Refine search
@Override public void init(NetSocket socket, ProtonConnection protonConnection, Transport transport) { this.sasl = transport.sasl(); sasl.server(); sasl.allowSkip(false); sasl.setMechanisms(ProtonSaslAnonymousImpl.MECH_NAME); succeeded = false; }
@Override public void onSaslMechanisms(Sasl sasl, Transport transport) { dispatchMechanismsOffered(sasl.getRemoteMechanisms()); if (clientSASLMechanism == null) { log.infof("Outbound connection failed - unknown mechanism, offered mechanisms: %s", Arrays.asList(sasl.getRemoteMechanisms())); dispatchAuthFailed(); } else { sasl.setMechanisms(clientSASLMechanism.getName()); byte[] initialResponse = clientSASLMechanism.getInitialResponse(); if (initialResponse != null) { sasl.send(initialResponse, 0, initialResponse.length); } } }
public AmqpAuthenticator(AmqpTransport transport, Sasl sasl, BrokerService brokerService) { this.brokerService = brokerService; this.transport = transport; this.sasl = sasl; sasl.setMechanisms(mechanisms); sasl.server(); }
public void createServerSASL(String[] mechanisms) { Sasl sasl = transport.sasl(); sasl.server(); sasl.setMechanisms(mechanisms); sasl.setListener(this); }
ProtocolTracer protocolTracer = new EngineProtocolTracer(or.clientId); ((TransportImpl) transport).setProtocolTracer(protocolTracer); transport.setIdleTimeout(or.endpoint.getIdleTimeout()); transport.bind(protonConnection); Collector collector = Proton.collector(); protonConnection.setContainer(or.clientId); protonConnection.setHostname(or.endpoint.getHost()); protonConnection.open(); Sasl sasl = transport.sasl(); sasl.client(); if (or.endpoint.getUser() == null) { sasl.setMechanisms("ANONYMOUS"); } else { sasl.plain(or.endpoint.getUser(), or.endpoint.getPassword());
@Override public void run(Selectable selectable) { Reactor reactor = selectable.getReactor(); try { SocketChannel socketChannel = ((ServerSocketChannel)selectable.getChannel()).accept(); if (socketChannel == null) { throw new ReactorInternalException("Selectable readable, but no socket to accept"); } Handler handler = BaseHandler.getHandler(AcceptorImpl.this); if (handler == null) { handler = reactor.getHandler(); } Connection conn = reactor.connection(handler); Transport trans = Proton.transport(); Sasl sasl = trans.sasl(); sasl.server(); sasl.setMechanisms("ANONYMOUS"); sasl.done(SaslOutcome.PN_SASL_OK); trans.bind(conn); IOHandler.selectableTransport(reactor, socketChannel.socket(), trans); } catch(IOException ioException) { sel.error(); } } }
this.connectionRequest = connectRequest; protonTransport.setEmitFlowEventOnSend(false); protonTransport.setMaxFrameSize(getMaxFrameSize()); protonTransport.setOutboundFrameSizeLimit(getMaxFrameSize()); Sasl sasl = protonTransport.sasl(); sasl.client(); sasl.setRemoteHostname(hostname); sasl.setListener(new SaslListener() {
@Override public void process(final Handler<Boolean> completionHandler) { final String[] remoteMechanisms = sasl.getRemoteMechanisms(); if (remoteMechanisms.length == 0) { LOG.debug("client provided an empty list of SASL mechanisms [hostname: {}, state: {}]", sasl.getHostname(), sasl.getState().name()); completionHandler.handle(false); } else { final String chosenMechanism = remoteMechanisms[0]; LOG.debug("client wants to authenticate using SASL [mechanism: {}, host: {}, state: {}]", chosenMechanism, sasl.getHostname(), sasl.getState().name()); final Future<HonoUser> authTracker = Future.future(); authTracker.setHandler(s -> { if (s.succeeded()) { final HonoUser user = s.result(); LOG.debug("authentication of client [authorization ID: {}] succeeded", user.getName()); Constants.setClientPrincipal(protonConnection, user); succeeded = true; sasl.done(SaslOutcome.PN_SASL_OK); } else { LOG.debug("authentication failed: " + s.cause().getMessage()); sasl.done(SaslOutcome.PN_SASL_AUTH); } completionHandler.handle(Boolean.TRUE); }); final byte[] saslResponse = new byte[sasl.pending()]; sasl.recv(saslResponse, 0, saslResponse.length); verify(chosenMechanism, saslResponse, authTracker.completer()); } }
private SaslMechanism chooseSaslMechanismAndSendInit(Connection connection, InputStream in, OutputStream out) throws LoginException, IOException { Transport transport = connection.getTransport(); Sasl sasl = transport.sasl(); SaslMechanism mechanism = null; // read from network until we get a sasl-mechanisms readFromNetwork(connection, in, () -> sasl.getState() == PN_SASL_IDLE && sasl.getRemoteMechanisms().length == 0); for (SaslMechanismFactory factory : saslFactories) { if (Arrays.asList(sasl.getRemoteMechanisms()).contains(factory.getName())) { mechanism = factory.newInstance(callbackHandler, sharedState, options); if (mechanism != null) { sasl.setRemoteHostname(saslHostname); sasl.setMechanisms(factory.getName()); byte[] initialResponse = mechanism.getResponse(null); if (initialResponse != null && initialResponse.length != 0) { sasl.send(initialResponse, 0, initialResponse.length); } break; } } } if (mechanism == null) { throw new LoginException("Unable to authenticate using SASL delegation, no supported mechanisms"); } writeToNetwork(connection, out); return mechanism; }
