@Override public void init(NetSocket socket, ProtonConnection protonConnection, Transport transport) { this.sasl = transport.sasl(); sasl.server(); sasl.allowSkip(false); sasl.setMechanisms(ProtonSaslAnonymousImpl.MECH_NAME); succeeded = false; }
@Override public void init(final NetSocket socket, final ProtonConnection protonConnection, final Transport transport) { LOG.debug("initializing SASL authenticator"); this.protonConnection = protonConnection; this.sasl = transport.sasl(); // TODO determine supported mechanisms dynamically based on registered AuthenticationService implementations sasl.server(); sasl.allowSkip(false); sasl.setMechanisms(MECHANISM_EXTERNAL, MECHANISM_PLAIN); if (socket.isSsl()) { LOG.debug("client connected using TLS, extracting client certificate chain"); try { peerCertificateChain = socket.peerCertificateChain(); LOG.debug("found valid client certificate DN [{}]", peerCertificateChain[0].getSubjectDN()); } catch (SSLPeerUnverifiedException e) { LOG.debug("could not extract client certificate chain, maybe TLS based client auth is not required"); } } }
@Override public void init(final NetSocket socket, final ProtonConnection protonConnection, final Transport transport) { LOG.debug("initializing SASL authenticator"); this.protonConnection = protonConnection; this.sasl = transport.sasl(); sasl.server(); sasl.allowSkip(false); sasl.setMechanisms(AuthenticationConstants.MECHANISM_PLAIN, AuthenticationConstants.MECHANISM_EXTERNAL); if (socket.isSsl()) { LOG.trace("Client connected through a secured port"); try { peerCertificateChain = socket.sslSession().getPeerCertificates(); } catch (SSLPeerUnverifiedException e) { LOG.debug("Device's Identity cannot be verified: " + e.getMessage()); } } }
@Override public void init(final NetSocket socket, final ProtonConnection protonConnection, final Transport transport) { LOG.debug("initializing SASL authenticator"); this.protonConnection = protonConnection; this.sasl = transport.sasl(); // TODO determine supported mechanisms dynamically based on registered AuthenticationService implementations sasl.server(); sasl.allowSkip(false); sasl.setMechanisms(MECHANISM_EXTERNAL, MECHANISM_PLAIN); if (socket.isSsl()) { LOG.debug("client connected using TLS, extracting client certificate chain"); try { peerCertificateChain = socket.peerCertificateChain(); LOG.debug("found valid client certificate DN [{}]", peerCertificateChain[0].getSubjectDN()); } catch (final SSLPeerUnverifiedException e) { LOG.debug("could not extract client certificate chain, maybe TLS based client auth is not required"); } } }
@Override public void init(final NetSocket socket, final ProtonConnection protonConnection, final Transport transport) { LOG.debug("initializing SASL authenticator"); this.protonConnection = protonConnection; this.sasl = transport.sasl(); // TODO determine supported mechanisms dynamically based on registered AuthenticationService implementations sasl.server(); sasl.allowSkip(false); sasl.setMechanisms(MECHANISM_EXTERNAL, MECHANISM_PLAIN); if (socket.isSsl()) { LOG.debug("client connected using TLS, extracting client certificate chain"); try { peerCertificateChain = socket.peerCertificateChain(); LOG.debug("found valid client certificate DN [{}]", peerCertificateChain[0].getSubjectDN()); } catch (final SSLPeerUnverifiedException e) { LOG.debug("could not extract client certificate chain, maybe TLS based client auth is not required"); } } }
@Override public void init(final NetSocket socket, final ProtonConnection protonConnection, final Transport transport) { // allow for frames bigger than 512 bytes to support mechanisms that send (for instance) tokens transport.setInitialRemoteMaxFrameSize(1024*1024); this.sasl = transport.sasl(); sasl.server(); sasl.allowSkip(false); sasl.setMechanisms(getValidMechanisms(getPasswordHashAlgorithms())); connection = protonConnection; }