Package com.unboundid.directory.sdk.ds.api

Class SASLMechanismHandler

    • Constructor Summary

      Constructors 
      Constructor Description
      SASLMechanismHandler()
      Creates a new instance of this SASL mechanism handler.

    • Method Summary

      All Methods Instance Methods Abstract Methods Concrete Methods 
      Modifier and Type Method Description
      ResultCode applyConfiguration​(SASLMechanismHandlerConfig config, ArgumentParser parser, java.util.List<java.lang.String> adminActionsRequired, java.util.List<java.lang.String> messages)
      Attempts to apply the configuration from the provided argument parser to this extension.
      void defineConfigArguments​(ArgumentParser parser)
      Updates the provided argument parser to define any configuration arguments which may be used by this extension.
      void finalizeSASLMechanismHandler()
      Performs any cleanup which may be necessary when this SASL mechanism handler is to be taken out of service.
      java.util.Map<java.util.List<java.lang.String>,​java.lang.String> getExamplesArgumentSets()
      Retrieves a map containing examples of configurations that may be used for this extension.
      abstract java.lang.String[] getExtensionDescription()
      Retrieves a human-readable description for this extension.
      abstract java.lang.String getExtensionName()
      Retrieves a human-readable name for this extension.
      abstract java.util.List<java.lang.String> getSASLMechanismNames()
      Retrieves a list of the names of the SASL mechanisms supported by this SASL mechanism handler.
      void initializeSASLMechanismHandler​(DirectoryServerContext serverContext, SASLMechanismHandlerConfig config, ArgumentParser parser)
      Initializes this SASL mechanism handler.
      boolean isConfigurationAcceptable​(SASLMechanismHandlerConfig config, ArgumentParser parser, java.util.List<java.lang.String> unacceptableReasons)
      Indicates whether the configuration represented by the provided argument parser is acceptable for use by this extension.
      java.lang.Boolean isMechanismAvailableForUser​(java.lang.String mechanism, java.lang.String passwordAttribute, Entry userEntry)
      Indicates whether the specified SASL mechanism, which is listed as supported by this handler, is available for use by the given user.
      java.lang.Boolean isMultiStageMechanism​(java.lang.String mechanism)
      Indicates whether the specified SASL mechanism may require multiple stages to process.
      abstract boolean isPasswordBased​(java.lang.String mechanism)
      Indicates whether the SASL authentication process using the specified mechanism involves the use of a password stored locally in the server (optionally in combination with other forms of credentials).
      abstract boolean isSecure​(java.lang.String mechanism)
      Indicates whether the SASL authentication process using the specified mechanism may be considered secure (i.e., that a third party able to observe the communication, potentially over an insecure communication channel, would not be able to reproduce the authentication process).
      abstract SASLBindResult processSASLBind​(OperationContext operationContext, SASLBindRequest bindRequest, SASLBindResultFactory resultFactory)
      Performs the appropriate processing for the provided SASL bind request.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • SASLMechanismHandler

        public SASLMechanismHandler()
        Creates a new instance of this SASL mechanism handler. All SASL mechanism handler implementations must include a default constructor, but any initialization should generally be done in the initializeSASLMechanismHandler method.

    • Method Detail

      • getExtensionDescription

        public abstract java.lang.String[] getExtensionDescription()
        Retrieves a human-readable description for this extension. Each element of the array that is returned will be considered a separate paragraph in generated documentation.
        Specified by:
        getExtensionDescription in interface UnboundIDExtension
        Returns:
        A human-readable description for this extension, or null or an empty array if no description should be available.

      • defineConfigArguments

        public void defineConfigArguments​(ArgumentParser parser)
                           throws ArgumentException
        Updates the provided argument parser to define any configuration arguments which may be used by this extension. The argument parser may also be updated to define relationships between arguments (e.g., to specify required, exclusive, or dependent argument sets).
        Specified by:
        defineConfigArguments in interface Configurable
        Parameters:
        parser - The argument parser to be updated with the configuration arguments which may be used by this extension.
        Throws:
        ArgumentException - If a problem is encountered while updating the provided argument parser.

      • initializeSASLMechanismHandler

        public void initializeSASLMechanismHandler​(DirectoryServerContext serverContext,
                                           SASLMechanismHandlerConfig config,
                                           ArgumentParser parser)
                                    throws LDAPException
        Initializes this SASL mechanism handler.
        Parameters:
        serverContext - A handle to the server context for the server in which this extension is running.
        config - The general configuration for this SASL mechanism handler.
        parser - The argument parser which has been initialized from the configuration for this SASL mechanism handler.
        Throws:
        LDAPException - If a problem occurs while initializing this SASL mechanism handler.

