Пример #1
0
  @Test
  public void testServerAuthIndirect_Server() throws Exception {
    Map<String, Object> props = new HashMap<String, Object>();

    // No properties are set, an appropriate EntitySaslServer should be returned
    SaslServer server =
        Sasl.createSaslServer(
            SaslMechanismInformation.Names.IEC_ISO_9798_U_RSA_SHA1_ENC,
            "TestProtocol",
            "TestServer",
            props,
            null);
    assertEquals(EntitySaslServer.class, server.getClass());
    assertEquals(
        SaslMechanismInformation.Names.IEC_ISO_9798_U_RSA_SHA1_ENC, server.getMechanismName());

    // If we set SERVER_AUTH to true even though a unilateral mechanism is specified, no server
    // should be returned
    props.put(Sasl.SERVER_AUTH, Boolean.toString(true));
    server =
        Sasl.createSaslServer(
            SaslMechanismInformation.Names.IEC_ISO_9798_U_RSA_SHA1_ENC,
            "TestProtocol",
            "TestServer",
            props,
            null);
    assertNull(server);
  }
Пример #2
0
 /**
  * Constructor
  *
  * @param secretManager supplied by SaslServerHandler.
  */
 public SaslNettyServer(JobTokenSecretManager secretManager) {
   if (LOG.isDebugEnabled()) {
     LOG.debug("SaslNettyServer: Secret manager is: " + secretManager);
   }
   /*if[HADOOP_1_SECRET_MANAGER]
   else[HADOOP_1_SECRET_MANAGER]*/
   try {
     secretManager.checkAvailableForRead();
   } catch (StandbyException e) {
     LOG.error("SaslNettyServer: Could not read secret manager: " + e);
   }
   /*end[HADOOP_1_SECRET_MANAGER]*/
   try {
     SaslDigestCallbackHandler ch = new SaslNettyServer.SaslDigestCallbackHandler(secretManager);
     saslServer =
         Sasl.createSaslServer(
             SaslNettyServer.AuthMethod.DIGEST.getMechanismName(),
             null,
             SaslRpcServer.SASL_DEFAULT_REALM,
             SaslRpcServer.SASL_PROPS,
             ch);
   } catch (SaslException e) {
     LOG.error("SaslNettyServer: Could not create SaslServer: " + e);
   }
 }
Пример #3
0
 public SaslServerContext(
     final String mech,
     final String serverName,
     final CallbackHandler callback_handler,
     final Map<String, String> props,
     final Subject subject)
     throws SaslException {
   this.subject = subject;
   if (this.subject != null) {
     try {
       server =
           Subject.doAs(
               this.subject,
               new PrivilegedExceptionAction<SaslServer>() {
                 @Override
                 public SaslServer run() throws Exception {
                   return Sasl.createSaslServer(
                       mech, "jgroups", serverName, props, callback_handler);
                 }
               });
     } catch (PrivilegedActionException e) {
       throw (SaslException)
           e.getCause(); // The createSaslServer will only throw this type of exception
     }
   } else {
     server = Sasl.createSaslServer(mech, "jgroups", serverName, props, callback_handler);
   }
 }
Пример #4
0
 public SaslServer createSaslServer(String mechanism, String localFQDN) throws SaslException {
   return Sasl.createSaslServer(
       mechanism,
       "AMQP",
       localFQDN,
       _serverCreationProperties.get(mechanism),
       _callbackHandlerMap.get(mechanism));
 }
Пример #5
0
  private boolean saslAuth(final Map<String, Object> props) throws AuthorizationException {
    try {
      SaslServer ss = (SaslServer) props.get("SaslServer");

      if (ss == null) {
        Map<String, String> sasl_props = new TreeMap<String, String>();

        sasl_props.put(Sasl.QOP, "auth");
        ss =
            Sasl.createSaslServer(
                (String) props.get(MACHANISM_KEY),
                "xmpp",
                (String) props.get(SERVER_NAME_KEY),
                sasl_props,
                new SaslCallbackHandler(props));
        props.put("SaslServer", ss);
      } // end of if (ss == null)

      String data_str = (String) props.get(DATA_KEY);
      byte[] in_data = ((data_str != null) ? Base64.decode(data_str) : new byte[0]);

      if (log.isLoggable(Level.FINEST)) {
        log.finest("response: " + new String(in_data));
      }

      byte[] challenge = ss.evaluateResponse(in_data);

      if (log.isLoggable(Level.FINEST)) {
        log.finest("challenge: " + ((challenge != null) ? new String(challenge) : "null"));
      }

      String challenge_str =
          (((challenge != null) && (challenge.length > 0)) ? Base64.encode(challenge) : null);

      props.put(RESULT_KEY, challenge_str);

