org.opends.server.api
Class SASLMechanismHandler<T extends SASLMechanismHandlerCfg>

java.lang.Object
  extended by org.opends.server.api.SASLMechanismHandler<T>
Type Parameters:
T - The type of configuration handled by this SASL mechanism handler.
Direct Known Subclasses:
AnonymousSASLMechanismHandler, CRAMMD5SASLMechanismHandler, DigestMD5SASLMechanismHandler, ExternalSASLMechanismHandler, GSSAPISASLMechanismHandler, PlainSASLMechanismHandler

@PublicAPI(stability=VOLATILE,
           mayInstantiate=false,
           mayExtend=true,
           mayInvoke=false)
public abstract class SASLMechanismHandler<T extends SASLMechanismHandlerCfg>
extends java.lang.Object

This class defines the set of methods and structures that must be implemented by a Directory Server module that implements the functionality required for one or more SASL mechanisms.


Constructor Summary
SASLMechanismHandler()
           
 
Method Summary
 void finalizeSASLMechanismHandler()
          Performs any finalization that may be necessary for this SASL mechanism handler.
abstract  void initializeSASLMechanismHandler(T configuration)
          Initializes this SASL mechanism handler based on the information in the provided configuration entry.
 boolean isConfigurationAcceptable(SASLMechanismHandlerCfg configuration, java.util.List<Message> unacceptableReasons)
          Indicates whether the provided configuration is acceptable for this SASL mechanism handler.
abstract  boolean isPasswordBased(java.lang.String mechanism)
          Indicates whether the specified SASL mechanism is password-based or uses some other form of credentials (e.g., an SSL client certificate or Kerberos ticket).
abstract  boolean isSecure(java.lang.String mechanism)
          Indicates whether the specified SASL mechanism should be considered secure (i.e., it does not expose the authentication credentials in a manner that is useful to a third-party observer, and other aspects of the authentication are generally secure).
abstract  void processSASLBind(BindOperation bindOperation)
          Processes the SASL bind operation.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SASLMechanismHandler

public SASLMechanismHandler()
Method Detail

initializeSASLMechanismHandler

public abstract void initializeSASLMechanismHandler(T configuration)
                                             throws ConfigException,
                                                    InitializationException
Initializes this SASL mechanism handler based on the information in the provided configuration entry. It should also register itself with the Directory Server for the particular kinds of SASL mechanisms that it will process.

Parameters:
configuration - The configuration to use to initialize this SASL mechanism handler.
Throws:
ConfigException - If an unrecoverable problem arises in the process of performing the initialization.
InitializationException - If a problem occurs during initialization that is not related to the server configuration.

isConfigurationAcceptable

public boolean isConfigurationAcceptable(SASLMechanismHandlerCfg configuration,
                                         java.util.List<Message> unacceptableReasons)
Indicates whether the provided configuration is acceptable for this SASL mechanism handler. It should be possible to call this method on an uninitialized SASL mechanism handler instance in order to determine whether the SASL mechanism handler would be able to use the provided configuration.

Note that implementations which use a subclass of the provided configuration class will likely need to cast the configuration to the appropriate subclass type.

Parameters:
configuration - The SASL mechanism handler configuration for which to make the determination.
unacceptableReasons - A list that may be used to hold the reasons that the provided configuration is not acceptable.
Returns:
true if the provided configuration is acceptable for this SASL mechanism handler, or false if not.

finalizeSASLMechanismHandler

public void finalizeSASLMechanismHandler()
Performs any finalization that may be necessary for this SASL mechanism handler. By default, no finalization is performed.


processSASLBind

public abstract void processSASLBind(BindOperation bindOperation)
Processes the SASL bind operation. SASL mechanism implementations must ensure that the following actions are taken during the processing of this method:

Parameters:
bindOperation - The SASL bind operation to be processed.

isPasswordBased

public abstract boolean isPasswordBased(java.lang.String mechanism)
Indicates whether the specified SASL mechanism is password-based or uses some other form of credentials (e.g., an SSL client certificate or Kerberos ticket).

Parameters:
mechanism - The name of the mechanism for which to make the determination. This will only be invoked with names of mechanisms for which this handler has previously registered.
Returns:
true if this SASL mechanism is password-based, or false if it uses some other form of credentials.

isSecure

public abstract boolean isSecure(java.lang.String mechanism)
Indicates whether the specified SASL mechanism should be considered secure (i.e., it does not expose the authentication credentials in a manner that is useful to a third-party observer, and other aspects of the authentication are generally secure).

Parameters:
mechanism - The name of the mechanism for which to make the determination. This will only be invoked with names of mechanisms for which this handler has previously registered.
Returns:
true if this SASL mechanism should be considered secure, or false if not.