      • isConfigurationAcceptable

        public boolean isConfigurationAcceptable​(SASLMechanismHandlerConfig config,
                                         ArgumentParser parser,
                                         java.util.List<java.lang.String> unacceptableReasons)
        Indicates whether the configuration represented by the provided argument parser is acceptable for use by this extension. The parser will have been used to parse any configuration available for this extension, and any automatic validation will have been performed. This method may be used to perform any more complex validation which cannot be performed automatically by the argument parser.
        Specified by:
        isConfigurationAcceptable in interface Reconfigurable<SASLMechanismHandlerConfig>
        Parameters:
        config - The general configuration for this extension.
        parser - The argument parser that has been used to parse the proposed configuration for this extension.
        unacceptableReasons - A list to which messages may be added to provide additional information about why the provided configuration is not acceptable.
        Returns:
        true if the configuration in the provided argument parser appears to be acceptable, or false if not.

      • applyConfiguration

        public ResultCode applyConfiguration​(SASLMechanismHandlerConfig config,
                                     ArgumentParser parser,
                                     java.util.List<java.lang.String> adminActionsRequired,
                                     java.util.List<java.lang.String> messages)
        Attempts to apply the configuration from the provided argument parser to this extension.
        Specified by:
        applyConfiguration in interface Reconfigurable<SASLMechanismHandlerConfig>
        Parameters:
        config - The general configuration for this extension.
        parser - The argument parser that has been used to parse the new configuration for this extension.
        adminActionsRequired - A list to which messages may be added to provide additional information about any additional administrative actions that may be required to apply some of the configuration changes.
        messages - A list to which messages may be added to provide additional information about the processing performed by this method.
        Returns:
        A result code providing information about the result of applying the configuration change. A result of SUCCESS should be used to indicate that all processing completed successfully. Any other result will indicate that a problem occurred during processing.

      • finalizeSASLMechanismHandler

        public void finalizeSASLMechanismHandler()
        Performs any cleanup which may be necessary when this SASL mechanism handler is to be taken out of service.

      • isSecure

        public abstract boolean isSecure​(java.lang.String mechanism)
        Indicates whether the SASL authentication process using the specified mechanism may be considered secure (i.e., that a third party able to observe the communication, potentially over an insecure communication channel, would not be able to reproduce the authentication process).
        Parameters:
        mechanism - The name of the mechanism for which to make the determination. This will only be invoked with names of mechanisms returned by the getSASLMechanismNames() method.
        Returns:
        true if the specified SASL mechanism should be considered secure, or false if not.

      • isPasswordBased

        public abstract boolean isPasswordBased​(java.lang.String mechanism)
        Indicates whether the SASL authentication process using the specified mechanism involves the use of a password stored locally in the server (optionally in combination with other forms of credentials).
        Parameters:
        mechanism - The name of the mechanism for which to make the determination. This will only be invoked with names of mechanisms returned by the getSASLMechanismNames() method.
        Returns:
        true if the specified SASL mechanism makes use of a local password, or false if not.

      • processSASLBind

        public abstract SASLBindResult processSASLBind​(OperationContext operationContext,
                                               SASLBindRequest bindRequest,
                                               SASLBindResultFactory resultFactory)
        Performs the appropriate processing for the provided SASL bind request.
        Parameters:
        operationContext - The context for the bind operation.
        bindRequest - The SASL bind request to be processed.
        resultFactory - A factory object that will be used to construct the result to return.
        Returns:
        An object with information about the result of the SASL bind processing.

      • getExamplesArgumentSets

        public java.util.Map<java.util.List<java.lang.String>,​java.lang.String> getExamplesArgumentSets()
        Retrieves a map containing examples of configurations that may be used for this extension. The map key should be a list of sample arguments, and the corresponding value should be a description of the behavior that will be exhibited by the extension when used with that configuration.
        Specified by:
        getExamplesArgumentSets in interface ExampleUsageProvider
        Returns:
        A map containing examples of configurations that may be used for this extension. It may be null or empty if there should not be any example argument sets.

      • isMechanismAvailableForUser

        public java.lang.Boolean isMechanismAvailableForUser​(java.lang.String mechanism,
                                                     java.lang.String passwordAttribute,
                                                     Entry userEntry)
        Indicates whether the specified SASL mechanism, which is listed as supported by this handler, is available for use by the given user.
        Parameters:
        mechanism - The name of the SASL mechanism for which to make the determination. It will be one of the mechanisms for which this handler is registered.
        passwordAttribute - The name of the attribute used to hold the password for the user.
        userEntry - The entry for the user for whom to make the determination.
        Returns:
        true if the SASL mechanism is supported for the user, false if not, or null if it could not be determined.

      • isMultiStageMechanism

        public java.lang.Boolean isMultiStageMechanism​(java.lang.String mechanism)
        Indicates whether the specified SASL mechanism may require multiple stages to process.
        Parameters:
        mechanism - The mechanism for which to make the determination.
        Returns:
        true if the specified SASL mechanism may require multiple stages to process, false if not, or null if the answer is not known for the specified mechanism.