public byte[] evaluateResponse(byte[] response) throws SaslException { return saslServer.evaluateResponse(response); }
public byte[] evaluateResponse(final byte[] response) throws SaslException { return delegate.evaluateResponse(response); }
public byte[] evaluateResponse(byte[] response) throws SaslException { return saslServer.evaluateResponse(response); }
public byte[] evaluateResponse(byte[] response) throws SaslException { return saslServer.evaluateResponse(response); }
public byte[] run() { try { LOG.debug("response: Responding to input token of length: {}", token.length); byte[] retval = saslServer.evaluateResponse(token); return retval; } catch (SaslException e) { LOG.error("response: Failed to evaluate client token of length: {} : {}", token.length, e); throw new RuntimeException(e); } } });
/** * Used by SaslTokenMessage::processToken() to respond to server SASL tokens. * * @param token Server's SASL token * @return token to send back to the server. */ public byte[] response(byte[] token) { try { LOG.debug("response: Responding to input token of length: {}", token.length); byte[] retval = saslServer.evaluateResponse(token); LOG.debug("response: Response token length: {}", retval.length); return retval; } catch (SaslException e) { LOG.error("response: Failed to evaluate client token of length: {} : {}", token.length, e); return null; } }
public byte[] evaluateResponse(final byte[] response) throws SaslException { try { return doPrivileged((PrivilegedExceptionAction<byte[]>) () -> delegate.evaluateResponse(response), accessControlContext); } catch (PrivilegedActionException pae) { try { throw pae.getCause(); } catch (SaslException | RuntimeException | Error e) { throw e; } catch (Throwable throwable) { throw new UndeclaredThrowableException(throwable); } } }
@Override protected Rpc.SaslMessage update(Rpc.SaslMessage challenge) throws IOException { if (clientId == null) { Preconditions.checkArgument(challenge.clientId != null, "Missing client ID in SASL handshake."); clientId = challenge.clientId; client = pendingClients.get(clientId); Preconditions.checkArgument(client != null, "Unexpected client ID '%s' in SASL handshake.", clientId); } return new Rpc.SaslMessage(server.evaluateResponse(challenge.payload)); }
public byte[] evaluate(byte[] buf) throws SaslException { if (client != null) return client.evaluateChallenge(buf); else return server.evaluateResponse(buf); }
/** * Evaluate a sasl response. If the result is non-{@code null} then the negotiation is not yet complete and the data * returned needs to be sent to the server as a response. If the result is {@code null} * then negotiation was successful and no response needs to be sent to the client (other than a successful completion * message, depending on the protocol). * <p> * The {@code source} buffer should have its position and remaining length set to encompass exactly one SASL * message. The SASL message itself does not encode any length information so it is up to the protocol implementer * to ensure that the message is properly framed. * * @param server the SASL server to use to evaluate the response message * @param source the source buffer from which the response message should be read * @return {@code true} if negotiation is complete and successful, {@code false} otherwise * @throws SaslException if negotiation failed or another error occurred */ public static byte[] evaluateResponse(final SaslServer server, final ByteBuffer source) throws SaslException { return server.evaluateResponse(source.hasRemaining() ? Buffers.take(source) : EMPTY_BYTES); }
@Override public byte[] evaluateResponse(final byte[] response) throws SaslException { try { final byte[] challenge = delegate.evaluateResponse(response); if (isComplete() && complete.compareAndSet(false, true)) try { cbh.handle(new Callback[] { AuthenticationCompleteCallback.SUCCEEDED }); } catch (Throwable ignored) { } return challenge; } catch (SaslException | RuntimeException | Error e) { if (isComplete() && complete.compareAndSet(false, true)) try { cbh.handle(new Callback[] { AuthenticationCompleteCallback.FAILED }); } catch (Throwable ignored) { } throw e; } }
