|
1 /* |
|
2 * Copyright 1999-2003 Sun Microsystems, Inc. All Rights Reserved. |
|
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
4 * |
|
5 * This code is free software; you can redistribute it and/or modify it |
|
6 * under the terms of the GNU General Public License version 2 only, as |
|
7 * published by the Free Software Foundation. Sun designates this |
|
8 * particular file as subject to the "Classpath" exception as provided |
|
9 * by Sun in the LICENSE file that accompanied this code. |
|
10 * |
|
11 * This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 * version 2 for more details (a copy is included in the LICENSE file that |
|
15 * accompanied this code). |
|
16 * |
|
17 * You should have received a copy of the GNU General Public License version |
|
18 * 2 along with this work; if not, write to the Free Software Foundation, |
|
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 * |
|
21 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, |
|
22 * CA 95054 USA or visit www.sun.com if you need additional information or |
|
23 * have any questions. |
|
24 */ |
|
25 |
|
26 package com.sun.security.sasl; |
|
27 |
|
28 import javax.security.sasl.*; |
|
29 |
|
30 /** |
|
31 * Implements the EXTERNAL SASL client mechanism. |
|
32 * (<A HREF="ftp://ftp.isi.edu/in-notes/rfc2222.txt">RFC 2222</A>). |
|
33 * The EXTERNAL mechanism returns the optional authorization ID as |
|
34 * the initial response. It processes no challenges. |
|
35 * |
|
36 * @author Rosanna Lee |
|
37 */ |
|
38 final class ExternalClient implements SaslClient { |
|
39 private byte[] username; |
|
40 private boolean completed = false; |
|
41 |
|
42 /** |
|
43 * Constructs an External mechanism with optional authorization ID. |
|
44 * |
|
45 * @param authorizationID If non-null, used to specify authorization ID. |
|
46 * @throws SaslException if cannot convert authorizationID into UTF-8 |
|
47 * representation. |
|
48 */ |
|
49 ExternalClient(String authorizationID) throws SaslException { |
|
50 if (authorizationID != null) { |
|
51 try { |
|
52 username = authorizationID.getBytes("UTF8"); |
|
53 } catch (java.io.UnsupportedEncodingException e) { |
|
54 throw new SaslException("Cannot convert " + authorizationID + |
|
55 " into UTF-8", e); |
|
56 } |
|
57 } else { |
|
58 username = new byte[0]; |
|
59 } |
|
60 } |
|
61 |
|
62 /** |
|
63 * Retrieves this mechanism's name for initiating the "EXTERNAL" protocol |
|
64 * exchange. |
|
65 * |
|
66 * @return The string "EXTERNAL". |
|
67 */ |
|
68 public String getMechanismName() { |
|
69 return "EXTERNAL"; |
|
70 } |
|
71 |
|
72 /** |
|
73 * This mechanism has an initial response. |
|
74 */ |
|
75 public boolean hasInitialResponse() { |
|
76 return true; |
|
77 } |
|
78 |
|
79 public void dispose() throws SaslException { |
|
80 } |
|
81 |
|
82 /** |
|
83 * Processes the challenge data. |
|
84 * It returns the EXTERNAL mechanism's initial response, |
|
85 * which is the authorization id encoded in UTF-8. |
|
86 * This is the optional information that is sent along with the SASL command. |
|
87 * After this method is called, isComplete() returns true. |
|
88 * |
|
89 * @param challengeData Ignored. |
|
90 * @return The possible empty initial response. |
|
91 * @throws SaslException If authentication has already been called. |
|
92 */ |
|
93 public byte[] evaluateChallenge(byte[] challengeData) |
|
94 throws SaslException { |
|
95 if (completed) { |
|
96 throw new IllegalStateException( |
|
97 "EXTERNAL authentication already completed"); |
|
98 } |
|
99 completed = true; |
|
100 return username; |
|
101 } |
|
102 |
|
103 /** |
|
104 * Returns whether this mechanism is complete. |
|
105 * @return true if initial response has been sent; false otherwise. |
|
106 */ |
|
107 public boolean isComplete() { |
|
108 return completed; |
|
109 } |
|
110 |
|
111 /** |
|
112 * Unwraps the incoming buffer. |
|
113 * |
|
114 * @throws SaslException Not applicable to this mechanism. |
|
115 */ |
|
116 public byte[] unwrap(byte[] incoming, int offset, int len) |
|
117 throws SaslException { |
|
118 if (completed) { |
|
119 throw new SaslException("EXTERNAL has no supported QOP"); |
|
120 } else { |
|
121 throw new IllegalStateException( |
|
122 "EXTERNAL authentication Not completed"); |
|
123 } |
|
124 } |
|
125 |
|
126 /** |
|
127 * Wraps the outgoing buffer. |
|
128 * |
|
129 * @throws SaslException Not applicable to this mechanism. |
|
130 */ |
|
131 public byte[] wrap(byte[] outgoing, int offset, int len) |
|
132 throws SaslException { |
|
133 if (completed) { |
|
134 throw new SaslException("EXTERNAL has no supported QOP"); |
|
135 } else { |
|
136 throw new IllegalStateException( |
|
137 "EXTERNAL authentication not completed"); |
|
138 } |
|
139 } |
|
140 |
|
141 /** |
|
142 * Retrieves the negotiated property. |
|
143 * This method can be called only after the authentication exchange has |
|
144 * completed (i.e., when <tt>isComplete()</tt> returns true); otherwise, a |
|
145 * <tt>IllegalStateException</tt> is thrown. |
|
146 * |
|
147 * @return null No property is applicable to this mechanism. |
|
148 * @exception IllegalStateException if this authentication exchange |
|
149 * has not completed |
|
150 */ |
|
151 public Object getNegotiatedProperty(String propName) { |
|
152 if (completed) { |
|
153 return null; |
|
154 } else { |
|
155 throw new IllegalStateException( |
|
156 "EXTERNAL authentication not completed"); |
|
157 } |
|
158 } |
|
159 } |