예제 #1
0
  public IoFuture<Connection> connect(
      CallbackHandler handler, Map<String, String> saslOptions, SSLContext sslContext)
      throws IOException {
    OptionMap.Builder builder = OptionMap.builder();
    builder.addAll(configuration.getOptionMap());
    builder.set(SASL_POLICY_NOANONYMOUS, Boolean.FALSE);
    builder.set(SASL_POLICY_NOPLAINTEXT, Boolean.FALSE);
    if (isLocal() == false) {
      builder.set(Options.SASL_DISALLOWED_MECHANISMS, Sequence.of(JBOSS_LOCAL_USER));
    }
    List<Property> tempProperties =
        new ArrayList<Property>(saslOptions != null ? saslOptions.size() : 1);
    tempProperties.add(Property.of("jboss.sasl.local-user.quiet-auth", "true"));
    if (saslOptions != null) {
      for (String currentKey : saslOptions.keySet()) {
        tempProperties.add(Property.of(currentKey, saslOptions.get(currentKey)));
      }
    }
    builder.set(Options.SASL_PROPERTIES, Sequence.of(tempProperties));

    builder.set(Options.SSL_ENABLED, true);
    builder.set(Options.SSL_STARTTLS, true);

    CallbackHandler actualHandler = handler != null ? handler : new AnonymousCallbackHandler();
    return endpoint.connect(uri, builder.getMap(), actualHandler, sslContext);
  }
예제 #2
0
  // This duplicates the RealmSecurityProvider of AS7 to mimic the same security set-up
  private OptionMap createOptionMap() {
    List<String> mechanisms = new LinkedList<String>();
    Set<Property> properties = new HashSet<Property>();
    Builder builder = OptionMap.builder();

    if (saslMechanisms.contains(JBOSS_LOCAL_USER)) {
      mechanisms.add(JBOSS_LOCAL_USER);
      builder.set(SASL_POLICY_NOPLAINTEXT, false);
      properties.add(Property.of(LOCAL_DEFAULT_USER, DOLLAR_LOCAL));
    }

    if (saslMechanisms.contains(DIGEST_MD5)) {
      mechanisms.add(DIGEST_MD5);
      properties.add(Property.of(REALM_PROPERTY, REALM));
    }

    if (saslMechanisms.contains(PLAIN)) {
      mechanisms.add(PLAIN);
      builder.set(SASL_POLICY_NOPLAINTEXT, false);
    }

    if (saslMechanisms.isEmpty() || saslMechanisms.contains(ANONYMOUS)) {
      mechanisms.add(ANONYMOUS);
      builder.set(SASL_POLICY_NOANONYMOUS, false);
    }

    // TODO - SSL Options will be added in a subsequent task.
    builder.set(SSL_ENABLED, false);

    builder.set(SASL_MECHANISMS, Sequence.of(mechanisms));
    builder.set(SASL_PROPERTIES, Sequence.of(properties));

    return builder.getMap();
  }