com.sun.im.provider
Interface SASLServerProvider
- public interface SASLServerProvider
A SASL server provider allows for extending the IM server to support custom SASL
protocols.
These are created from SASLRealm for the required mechanism.
- Author:
- Mridul Muralidharan
Method Summary |
void |
close()
Always called after the provider's use has completed.
|
CollaborationPrincipal |
getUser()
Return the user which authenticated sucessfully using this provider instance. |
void |
init()
Called before 'using' this instance of the provider so that it can
initialise itself.
|
void |
process(org.netbeans.lib.collab.SASLData data)
The whole SASL auth process is encapsulated within this method.
|
getUser
public CollaborationPrincipal getUser()
throws AuthenticationException
- Return the user which authenticated sucessfully using this provider instance.
- Throws:
AuthenticationException
- If this method is called without auth succeeding.
init
public void init()
throws org.netbeans.lib.collab.SASLProviderException
- Called before 'using' this instance of the provider so that it can
initialise itself.
Invocation of this method indicates that there will be subsequent calls to
SASLServerProvider#process
- Throws:
org.netbeans.lib.collab.SASLProviderException
process
public void process(org.netbeans.lib.collab.SASLData data)
throws org.netbeans.lib.collab.SASLProviderException
- The whole SASL auth process is encapsulated within this method.
There will be a series of responses passed on to the provider which were
generated by the client in response to the challenges which were issued
by the server side provider in previous requests.
This process starts off with a START request coming in from the client.
The server provider will process the response , and either complete the auth
or re-issue another challenge tot he client.
You could also have auth failing or getting aborted as part of response evaluation.
Not all the challenges need to have a payload data associated in the SASLData,
like the initial SASLData#START state ,SASLData#SUCESS state , etc.
The server provider should respond back with a SASLData which which are one of :
CHALLENGE , ABORT , FAILURE or SUCCESS
If a status of FAILURE or ABORT is passed to the provider as part of the request
then it indicates that the authentication has been denied/failed at the client
side.
Similarly, the provider can return a status of FAILURE to indicate server side
authentication error.
- Throws:
org.netbeans.lib.collab.SASLProviderException
- This will result in sending a ABORT SASL packet to the client and the
authentication process will fail.
close
public void close()
- Always called after the provider's use has completed.
For every sucessful init() there will be a call to close()
This will be called irrespective of whether auth suceeds or fails.
This hook can be used to cleanup any resources in use by the provider.