private void handleOpen(Event event) { Connection connection = event.getConnection(); if (connection.getRemoteState() != EndpointState.UNINITIALIZED) { return; } Transport transport = Proton.transport(); Sasl sasl = transport.sasl(); sasl.client(); sasl.setMechanisms("ANONYMOUS"); transport.webSocket(); transport.bind(connection); }
protonTransport.setIdleTimeout(getIdleTimeout()); protonTransport.setMaxFrameSize(getMaxFrameSize()); protonTransport.setChannelMax(getChannelMax()); protonTransport.setEmitFlowEventOnSend(false); protonTransport.bind(getEndpoint()); Sasl sasl = protonTransport.sasl(); if (sasl != null) { sasl.client();
transport.setMaxFrameSize(maxFrameSizeOption); Sasl sasl = transport.sasl(); sasl.client(); sasl.setMechanisms("ANONYMOUS"); transport.bind(connection);
@Override public void process(final Handler<Boolean> completionHandler) { String[] remoteMechanisms = sasl.getRemoteMechanisms(); boolean done = false; Optional<SaslServerMechanism> mechanismImpl = ALL_MECHANISMS.stream().filter(m -> m.getName().equals(chosen)).findFirst(); if (mechanismImpl.isPresent()) { String saslHostname = sasl.getHostname(); if(saslHostname == null) { saslHostname = config.get("defaultDomain",""); sasl.done(Sasl.SaslOutcome.PN_SASL_SYS); done = true; if(sasl.pending()>0) { response = new byte[sasl.pending()]; sasl.recv(response, 0, response.length); } else { response = new byte[0]; if (!saslMechanism.isComplete() || (challenge != null && challenge.length > 0)) sasl.send(challenge, 0, challenge.length); sasl.done(Sasl.SaslOutcome.PN_SASL_OK); sasl.done(Sasl.SaslOutcome.PN_SASL_AUTH); sasl.done(Sasl.SaslOutcome.PN_SASL_SYS);
@Override public void createServerSASL(ServerSASL[] handlers) { this.serverSasl = transport.sasl(); saslHandlers = new HashMap<>(); String[] names = new String[handlers.length]; int count = 0; for (ServerSASL handler : handlers) { saslHandlers.put(handler.getName(), handler); names[count++] = handler.getName(); } this.serverSasl.server(); serverSasl.setMechanisms(names); }
private void performSaslSteps(Connection connection, InputStream in, OutputStream out, SaslMechanism mechanism) throws IOException, LoginException { Transport transport = connection.getTransport(); Sasl sasl = transport.sasl(); do { readFromNetwork(connection, in, () -> !(EnumSet.of(PN_SASL_PASS, PN_SASL_FAIL).contains(sasl.getState()) || (sasl.getState() == PN_SASL_STEP && sasl.pending() > 0))); if (sasl.pending() > 0) { byte[] challenge = new byte[sasl.pending()]; byte[] response = mechanism.getResponse(challenge); if (sasl.getState() == PN_SASL_STEP) { sasl.send(response, 0, response.length); writeToNetwork(connection, out); } } } while (sasl.getState() == PN_SASL_STEP); }
protected void checkServerSASL() { if (serverSasl != null && serverSasl.getRemoteMechanisms().length > 0) { // TODO: should we look at the first only? ServerSASL mechanism = saslHandlers.get(serverSasl.getRemoteMechanisms()[0]); if (mechanism != null) { byte[] dataSASL = new byte[serverSasl.pending()]; serverSasl.recv(dataSASL, 0, dataSASL.length); if (log.isTraceEnabled()) { log.trace("Working on sasl::" + ByteUtil.bytesToHex(dataSASL, 2)); } saslResult = mechanism.processSASL(dataSASL); if (saslResult != null && saslResult.isSuccess()) { serverSasl.done(Sasl.SaslOutcome.PN_SASL_OK); serverSasl = null; saslHandlers.clear(); saslHandlers = null; } else { serverSasl.done(Sasl.SaslOutcome.PN_SASL_AUTH); } serverSasl = null; } else { // no auth available, system error serverSasl.done(Sasl.SaslOutcome.PN_SASL_SYS); } } }
@Override public void handle(AmqpEvent event) { switch( event.type ) { case HEADER: AmqpHeader header = (AmqpHeader) event.decodedFrame; switch (header.getProtocolId()) { case 0: // amqpTransport.sendToAmqp(new AmqpHeader()); break; // nothing to do.. case 3: // Client will be using SASL for auth.. sasl = protonTransport.sasl(); // sasl.setMechanisms(new String[] { "ANONYMOUS", "PLAIN" }); sasl.server(); break; default: } processEvent(event); // Les send back the AMQP response headers so that the client // can send us the SASL init or AMQP open frames. Buffer buffer = toBuffer(protonTransport.getOutputBuffer()); protonTransport.outputConsumed(); socket.write(buffer); break; default: processEvent(event); } }
@Override public void createClientSasl(ClientSASL clientSASL) { if (clientSASL != null) { clientSasl = transport.sasl(); clientSasl.setMechanisms(clientSASL.getName()); byte[] initialSasl = clientSASL.getBytes(); clientSasl.send(initialSasl, 0, initialSasl.length); } }
if (sasl != null) sasl.server(); sasl.setMechanisms(new String[]{"ANONYMOUS"}); sasl.done(Sasl.SaslOutcome.PN_SASL_OK);