org.apache.directory.server.ldap.handlers.bind.gssapi
Class GssapiCallbackHandler

java.lang.Object
  extended by org.apache.directory.server.ldap.handlers.bind.AbstractSaslCallbackHandler
      extended by org.apache.directory.server.ldap.handlers.bind.gssapi.GssapiCallbackHandler
All Implemented Interfaces:
javax.security.auth.callback.CallbackHandler

public class GssapiCallbackHandler
extends AbstractSaslCallbackHandler

Version:
$Rev$, $Date$
Author:
Apache Directory Project

Field Summary
 
Fields inherited from class org.apache.directory.server.ldap.handlers.bind.AbstractSaslCallbackHandler
adminSession, bindRequest, directoryService, ldapSession
 
Constructor Summary
GssapiCallbackHandler(LdapSession ldapSession, CoreSession adminSession, org.apache.directory.shared.ldap.message.internal.InternalBindRequest bindRequest)
          Creates a new instance of GssapiCallbackHandler.
 
Method Summary
protected  void authorize(javax.security.sasl.AuthorizeCallback authorizeCB)
          Final check to authorize user.
protected  org.apache.directory.shared.ldap.entry.EntryAttribute lookupPassword(java.lang.String username, java.lang.String password)
          Implementors set the password based on a lookup, using the username and realm as keys.
 
Methods inherited from class org.apache.directory.server.ldap.handlers.bind.AbstractSaslCallbackHandler
getContext, getEnvironment, getRealm, getUsername, handle
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

GssapiCallbackHandler

public GssapiCallbackHandler(LdapSession ldapSession,
                             CoreSession adminSession,
                             org.apache.directory.shared.ldap.message.internal.InternalBindRequest bindRequest)
Creates a new instance of GssapiCallbackHandler.

Parameters:
session - the mina IO session
bindRequest - the bind message
directoryService - the directory service core
Method Detail

lookupPassword

protected org.apache.directory.shared.ldap.entry.EntryAttribute lookupPassword(java.lang.String username,
                                                                               java.lang.String password)
Description copied from class: AbstractSaslCallbackHandler
Implementors set the password based on a lookup, using the username and realm as keys.

Specified by:
lookupPassword in class AbstractSaslCallbackHandler
Parameters:
username - The username.
password - The realm.
Returns:
The Password entry attribute resulting from the lookup. It may contain more than one password

authorize

protected void authorize(javax.security.sasl.AuthorizeCallback authorizeCB)
                  throws java.lang.Exception
Description copied from class: AbstractSaslCallbackHandler
Final check to authorize user. Used by all SASL mechanisms. This is the only callback used by GSSAPI. Implementors use setAuthorizedID() to set the base DN after canonicalization. Implementors must setAuthorized() to true if authentication was successful.

Specified by:
authorize in class AbstractSaslCallbackHandler
Parameters:
authorizeCB - An AuthorizeCallback.
Throws:
java.lang.Exception


Copyright © 2003-2011 Apache Software Foundation. All Rights Reserved.