public abstract class SASLMechanism extends Object implements CallbackHandler
getName()
-- returns the common name of the SASL mechanism.authenticate(String, String, String, String)
-- Initiate authentication stanza using the
deprecated method.authenticate(String, CallbackHandler)
-- Initiate authentication stanza
using the CallbackHandler method.challengeReceived(String)
-- Handle a challenge from the server.Modifier and Type | Class and Description |
---|---|
static class |
SASLMechanism.AuthMechanism
Initiating SASL authentication by select a mechanism.
|
static class |
SASLMechanism.Challenge
A SASL challenge stanza.
|
static class |
SASLMechanism.Response
A SASL response stanza.
|
static class |
SASLMechanism.SASLFailure
A SASL failure stanza.
|
static class |
SASLMechanism.Success
A SASL success stanza.
|
Modifier and Type | Field and Description |
---|---|
protected String |
authenticationId |
protected String |
hostname |
protected String |
password |
protected SaslClient |
sc |
Constructor and Description |
---|
SASLMechanism(SASLAuthentication saslAuthentication) |
Modifier and Type | Method and Description |
---|---|
protected void |
authenticate() |
void |
authenticate(String host,
CallbackHandler cbh)
Builds and sends the auth stanza to the server.
|
void |
authenticate(String username,
String host,
String serviceName,
String password)
Builds and sends the auth stanza to the server.
|
void |
challengeReceived(String challenge)
The server is challenging the SASL mechanism for the stanza he just sent.
|
protected abstract String |
getName()
Returns the common name of the SASL mechanism.
|
protected SASLAuthentication |
getSASLAuthentication() |
void |
handle(Callback[] callbacks) |
protected SaslClient sc
protected String authenticationId
public SASLMechanism(SASLAuthentication saslAuthentication)
public void authenticate(String username, String host, String serviceName, String password) throws IOException, SaslException, SmackException.NotConnectedException
authenticate(String, CallbackHandler)
whenever possible.
Explanation of auth stanza:
The client authentication stanza needs to include the digest-uri of the form: xmpp/serverName
From RFC-2831:
digest-uri = "digest-uri" "=" digest-uri-value
digest-uri-value = serv-type "/" host [ "/" serv-name ]
digest-uri:
Indicates the principal name of the service with which the client
wishes to connect, formed from the serv-type, host, and serv-name.
For example, the FTP service
on "ftp.example.com" would have a "digest-uri" value of "ftp/ftp.example.com"; the SMTP
server from the example above would have a "digest-uri" value of
"smtp/mail3.example.com/example.com".
host:
The DNS host name or IP address for the service requested. The DNS host name
must be the fully-qualified canonical name of the host. The DNS host name is the
preferred form; see notes on server processing of the digest-uri.
serv-name:
Indicates the name of the service if it is replicated. The service is
considered to be replicated if the client's service-location process involves resolution
using standard DNS lookup operations, and if these operations involve DNS records (such
as SRV, or MX) which resolve one DNS name into a set of other DNS names. In this case,
the initial name used by the client is the "serv-name", and the final name is the "host"
component. For example, the incoming mail service for "example.com" may be replicated
through the use of MX records stored in the DNS, one of which points at an SMTP server
called "mail3.example.com"; it's "serv-name" would be "example.com", it's "host" would be
"mail3.example.com". If the service is not replicated, or the serv-name is identical to
the host, then the serv-name component MUST be omitted
digest-uri verification is needed for ejabberd 2.0.3 and higherusername
- the username of the user being authenticated.host
- the hostname where the user account resides.serviceName
- the xmpp service location - used by the SASL client in digest-uri creation
serviceName format is: host [ "/" serv-name ] as per RFC-2831password
- the password for this account.IOException
- If a network error occurs while authenticating.SaslException
SmackException.NotConnectedException
public void authenticate(String host, CallbackHandler cbh) throws IOException, SaslException, SmackException.NotConnectedException
host
- the hostname where the user account resides.cbh
- the CallbackHandler to obtain user information.IOException
- If a network error occures while authenticating.SaslException
- If a protocol error occurs or the user is not authenticated.SmackException.NotConnectedException
protected void authenticate() throws IOException, SaslException, SmackException.NotConnectedException
public void challengeReceived(String challenge) throws IOException, SmackException.NotConnectedException
challenge
- a base64 encoded string representing the challenge.IOException
- if an exception sending the response occurs.SmackException.NotConnectedException
protected abstract String getName()
protected SASLAuthentication getSASLAuthentication()
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
handle
in interface CallbackHandler
IOException
UnsupportedCallbackException