@Override public void onSaslChallenge(Sasl sasl, Transport transport) { int challengeSize = sasl.pending(); byte[] challenge = new byte[challengeSize]; sasl.recv(challenge, 0, challengeSize); byte[] response = clientSASLMechanism.getResponse(challenge); sasl.send(response, 0, response.length); }
@Override public void onSaslChallenge(Sasl sasl, Transport transport) { int challengeSize = sasl.pending(); byte[] challenge = new byte[challengeSize]; sasl.recv(challenge, 0, challengeSize); byte[] response = clientSASLMechanism.getResponse(challenge); sasl.send(response, 0, response.length); }
private void handleSaslStep() throws SaslException { if (sasl.pending() != 0) { byte[] challenge = new byte[sasl.pending()]; sasl.recv(challenge, 0, challenge.length); byte[] response = mechanism.getChallengeResponse(challenge); sasl.send(response, 0, response.length); } }
@Override public void createClientSasl(ClientSASL clientSASL) { if (clientSASL != null) { clientSasl = transport.sasl(); clientSasl.setMechanisms(clientSASL.getName()); byte[] initialSasl = clientSASL.getBytes(); clientSasl.send(initialSasl, 0, initialSasl.length); } }
private void handleSaslStep() throws SecurityException { try { if (sasl.pending() != 0) { byte[] challenge = new byte[sasl.pending()]; sasl.recv(challenge, 0, challenge.length); byte[] response = mechanism.getChallengeResponse(challenge); sasl.send(response, 0, response.length); } } catch (SaslException se) { // TODO - Better error message. SecurityException jmsse = new SecurityException("Exception while processing SASL step."); jmsse.initCause(se); throw jmsse; } }
/** * * @param sasl the Sasl object * @param transport the related transport */ public void onSaslChallenge(Sasl sasl, Transport transport) { if (sasl == null) { this.savedException = new IllegalArgumentException("Sasl cannot be null"); } else { // Codes_SRS_SASLLISTENERIMPL_34_004: [This function shall retrieve the sasl challenge from the provided sasl object.] byte[] saslChallenge = new byte[sasl.pending()]; sasl.recv(saslChallenge, 0, saslChallenge.length); // Codes_SRS_SASLLISTENERIMPL_34_005: [This function shall give the sasl challenge bytes to the saved saslHandler and send the payload it returns.] byte[] challengeResponse; try { challengeResponse = this.saslHandler.handleChallenge(saslChallenge); sasl.send(challengeResponse, 0, challengeResponse.length); } catch (Exception e) { //Codes_SRS_SASLLISTENERIMPL_34_014: [If any exception is thrown while the saslHandler handles the challenge, this function shall save that exception and shall not send the challenge response.] this.savedException = e; } } }
public void handleSaslChallenge(Sasl sasl, Transport transport) { try { if (sasl.pending() >= 0) { byte[] challenge = new byte[sasl.pending()]; sasl.recv(challenge, 0, challenge.length); byte[] response = mechanism.getChallengeResponse(challenge); if (response != null) { sasl.send(response, 0, response.length); } } } catch (Throwable error) { recordFailure("Exception while processing SASL step: " + error.getMessage(), error); } }
public void handleSaslChallenge(Sasl sasl, Transport transport) { try { if (sasl.pending() >= 0) { byte[] challenge = new byte[sasl.pending()]; sasl.recv(challenge, 0, challenge.length); byte[] response = mechanism.getChallengeResponse(challenge); if (response != null) { sasl.send(response, 0, response.length); } } } catch (Throwable error) { recordFailure("Exception while processing SASL step: " + error.getMessage(), error); } }
private void processPending(Sasl sasl) { byte[] dataSASL = new byte[sasl.pending()]; int received = sasl.recv(dataSASL, 0, dataSASL.length); if (log.isTraceEnabled()) { log.trace("Working on sasl, length:" + received); } byte[] response = chosenMechanism.processSASL(received != -1 ? dataSASL : null); if (response != null) { sasl.send(response, 0, response.length); } saslResult = chosenMechanism.result(); if (saslResult != null) { if (saslResult.isSuccess()) { saslComplete(sasl, Sasl.SaslOutcome.PN_SASL_OK); } else { saslComplete(sasl, Sasl.SaslOutcome.PN_SASL_AUTH); } } }
public void handleSaslMechanisms(Sasl sasl, Transport transport) { try { String[] remoteMechanisms = sasl.getRemoteMechanisms(); if (remoteMechanisms != null && remoteMechanisms.length != 0) { try { mechanism = mechanismFinder.apply(remoteMechanisms); } catch (JMSSecurityRuntimeException jmssre){ recordFailure("Could not find a suitable SASL mechanism. " + jmssre.getMessage(), jmssre); return; } byte[] response = mechanism.getInitialResponse(); if (response != null) { sasl.send(response, 0, response.length); } sasl.setMechanisms(mechanism.getName()); } } catch (Throwable error) { recordFailure("Exception while processing SASL init: " + error.getMessage(), error); } }
sasl.send(initMessage, 0, initMessage.length);
private void processPending(Sasl sasl) { byte[] dataSASL = new byte[sasl.pending()]; int received = sasl.recv(dataSASL, 0, dataSASL.length); if (log.isTraceEnabled()) { log.trace("Working on sasl, length:" + received); } byte[] response = chosenMechanism.processSASL(received != -1 ? dataSASL : null); if (response != null) { sasl.send(response, 0, response.length); } saslResult = chosenMechanism.result(); if (saslResult != null) { if (saslResult.isSuccess()) { saslComplete(sasl, Sasl.SaslOutcome.PN_SASL_OK); } else { saslComplete(sasl, Sasl.SaslOutcome.PN_SASL_AUTH); } } }
