org.apache.directory.server.ldap.handlers.bind
Class AbstractSaslCallbackHandler

java.lang.Object
  extended by org.apache.directory.server.ldap.handlers.bind.AbstractSaslCallbackHandler
All Implemented Interfaces:
javax.security.auth.callback.CallbackHandler
Direct Known Subclasses:
CramMd5CallbackHandler, DigestMd5CallbackHandler, GssapiCallbackHandler

public abstract class AbstractSaslCallbackHandler
extends java.lang.Object
implements javax.security.auth.callback.CallbackHandler

Base class for all SASL CallbackHandlers. Implementations of SASL mechanisms selectively override the methods relevant to their mechanism.

Version:
$Rev$, $Date$
Author:
Apache Directory Project
See Also:
CallbackHandler

Field Summary
protected  CoreSession adminSession
          The admin core session
protected  org.apache.directory.shared.ldap.message.internal.InternalBindRequest bindRequest
          The associated BindRequest
protected  DirectoryService directoryService
          A reference on the DirectoryService instance
protected  LdapSession ldapSession
          The reference on the user ldap session
 
Constructor Summary
protected AbstractSaslCallbackHandler(DirectoryService directoryService, org.apache.directory.shared.ldap.message.internal.InternalBindRequest bindRequest)
          Creates a new instance of AbstractSaslCallbackHandler.
 
Method Summary
protected abstract  void authorize(javax.security.sasl.AuthorizeCallback callback)
          Final check to authorize user.
protected  javax.naming.ldap.LdapContext getContext(org.apache.mina.core.session.IoSession session, org.apache.directory.shared.ldap.message.internal.InternalBindRequest bindRequest, java.util.Hashtable<java.lang.String,java.lang.Object> env)
          Convenience method for acquiring an LdapContext for the client to use for the duration of a session.
protected  java.util.Hashtable<java.lang.String,java.lang.Object> getEnvironment(org.apache.mina.core.session.IoSession session)
          Convenience method for getting an environment suitable for acquiring an LdapContext for the client.
protected  java.lang.String getRealm()
          Implementors use this method to access the realm resulting from a callback.
protected  java.lang.String getUsername()
          Implementors use this method to access the username resulting from a callback.
 void handle(javax.security.auth.callback.Callback[] callbacks)
          SaslServer will use this method to call various callbacks, depending on the SASL mechanism in use for a session.
protected abstract  org.apache.directory.shared.ldap.entry.EntryAttribute lookupPassword(java.lang.String username, java.lang.String realm)
          Implementors set the password based on a lookup, using the username and realm as keys.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ldapSession

protected LdapSession ldapSession
The reference on the user ldap session


adminSession

protected CoreSession adminSession
The admin core session


directoryService

protected final DirectoryService directoryService
A reference on the DirectoryService instance


bindRequest

protected final org.apache.directory.shared.ldap.message.internal.InternalBindRequest bindRequest
The associated BindRequest

Constructor Detail

AbstractSaslCallbackHandler

protected AbstractSaslCallbackHandler(DirectoryService directoryService,
                                      org.apache.directory.shared.ldap.message.internal.InternalBindRequest bindRequest)
Creates a new instance of AbstractSaslCallbackHandler.

Parameters:
directoryService -
Method Detail

getUsername

protected java.lang.String getUsername()
Implementors use this method to access the username resulting from a callback. Callback default name will be username, eg 'hnelson', for CRAM-MD5 and DIGEST-MD5. The NameCallback is not used by GSSAPI.


getRealm

protected java.lang.String getRealm()
Implementors use this method to access the realm resulting from a callback. Callback default text will be realm name, eg 'example.com', for DIGEST-MD5. The RealmCallback is not used by GSSAPI nor by CRAM-MD5.


lookupPassword

protected abstract org.apache.directory.shared.ldap.entry.EntryAttribute lookupPassword(java.lang.String username,
                                                                                        java.lang.String realm)
Implementors set the password based on a lookup, using the username and realm as keys.

Parameters:
username - The username.
realm - The realm.
Returns:
The Password entry attribute resulting from the lookup. It may contain more than one password

authorize

protected abstract void authorize(javax.security.sasl.AuthorizeCallback callback)
                           throws java.lang.Exception
Final check to authorize user. Used by all SASL mechanisms. This is the only callback used by GSSAPI. Implementors use setAuthorizedID() to set the base DN after canonicalization. Implementors must setAuthorized() to true if authentication was successful.

Parameters:
callback - An AuthorizeCallback.
Throws:
java.lang.Exception

handle

public void handle(javax.security.auth.callback.Callback[] callbacks)
SaslServer will use this method to call various callbacks, depending on the SASL mechanism in use for a session.

Specified by:
handle in interface javax.security.auth.callback.CallbackHandler
Parameters:
callbacks - An array of one or more callbacks.

getContext

protected javax.naming.ldap.LdapContext getContext(org.apache.mina.core.session.IoSession session,
                                                   org.apache.directory.shared.ldap.message.internal.InternalBindRequest bindRequest,
                                                   java.util.Hashtable<java.lang.String,java.lang.Object> env)
Convenience method for acquiring an LdapContext for the client to use for the duration of a session.

Parameters:
session - The current session.
bindRequest - The current BindRequest.
env - An environment to be used to acquire an LdapContext.
Returns:
An LdapContext for the client.

getEnvironment

protected java.util.Hashtable<java.lang.String,java.lang.Object> getEnvironment(org.apache.mina.core.session.IoSession session)
Convenience method for getting an environment suitable for acquiring an LdapContext for the client.

Parameters:
session - The current session.
Returns:
An environment suitable for acquiring an LdapContext for the client.


Copyright © 2003-2011 Apache Software Foundation. All Rights Reserved.