@Extensible @DirectoryServerExtension @DirectoryProxyServerExtension(appliesToLocalContent=true, appliesToRemoteContent=true, notes="Any SASL bind requests received by the Directory Proxy Server will be processed by the Directory Proxy Server itself rather than being forwarded to backend servers. However, a SASL mechanism handler running in the Directory Proxy Server may perform internal operations which reference content in the backend servers as if it was contained locally in the server.") @SynchronizationServerExtension(appliesToLocalContent=true, appliesToSynchronizedContent=false) @ThreadSafety(level=INTERFACE_THREADSAFE) public abstract class SASLMechanismHandler extends java.lang.Object implements UnboundIDExtension, Reconfigurable<SASLMechanismHandlerConfig>, ExampleUsageProvider
dsconfig create-sasl-mechanism-handler \ --handler-name "{handler-name}" \ --type third-party \ --set enabled:true \ --set "extension-class:{class-name}" \ --set "extension-argument:{name=value}"where "{handler-name}" is the name to use for the SASL mechanism handler instance, "{class-name}" is the fully-qualified name of the Java class that extends
com.unboundid.directory.sdk.ds.api.SASLMechanismHandler
, and
"{name=value}" represents name-value pairs for any arguments to
provide to the handler. If multiple arguments should be provided to the SASL
mechanism handler, then the
"--set extension-argument:{name=value}
" option should be
provided multiple times.Constructor and Description |
---|
SASLMechanismHandler()
Creates a new instance of this SASL mechanism handler.
|
Modifier and Type | Method and Description |
---|---|
ResultCode |
applyConfiguration(SASLMechanismHandlerConfig config,
ArgumentParser parser,
java.util.List<java.lang.String> adminActionsRequired,
java.util.List<java.lang.String> messages)
Attempts to apply the configuration from the provided argument parser to
this extension.
|
void |
defineConfigArguments(ArgumentParser parser)
Updates the provided argument parser to define any configuration arguments
which may be used by this extension.
|
void |
finalizeSASLMechanismHandler()
Performs any cleanup which may be necessary when this SASL mechanism
handler is to be taken out of service.
|
java.util.Map<java.util.List<java.lang.String>,java.lang.String> |
getExamplesArgumentSets()
Retrieves a map containing examples of configurations that may be used for
this extension.
|
abstract java.lang.String[] |
getExtensionDescription()
Retrieves a human-readable description for this extension.
|
abstract java.lang.String |
getExtensionName()
Retrieves a human-readable name for this extension.
|
abstract java.util.List<java.lang.String> |
getSASLMechanismNames()
Retrieves a list of the names of the SASL mechanisms supported by this
SASL mechanism handler.
|
void |
initializeSASLMechanismHandler(DirectoryServerContext serverContext,
SASLMechanismHandlerConfig config,
ArgumentParser parser)
Initializes this SASL mechanism handler.
|
boolean |
isConfigurationAcceptable(SASLMechanismHandlerConfig config,
ArgumentParser parser,
java.util.List<java.lang.String> unacceptableReasons)
Indicates whether the configuration represented by the provided argument
parser is acceptable for use by this extension.
|
java.lang.Boolean |
isMechanismAvailableForUser(java.lang.String mechanism,
java.lang.String passwordAttribute,
Entry userEntry)
Indicates whether the specified SASL mechanism, which is listed as
supported by this handler, is available for use by the given user.
|
java.lang.Boolean |
isMultiStageMechanism(java.lang.String mechanism)
Indicates whether the specified SASL mechanism may require multiple stages
to process.
|
abstract boolean |
isPasswordBased(java.lang.String mechanism)
Indicates whether the SASL authentication process using the specified
mechanism involves the use of a password stored locally in the server
(optionally in combination with other forms of credentials).
|
abstract boolean |
isSecure(java.lang.String mechanism)
Indicates whether the SASL authentication process using the specified
mechanism may be considered secure (i.e., that a third party able to
observe the communication, potentially over an insecure communication
channel, would not be able to reproduce the authentication process).
|
abstract SASLBindResult |
processSASLBind(OperationContext operationContext,
SASLBindRequest bindRequest,
SASLBindResultFactory resultFactory)
Performs the appropriate processing for the provided SASL bind request.