public byte[] evaluateResponse(final byte[] response) throws SaslException { final byte[] challenge = delegate.evaluateResponse(response); if (isComplete() && complete.compareAndSet(false, true)) try { final SecurityIdentityCallback ric = new SecurityIdentityCallback(); cbh.handle(new Callback[] { ric }); securityIdentity = ric.getSecurityIdentity(); } catch (Throwable ignored) { } return challenge; }
private RpcSaslProto processSaslToken(RpcSaslProto saslMessage) throws SaslException { if (!saslMessage.hasToken()) { throw new SaslException("Client did not send a token"); } byte[] saslToken = saslMessage.getToken().toByteArray(); if (LOG.isDebugEnabled()) { LOG.debug("Have read input token of size " + saslToken.length + " for processing by saslServer.evaluateResponse()"); } saslToken = saslServer.evaluateResponse(saslToken); return buildSaslResponse( saslServer.isComplete() ? SaslState.SUCCESS : SaslState.CHALLENGE, saslToken); }
@Override public Message nextMessage(Address address, SaslHeader header) throws SaslException { Message message = new Message(address).setFlag(Message.Flag.OOB); byte[] challenge = server.evaluateResponse(header.getPayload()); if (server.isComplete()) { latch.countDown(); } if (challenge != null) { return message.putHeader(SASL.SASL_ID, new SaslHeader(Type.CHALLENGE, challenge)); } else { return null; } }
@Override public SaslMessage handleSaslMessage(SaslMessage message) throws SaslException { switch (message.getMessageType()) { case CHALLENGE: byte[] saslResponse = mSaslServer.evaluateResponse(message.getMessage().toByteArray()); SaslMessage.Builder response = SaslMessage.newBuilder(); if (mSaslServer.isComplete()) { response.setMessageType(SaslMessageType.SUCCESS); } else { response.setMessageType(SaslMessageType.CHALLENGE); } if (saslResponse != null) { response.setMessage(ByteString.copyFrom(saslResponse)); } return response.build(); default: throw new SaslException( "Server can't process Sasl message type:" + message.getMessageType().name()); } } }
@Override public synchronized byte[] evaluateResponse(final byte[] response) throws SaslException { if (terminated) { throw sasl.mechServerTimedOut().toSaslException(); } try { final byte[] challenge = delegate.evaluateResponse(response); if (isComplete() && ! complete) { complete = true; cancelTimeoutTask(); } return challenge; } catch (SaslException | RuntimeException | Error e) { if (isComplete() && ! complete) { complete = true; cancelTimeoutTask(); } throw e; } }
/** * Tests the {@link PlainSaslServer#evaluateResponse(byte[])} method when the user is not set. */ @Test public void userIsNotSet() throws Exception { mThrown.expect(SaslException.class); mThrown.expectMessage("Plain authentication failed: No authentication identity provided"); mPlainSaslServer.evaluateResponse(getUserInfo("", "anonymous")); }
/** * Tests the {@link PlainSaslServer#evaluateResponse(byte[])} method when the password is not set. */ @Test public void passwordIsNotSet() throws Exception { mThrown.expect(SaslException.class); mThrown.expectMessage("Plain authentication failed: No password provided"); mPlainSaslServer.evaluateResponse(getUserInfo("alluxio", "")); }
/** * Tests the {@link PlainSaslServer#getAuthorizationID()} to retrieve the correct user. */ @Test public void userPasswordReceive() throws Exception { String testUser = "alluxio"; String password = "anonymous"; mPlainSaslServer.evaluateResponse(getUserInfo(testUser, password)); Assert.assertEquals(testUser, mPlainSaslServer.getAuthorizationID()); }
/** * Tests the {@link PlainSaslServer#evaluateResponse(byte[])} method when AuthorizeCallback is * not authorized. */ @Test public void unauthorizedCallback() throws Exception { String testUser = "alluxio"; String password = "anonymous"; mPlainSaslServer = new PlainSaslServer.Factory().createSaslServer( PlainSaslServerProvider.MECHANISM, null, null, null, new MockCallbackHandlerUnauthorized()); mThrown.expect(SaslException.class); mThrown.expectMessage("Plain authentication failed: AuthorizeCallback authorized failure"); mPlainSaslServer.evaluateResponse(getUserInfo(testUser, password)); } }