      if (ss.isComplete()) {
        return true;
      } else {
        return false;
      } // end of if (ss.isComplete()) else
    } catch (SaslException e) {
      throw new AuthorizationException("Sasl exception.", e);
    } // end of try-catch
  }
Пример #6
0
 /**
  * Constructor
  *
  * @param secretManager supplied by SaslServerHandler.
  * @param authMethod Authentication method
  */
 public SaslNettyServer(JobTokenSecretManager secretManager, AuthMethod authMethod)
     throws IOException {
   /*if[HADOOP_1_SECRET_MANAGER]
   else[HADOOP_1_SECRET_MANAGER]*/
   super(authMethod);
   /*end[HADOOP_1_SECRET_MANAGER]*/
   if (LOG.isDebugEnabled()) {
     LOG.debug(
         "SaslNettyServer: Secret manager is: "
             + secretManager
             + " with authmethod "
             + authMethod);
   }
   /*if[HADOOP_1_SECRET_MANAGER]
   else[HADOOP_1_SECRET_MANAGER]*/
   try {
     secretManager.checkAvailableForRead();
   } catch (StandbyException e) {
     LOG.error("SaslNettyServer: Could not read secret manager: " + e);
   }
   /*end[HADOOP_1_SECRET_MANAGER]*/
   try {
     SaslDigestCallbackHandler ch = new SaslNettyServer.SaslDigestCallbackHandler(secretManager);
     /*if[STATIC_SASL_SYMBOL]
           saslServer =
               Sasl.createSaslServer(
                   SaslNettyServer.AuthMethod.DIGEST.getMechanismName(), null,
                   SaslRpcServer.SASL_DEFAULT_REALM, SaslRpcServer.SASL_PROPS, ch);
     else[STATIC_SASL_SYMBOL]*/
     SaslPropertiesResolver saslPropsResolver =
         SaslPropertiesResolver.getInstance(new Configuration());
     saslServer =
         Sasl.createSaslServer(
             SaslNettyServer.AuthMethod.DIGEST.getMechanismName(),
             null,
             SaslRpcServer.SASL_DEFAULT_REALM,
             saslPropsResolver.getDefaultProperties(),
             ch);
     /*end[STATIC_SASL_SYMBOL]*/
   } catch (SaslException e) {
     LOG.error("SaslNettyServer: Could not create SaslServer: " + e);
   }
 }
Пример #7
0
 @Override
 public boolean auth(Auth auth, JIDContext context) {
   try {
     context.write(
         new Challenge(
             this.saslServers
                 .push(
                     context,
                     Sasl.createSaslServer(
                         mechanism,
                         this.protocol,
                         context.domain(),
                         this.props,
                         new ServerCallbackHandler(context)))
                 .evaluateResponse(new byte[0])));
     return true;
   } catch (Exception e) {
     this.log.error(e.toString());
     Trace.trace(this.log, e);
     return false;
   }
 }
Пример #8
0
  SaslNettyServer(String topologyName, byte[] token) throws IOException {
    LOG.debug(
        "SaslNettyServer: Topology token is: "
            + topologyName
            + " with authmethod "
            + SaslUtils.AUTH_DIGEST_MD5);

    try {

      SaslDigestCallbackHandler ch =
          new SaslNettyServer.SaslDigestCallbackHandler(topologyName, token);

      saslServer =
          Sasl.createSaslServer(
              SaslUtils.AUTH_DIGEST_MD5,
              null,
              SaslUtils.DEFAULT_REALM,
              SaslUtils.getSaslProps(),
              ch);

    } catch (SaslException e) {
      LOG.error("SaslNettyServer: Could not create SaslServer: " + e);
    }
  }
Пример #9
0
 public static void main(String[] args) throws Exception {
   try {
     Sasl.createSaslClient(
         new String[] {"NTLM"}, "abc", "ldap", "server", new HashMap<String, Object>(), null);
   } catch (SaslException se) {
     System.out.println(se);
   }
   try {
     Sasl.createSaslServer("NTLM", "ldap", "server", new HashMap<String, Object>(), null);
   } catch (SaslException se) {
     System.out.println(se);
   }
   try {
     Sasl.createSaslClient(
         new String[] {"NTLM"},
         "abc",
         "ldap",
         "server",
         null,
         new CallbackHandler() {
           @Override
           public void handle(Callback[] callbacks)
               throws IOException, UnsupportedCallbackException {}
         });
   } catch (SaslException se) {
     System.out.println(se);
   }
   try {
     SaslServer saslServer =
         Sasl.createSaslServer(
             "NTLM",
             "ldap",
             "abc",
             null,
             new CallbackHandler() {
               @Override
               public void handle(Callback[] callbacks)
                   throws IOException, UnsupportedCallbackException {}
             });
     System.err.println("saslServer = " + saslServer);
     System.err.println("saslServer.isComplete() = " + saslServer.isComplete());
     // IllegalStateException is expected here
     saslServer.getNegotiatedProperty("prop");
     System.err.println("No IllegalStateException");
   } catch (IllegalStateException se) {
     System.out.println(se);
   }
   try {
     SaslServer saslServer =
         Sasl.createSaslServer(
             "NTLM",
             "ldap",
             "abc",
             null,
             new CallbackHandler() {
               @Override
               public void handle(Callback[] callbacks)
                   throws IOException, UnsupportedCallbackException {}
             });
     System.err.println("saslServer = " + saslServer);
     System.err.println("saslServer.isComplete() = " + saslServer.isComplete());
     // IllegalStateException is expected here
     saslServer.getAuthorizationID();
     System.err.println("No IllegalStateException");
   } catch (IllegalStateException se) {
     System.out.println(se);
   }
   try {
     SaslServer saslServer =
         Sasl.createSaslServer(
             "NTLM",
             "ldap",
             "abc",
             null,
             new CallbackHandler() {
               @Override
               public void handle(Callback[] callbacks)
                   throws IOException, UnsupportedCallbackException {}
             });
     System.err.println("saslServer = " + saslServer);
     System.err.println("saslServer.isComplete() = " + saslServer.isComplete());
     // IllegalStateException is expected here
     saslServer.wrap(new byte[0], 0, 0);
     System.err.println("No IllegalStateException");
   } catch (IllegalStateException se) {
     System.out.println(se);
   }
 }