com.sun.im.provider
Interface SASLServerProvider


public interface SASLServerProvider

A SASL server provider allows for extending the IM server to support custom SASL protocols. These are created from SASLRealm for the required mechanism.

Author:
Mridul Muralidharan

Method Summary
 void close()
          Always called after the provider's use has completed.
 CollaborationPrincipal getUser()
          Return the user which authenticated sucessfully using this provider instance.
 void init()
          Called before 'using' this instance of the provider so that it can initialise itself.
 void process(org.netbeans.lib.collab.SASLData data)
          The whole SASL auth process is encapsulated within this method.
 

Method Detail

getUser

public CollaborationPrincipal getUser()
                               throws AuthenticationException
Return the user which authenticated sucessfully using this provider instance.

Throws:
AuthenticationException - If this method is called without auth succeeding.

init

public void init()
          throws org.netbeans.lib.collab.SASLProviderException
Called before 'using' this instance of the provider so that it can initialise itself. Invocation of this method indicates that there will be subsequent calls to SASLServerProvider#process

Throws:
org.netbeans.lib.collab.SASLProviderException

process

public void process(org.netbeans.lib.collab.SASLData data)
             throws org.netbeans.lib.collab.SASLProviderException
The whole SASL auth process is encapsulated within this method. There will be a series of responses passed on to the provider which were generated by the client in response to the challenges which were issued by the server side provider in previous requests. This process starts off with a START request coming in from the client. The server provider will process the response , and either complete the auth or re-issue another challenge tot he client. You could also have auth failing or getting aborted as part of response evaluation. Not all the challenges need to have a payload data associated in the SASLData, like the initial SASLData#START state ,SASLData#SUCESS state , etc. The server provider should respond back with a SASLData which which are one of : CHALLENGE , ABORT , FAILURE or SUCCESS If a status of FAILURE or ABORT is passed to the provider as part of the request then it indicates that the authentication has been denied/failed at the client side. Similarly, the provider can return a status of FAILURE to indicate server side authentication error.

Throws:
org.netbeans.lib.collab.SASLProviderException - This will result in sending a ABORT SASL packet to the client and the authentication process will fail.

close

public void close()
Always called after the provider's use has completed. For every sucessful init() there will be a call to close() This will be called irrespective of whether auth suceeds or fails. This hook can be used to cleanup any resources in use by the provider.