Class SimpleSaslAuthenticator

java.lang.Object
org.infinispan.server.core.security.simple.SimpleSaslAuthenticator
All Implemented Interfaces:
SaslAuthenticator

public final class SimpleSaslAuthenticator extends Object implements SaslAuthenticator
A server authentication handler which maintains a simple map of user names and passwords.
Author:
Darran Lofthouse, Tristan Tarrant
  • Constructor Details

    • SimpleSaslAuthenticator

      public SimpleSaslAuthenticator()
  • Method Details

    • createSaslServer

      public SaslServer createSaslServer(String mechanism, List<Principal> principals, String protocol, String serverName, Map<String,String> props) throws SaslException
      Description copied from interface: SaslAuthenticator
      Create a SaslServer, to be used for a single authentication session, for the specified mechanismName. On completion of the SASL authentication exchange, the SaslServer MUST provide a non-read-only negotiated Subject when SaslServer.getNegotiatedProperty(String) is invoked with the SubjectSaslServer.SUBJECT property. The default implementation of this method wraps any matching SaslServerFactory with a SubjectSaslServer to transparently supply the resolved Subject.
      Specified by:
      createSaslServer in interface SaslAuthenticator
      Parameters:
      mechanism - The non-null IANA-registered name of a SASL mechanism. (e.g. "GSSAPI", "CRAM-MD5").
      principals - Any principals which can be obtained before the authentication (e.g. TLS peer, remote network address). Can be empty.
      protocol - The non-null string name of the protocol for which the authentication is being performed (e.g., "ldap").
      serverName - The fully qualified host name of the server to authenticate to, or null if the server is not bound to any specific host name. If the mechanism does not allow an unbound server, a SaslException will be thrown.
      props - The possibly null set of properties used to select the SASL mechanism and to configure the authentication exchange of the selected mechanism. See the Sasl class for a list of standard properties. Other, possibly mechanism-specific, properties can be included. Properties not relevant to the selected mechanism are ignored, including any map entries with non-String keys.
      Returns:
      an instance of SaslServer (or null if it cannot be created)
      Throws:
      SaslException
    • addUser

      public void addUser(String userName, String userRealm, char[] password, String... groups)
      Add a user to the authentication table.
      Parameters:
      userName - the user name
      userRealm - the user realm
      password - the password
      groups - the groups the user belongs to