예제 #1
0
    public CommandResult authenticate() {
      SaslClient saslClient = createSaslClient();
      try {
        byte[] response =
            (saslClient.hasInitialResponse() ? saslClient.evaluateChallenge(new byte[0]) : null);
        CommandResult res = sendSaslStart(response);
        res.throwOnError();

        int conversationId = (Integer) res.get("conversationId");

        while (!(Boolean) res.get("done")) {
          response = saslClient.evaluateChallenge((byte[]) res.get("payload"));

          if (response == null) {
            throw new MongoException("SASL protocol error: no client response to challenge");
          }

          res = sendSaslContinue(conversationId, response);
          res.throwOnError();
        }
        return res;
      } catch (IOException e) {
        throw new MongoException.Network("IOException authenticating the connection", e);
      } finally {
        try {
          saslClient.dispose();
        } catch (SaslException e) {
          // ignore
        }
      }
    }
 private void saslDispose(final SaslClient saslClient) {
   if (saslClient != null) {
     try {
       saslClient.dispose();
     } catch (SaslException e) {
       client.trace("Failure disposing of SaslClient", e);
     }
   }
 }
예제 #3
0
 @After
 public void dispose() throws Exception {
   if (client != null) client.dispose();
   if (server != null) server.dispose();
   if (testKdc != null) testKdc.stopAll();
 }
예제 #4
0
  private void doAuth() {
    SaslClient saslClient = null;
    try {
      saslClient =
          Sasl.createSaslClient(
              authInfo.getMechanisms(),
              null,
              "memcached",
              memcachedTCPSession.getRemoteSocketAddress().toString(),
              null,
              this.authInfo.getCallbackHandler());

      final AtomicBoolean done = new AtomicBoolean(false);
      byte[] response =
          saslClient.hasInitialResponse() ? saslClient.evaluateChallenge(EMPTY_BYTES) : EMPTY_BYTES;
      CountDownLatch latch = new CountDownLatch(1);
      Command command =
          this.commandFactory.createAuthStartCommand(
              saslClient.getMechanismName(), latch, response);
      if (!this.memcachedTCPSession.isClosed()) this.memcachedTCPSession.write(command);
      else {
        log.error("Authentication fail,because the connection has been closed");
        throw new RuntimeException("Authentication fai,connection has been close");
      }

      while (!done.get()) {
        try {
          latch.await();
        } catch (InterruptedException e) {
          Thread.currentThread().interrupt();
          done.set(true);
        }
        ResponseStatus responseStatus = ((BaseBinaryCommand) command).getResponseStatus();
        switch (responseStatus) {
          case NO_ERROR:
            done.set(true);
            log.info(
                "Authentication to "
                    + this.memcachedTCPSession.getRemoteSocketAddress()
                    + " successfully");
            break;
          case AUTH_REQUIRED:
            log.error(
                "Authentication failed to " + this.memcachedTCPSession.getRemoteSocketAddress());
            log.warn(
                "Reopen connection to "
                    + this.memcachedTCPSession.getRemoteSocketAddress()
                    + ",beacause auth fail");
            this.memcachedTCPSession.setAuthFailed(true);

            // It it is not first time,try to sleep 1 second
            if (!this.authInfo.isFirstTime()) {
              Thread.sleep(1000);
            }
            this.memcachedTCPSession.close();
            done.set(true);
            break;
          case FUTHER_AUTH_REQUIRED:
            String result = (String) command.getResult();
            response = saslClient.evaluateChallenge(ByteUtils.getBytes(result));
            latch = new CountDownLatch(1);
            command =
                commandFactory.createAuthStepCommand(
                    saslClient.getMechanismName(), latch, response);
            if (!this.memcachedTCPSession.isClosed()) this.memcachedTCPSession.write(command);
            else {
              log.error("Authentication fail,because the connection has been closed");
              throw new RuntimeException("Authentication fai,connection has been close");
            }

            break;
          default:
            done.set(true);
            log.error(
                "Authentication failed to "
                    + this.memcachedTCPSession.getRemoteSocketAddress()
                    + ",response status="
                    + responseStatus);
            break;
        }
      }
    } catch (Exception e) {
      log.error("Create saslClient error", e);
    } finally {
      if (saslClient != null) {
        try {
          saslClient.dispose();
        } catch (SaslException e) {
          log.error("Dispose saslClient error", e);
        }
      }
    }
  }