authentication ID, password and realm from the caller. The authentication ID is requested by using a NameCallback. The password is requested by using a PasswordCallback. The realm is requested by using a RealmChoiceCallback if there is a list of realms to choose from, and by using a RealmCallback if the realm must be entered.
Returns:
A possibly null SaslClient created using the parameters supplied. If null, this factory cannot produce a SaslClient using the parameters supplied.
Throws:
SaslException - If cannot create a SaslClient because of an error.

createSaslServer

  1. public SaslServer createSaslServer( java.lang.String mech,
  2. java.lang.String protocol,
  3. java.lang.String serverName,
  4. java.util.Map<java.lang.String,?> props,
  5. javax.security.auth.callback.CallbackHandler cbh)
  6. throws SaslException
Description copied from interface: SaslServerFactory
Creates a SaslServer using the parameters supplied. It returns null if no SaslServer can be created using the parameters supplied. Throws SaslException if it cannot create a SaslServer because of an error.
Specified by:
Parameters:
mech - The non-null IANA-registered name of a SASL mechanism. (e.g. "GSSAPI", "CRAM-MD5").
protocol - The non-null string name of the protocol for which the authentication is being performed (e.g., "ldap").
serverName - The non-null fully qualified host name of the server to authenticate to.
props - The possibly null set of properties used to select the SASL mechanism and to configure the authentication exchange of the selected mechanism. See the Sasl class for a list of standard properties. Other, possibly mechanism-specific, properties can be included. Properties not relevant to the selected mechanism are ignored.
cbh - The possibly null callback handler to used by the SASL mechanisms to get further information from the application/library to complete the authentication. For example, a SASL mechanism might require the authentication ID, password and realm from the caller. The authentication ID is requested by using a NameCallback. The password is requested by using a PasswordCallback. The realm is requested by using a RealmChoiceCallback if there is a list of realms to choose from, and by using a RealmCallback if the realm must be entered.
Returns:
A possibly null SaslServer created using the parameters supplied. If null, this factory cannot produce a SaslServer using the parameters supplied.
Throws:
SaslException - If cannot create a SaslServer because of an error.

getMechanismNames

  1. public java.lang.String[] getMechanismNames( java.util.Map<java.lang.String,?> props)
Description copied from interface: SaslClientFactory
Returns an array of names of mechanisms that match the specified mechanism selection policies.
Specified by:
Specified by:
Parameters:
props - The possibly null set of properties used to specify the security policy of the SASL mechanisms. For example, if props contains the Sasl.POLICY_NOPLAINTEXT property with the value "true", then the factory must not return any SASL mechanisms that are susceptible to simple plain passive attacks. See the Sasl class for a complete list of policy properties. Non-policy related properties, if present in props, are ignored.
Returns:
A non-null array containing a IANA-registered SASL mechanism names.