public void handleSaslMechanisms(Sasl sasl, Transport transport) { try { String[] remoteMechanisms = sasl.getRemoteMechanisms(); if (remoteMechanisms != null && remoteMechanisms.length != 0) { try { mechanism = mechanismFinder.apply(remoteMechanisms); } catch (JMSSecurityRuntimeException jmssre){ recordFailure("Could not find a suitable SASL mechanism. " + jmssre.getMessage(), jmssre); return; } byte[] response = mechanism.getInitialResponse(); if (response != null) { sasl.send(response, 0, response.length); } sasl.setMechanisms(mechanism.getName()); } } catch (Throwable error) { recordFailure("Exception while processing SASL init: " + error.getMessage(), error); } }
@Override public void onSaslMechanisms(Sasl sasl, Transport transport) { dispatchMechanismsOffered(sasl.getRemoteMechanisms()); if (clientSASLMechanism == null) { log.infof("Outbound connection failed - unknown mechanism, offered mechanisms: %s", Arrays.asList(sasl.getRemoteMechanisms())); dispatchAuthFailed(); } else { sasl.setMechanisms(clientSASLMechanism.getName()); byte[] initialResponse = clientSASLMechanism.getInitialResponse(); if (initialResponse != null) { sasl.send(initialResponse, 0, initialResponse.length); } } }
@Override public void onSaslMechanisms(Sasl sasl, Transport transport) { dispatchMechanismsOffered(sasl.getRemoteMechanisms()); if (clientSASLMechanism == null) { log.infof("Outbound connection failed - unknown mechanism, offered mechanisms: %s", Arrays.asList(sasl.getRemoteMechanisms())); dispatchAuthFailed(); } else { sasl.setMechanisms(clientSASLMechanism.getName()); byte[] initialResponse = clientSASLMechanism.getInitialResponse(); if (initialResponse != null) { sasl.send(initialResponse, 0, initialResponse.length); } } }
sasl.send(buffer.data, buffer.offset, buffer.length); } else if (mechanisims.contains("ANONYMOUS")) { authSent = true; sasl.setMechanisms(new String[]{"ANONYMOUS"}); sasl.send(new byte[0], 0, 0); } else { next.onFailure(Support.illegalState("Remote does not support plain password authentication."));
private void handleSaslInit() throws SecurityException { try { String[] remoteMechanisms = sasl.getRemoteMechanisms(); if (remoteMechanisms != null && remoteMechanisms.length != 0) { mechanism = findMatchingMechanism(remoteMechanisms); if (mechanism != null) { mechanism.setUsername(username); mechanism.setPassword(password); mechanism.setAuthzid(authzid); // TODO - set additional options from URI. // TODO - set a host value. sasl.setMechanisms(mechanism.getName()); byte[] response = mechanism.getInitialResponse(); if (response != null && response.length != 0) { sasl.send(response, 0, response.length); } } else { // TODO - Better error message. throw new SecurityException("Could not find a matching SASL mechanism for the remote peer."); } } } catch (SaslException se) { // TODO - Better error message. SecurityException jmsse = new SecurityException("Exception while processing SASL init."); jmsse.initCause(se); throw jmsse; } }
private void performSaslSteps(Connection connection, InputStream in, OutputStream out, SaslMechanism mechanism) throws IOException, LoginException { Transport transport = connection.getTransport(); Sasl sasl = transport.sasl(); do { readFromNetwork(connection, in, () -> !(EnumSet.of(PN_SASL_PASS, PN_SASL_FAIL).contains(sasl.getState()) || (sasl.getState() == PN_SASL_STEP && sasl.pending() > 0))); if (sasl.pending() > 0) { byte[] challenge = new byte[sasl.pending()]; byte[] response = mechanism.getResponse(challenge); if (sasl.getState() == PN_SASL_STEP) { sasl.send(response, 0, response.length); writeToNetwork(connection, out); } } } while (sasl.getState() == PN_SASL_STEP); }
private SaslMechanism chooseSaslMechanismAndSendInit(Connection connection, InputStream in, OutputStream out) throws LoginException, IOException { Transport transport = connection.getTransport(); Sasl sasl = transport.sasl(); SaslMechanism mechanism = null; // read from network until we get a sasl-mechanisms readFromNetwork(connection, in, () -> sasl.getState() == PN_SASL_IDLE && sasl.getRemoteMechanisms().length == 0); for (SaslMechanismFactory factory : saslFactories) { if (Arrays.asList(sasl.getRemoteMechanisms()).contains(factory.getName())) { mechanism = factory.newInstance(callbackHandler, sharedState, options); if (mechanism != null) { sasl.setRemoteHostname(saslHostname); sasl.setMechanisms(factory.getName()); byte[] initialResponse = mechanism.getResponse(null); if (initialResponse != null && initialResponse.length != 0) { sasl.send(initialResponse, 0, initialResponse.length); } break; } } } if (mechanism == null) { throw new LoginException("Unable to authenticate using SASL delegation, no supported mechanisms"); } writeToNetwork(connection, out); return mechanism; }
private void handleSaslInit() throws SaslException { String[] remoteMechanisms = sasl.getRemoteMechanisms(); if (remoteMechanisms != null && remoteMechanisms.length != 0) { mechanism = ProtonSaslMechanismFinderImpl.findMatchingMechanism(username, password, mechanismsRestriction, remoteMechanisms); if (mechanism != null) { mechanism.setUsername(username); mechanism.setPassword(password); sasl.setMechanisms(mechanism.getName()); byte[] response = mechanism.getInitialResponse(); if (response != null) { sasl.send(response, 0, response.length); } } else { throw new SaslSystemException( true, "Could not find a suitable SASL mechanism for the remote peer using the available credentials."); } } }