|
public SASLMechanismHandler()
initializeSASLMechanismHandler
method.public abstract java.lang.String getExtensionName()
getExtensionName
in interface UnboundIDExtension
public abstract java.lang.String[] getExtensionDescription()
getExtensionDescription
in interface UnboundIDExtension
null
or an empty array if no description should be available.public void defineConfigArguments(ArgumentParser parser) throws ArgumentException
defineConfigArguments
in interface Configurable
parser
- The argument parser to be updated with the configuration
arguments which may be used by this extension.ArgumentException
- If a problem is encountered while updating the
provided argument parser.public void initializeSASLMechanismHandler(DirectoryServerContext serverContext, SASLMechanismHandlerConfig config, ArgumentParser parser) throws LDAPException
serverContext
- A handle to the server context for the server in
which this extension is running.config
- The general configuration for this SASL mechanism
handler.parser
- The argument parser which has been initialized from
the configuration for this SASL mechanism handler.LDAPException
- If a problem occurs while initializing this SASL
mechanism handler.public boolean isConfigurationAcceptable(SASLMechanismHandlerConfig config, ArgumentParser parser, java.util.List<java.lang.String> unacceptableReasons)
isConfigurationAcceptable
in interface Reconfigurable<SASLMechanismHandlerConfig>
config
- The general configuration for this extension.parser
- The argument parser that has been used to
parse the proposed configuration for this
extension.unacceptableReasons
- A list to which messages may be added to
provide additional information about why the
provided configuration is not acceptable.true
if the configuration in the provided argument parser
appears to be acceptable, or false
if not.public ResultCode applyConfiguration(SASLMechanismHandlerConfig config, ArgumentParser parser, java.util.List<java.lang.String> adminActionsRequired, java.util.List<java.lang.String> messages)
applyConfiguration
in interface Reconfigurable<SASLMechanismHandlerConfig>
config
- The general configuration for this extension.parser
- The argument parser that has been used to
parse the new configuration for this
extension.adminActionsRequired
- A list to which messages may be added to
provide additional information about any
additional administrative actions that may
be required to apply some of the
configuration changes.messages
- A list to which messages may be added to
provide additional information about the
processing performed by this method.SUCCESS
should be
used to indicate that all processing completed successfully. Any
other result will indicate that a problem occurred during
processing.public void finalizeSASLMechanismHandler()
public abstract java.util.List<java.lang.String> getSASLMechanismNames()
initializeSASLMechanismHandler(com.unboundid.directory.sdk.ds.types.DirectoryServerContext, com.unboundid.directory.sdk.ds.config.SASLMechanismHandlerConfig, com.unboundid.util.args.ArgumentParser)
method is called.public abstract boolean isSecure(java.lang.String mechanism)
mechanism
- The name of the mechanism for which to make the
determination. This will only be invoked with names of
mechanisms returned by the
getSASLMechanismNames()
method.true
if the specified SASL mechanism should be considered
secure, or false
if not.public abstract boolean isPasswordBased(java.lang.String mechanism)
mechanism
- The name of the mechanism for which to make the
determination. This will only be invoked with names of
mechanisms returned by the
getSASLMechanismNames()
method.true
if the specified SASL mechanism makes use of a local
password, or false
if not.public abstract SASLBindResult processSASLBind(OperationContext operationContext, SASLBindRequest bindRequest, SASLBindResultFactory resultFactory)
operationContext
- The context for the bind operation.bindRequest
- The SASL bind request to be processed.resultFactory
- A factory object that will be used to construct
the result to return.public java.util.Map<java.util.List<java.lang.String>,java.lang.String> getExamplesArgumentSets()
getExamplesArgumentSets
in interface ExampleUsageProvider
null
or empty if there should
not be any example argument sets.public java.lang.Boolean isMechanismAvailableForUser(java.lang.String mechanism, java.lang.String passwordAttribute, Entry userEntry)
mechanism
- The name of the SASL mechanism for which to make
the determination. It will be one of the
mechanisms for which this handler is registered.passwordAttribute
- The name of the attribute used to hold the
password for the user.userEntry
- The entry for the user for whom to make the
determination.true
if the SASL mechanism is supported for the user,
false
if not, or null
if it could not be
determined.public java.lang.Boolean isMultiStageMechanism(java.lang.String mechanism)
mechanism
- The mechanism for which to make the determination.true
if the specified SASL mechanism may require multiple
stages to process, false
if not, or null
if the
answer is not known for the specified mechanism.