001: /*
002: * Copyright 1999-2003 Sun Microsystems, Inc. All Rights Reserved.
003: * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
004: *
005: * This code is free software; you can redistribute it and/or modify it
006: * under the terms of the GNU General Public License version 2 only, as
007: * published by the Free Software Foundation. Sun designates this
008: * particular file as subject to the "Classpath" exception as provided
009: * by Sun in the LICENSE file that accompanied this code.
010: *
011: * This code is distributed in the hope that it will be useful, but WITHOUT
012: * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
013: * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
014: * version 2 for more details (a copy is included in the LICENSE file that
015: * accompanied this code).
016: *
017: * You should have received a copy of the GNU General Public License version
018: * 2 along with this work; if not, write to the Free Software Foundation,
019: * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
020: *
021: * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
022: * CA 95054 USA or visit www.sun.com if you need additional information or
023: * have any questions.
024: */
025:
026: package com.sun.security.sasl;
027:
028: import javax.security.sasl.*;
029:
030: /**
031: * Implements the EXTERNAL SASL client mechanism.
032: * (<A HREF="ftp://ftp.isi.edu/in-notes/rfc2222.txt">RFC 2222</A>).
033: * The EXTERNAL mechanism returns the optional authorization ID as
034: * the initial response. It processes no challenges.
035: *
036: * @author Rosanna Lee
037: */
038: final class ExternalClient implements SaslClient {
039: private byte[] username;
040: private boolean completed = false;
041:
042: /**
043: * Constructs an External mechanism with optional authorization ID.
044: *
045: * @param authorizationID If non-null, used to specify authorization ID.
046: * @throws SaslException if cannot convert authorizationID into UTF-8
047: * representation.
048: */
049: ExternalClient(String authorizationID) throws SaslException {
050: if (authorizationID != null) {
051: try {
052: username = ((String) authorizationID).getBytes("UTF8");
053: } catch (java.io.UnsupportedEncodingException e) {
054: throw new SaslException("Cannot convert "
055: + authorizationID + " into UTF-8", e);
056: }
057: } else {
058: username = new byte[0];
059: }
060: }
061:
062: /**
063: * Retrieves this mechanism's name for initiating the "EXTERNAL" protocol
064: * exchange.
065: *
066: * @return The string "EXTERNAL".
067: */
068: public String getMechanismName() {
069: return "EXTERNAL";
070: }
071:
072: /**
073: * This mechanism has an initial response.
074: */
075: public boolean hasInitialResponse() {
076: return true;
077: }
078:
079: public void dispose() throws SaslException {
080: }
081:
082: /**
083: * Processes the challenge data.
084: * It returns the EXTERNAL mechanism's initial response,
085: * which is the authorization id encoded in UTF-8.
086: * This is the optional information that is sent along with the SASL command.
087: * After this method is called, isComplete() returns true.
088: *
089: * @param challengeData Ignored.
090: * @return The possible empty initial response.
091: * @throws SaslException If authentication has already been called.
092: */
093: public byte[] evaluateChallenge(byte[] challengeData)
094: throws SaslException {
095: if (completed) {
096: throw new IllegalStateException(
097: "EXTERNAL authentication already completed");
098: }
099: completed = true;
100: return username;
101: }
102:
103: /**
104: * Returns whether this mechanism is complete.
105: * @return true if initial response has been sent; false otherwise.
106: */
107: public boolean isComplete() {
108: return completed;
109: }
110:
111: /**
112: * Unwraps the incoming buffer.
113: *
114: * @throws SaslException Not applicable to this mechanism.
115: */
116: public byte[] unwrap(byte[] incoming, int offset, int len)
117: throws SaslException {
118: if (completed) {
119: throw new SaslException("EXTERNAL has no supported QOP");
120: } else {
121: throw new IllegalStateException(
122: "EXTERNAL authentication Not completed");
123: }
124: }
125:
126: /**
127: * Wraps the outgoing buffer.
128: *
129: * @throws SaslException Not applicable to this mechanism.
130: */
131: public byte[] wrap(byte[] outgoing, int offset, int len)
132: throws SaslException {
133: if (completed) {
134: throw new SaslException("EXTERNAL has no supported QOP");
135: } else {
136: throw new IllegalStateException(
137: "EXTERNAL authentication not completed");
138: }
139: }
140:
141: /**
142: * Retrieves the negotiated property.
143: * This method can be called only after the authentication exchange has
144: * completed (i.e., when <tt>isComplete()</tt> returns true); otherwise, a
145: * <tt>IllegalStateException</tt> is thrown.
146: *
147: * @return null No property is applicable to this mechanism.
148: * @exception IllegalStateException if this authentication exchange
149: * has not completed
150: */
151: public Object getNegotiatedProperty(String propName) {
152: if (completed) {
153: return null;
154: } else {
155: throw new IllegalStateException(
156: "EXTERNAL authentication not completed");
157: }
158: }
159: }
|