Java Code Examples for org.apache.qpid.proton.engine.Sasl#recv()
The following examples show how to use
org.apache.qpid.proton.engine.Sasl#recv() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: SaslTest.java From qpid-proton-j with Apache License 2.0 | 6 votes |
@Override public void onSaslInit(Sasl s, Transport t) { assertArrayEquals("Server should now know the client's chosen mechanism.", new String[]{TESTMECH1}, s.getRemoteMechanisms()); byte[] serverReceivedInitialBytes = new byte[s.pending()]; s.recv(serverReceivedInitialBytes, 0, serverReceivedInitialBytes.length); assertArrayEquals("Server should now know the client's initial response.", INITIAL_RESPONSE_BYTES, serverReceivedInitialBytes); s.send(CHALLENGE_BYTES, 0, CHALLENGE_BYTES.length); assertFalse("Should not have already received init", initReceived.getAndSet(true)); }
Example 2
Source File: ProtonHandler.java From activemq-artemis with Apache License 2.0 | 6 votes |
private void processPending(Sasl sasl) { byte[] dataSASL = new byte[sasl.pending()]; int received = sasl.recv(dataSASL, 0, dataSASL.length); if (log.isTraceEnabled()) { log.trace("Working on sasl, length:" + received); } byte[] response = chosenMechanism.processSASL(received != -1 ? dataSASL : null); if (response != null) { sasl.send(response, 0, response.length); } saslResult = chosenMechanism.result(); if (saslResult != null) { if (saslResult.isSuccess()) { saslComplete(sasl, Sasl.SaslOutcome.PN_SASL_OK); } else { saslComplete(sasl, Sasl.SaslOutcome.PN_SASL_AUTH); } } }
Example 3
Source File: SaslTest.java From qpid-proton-j with Apache License 2.0 | 5 votes |
@Override public void onSaslResponse(Sasl s, Transport t) { byte[] serverReceivedResponseBytes = new byte[s.pending()]; s.recv(serverReceivedResponseBytes, 0, serverReceivedResponseBytes.length); assertArrayEquals("Server should now know the client's response", RESPONSE_BYTES, serverReceivedResponseBytes); s.send(ADDITIONAL_DATA_BYTES, 0, ADDITIONAL_DATA_BYTES.length); s.done(SaslOutcome.PN_SASL_OK); assertFalse("Should not have already received response", responseReceived.getAndSet(true)); }
Example 4
Source File: SaslTest.java From qpid-proton-j with Apache License 2.0 | 5 votes |
@Override public void onSaslChallenge(Sasl s, Transport t) { byte[] clientReceivedChallengeBytes = new byte[s.pending()]; s.recv(clientReceivedChallengeBytes, 0, clientReceivedChallengeBytes.length); assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_NONE, s.getOutcome()); assertArrayEquals("Client should now know the server's challenge", CHALLENGE_BYTES, clientReceivedChallengeBytes); s.send(RESPONSE_BYTES, 0, RESPONSE_BYTES.length); assertFalse("Should not have already received challenge", challengeReceived.getAndSet(true)); }
Example 5
Source File: SaslTest.java From qpid-proton-j with Apache License 2.0 | 5 votes |
@Override public void onSaslOutcome(Sasl s, Transport t) { assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_OK, s.getOutcome()); byte[] clientReceivedAdditionalBytes = new byte[s.pending()]; s.recv(clientReceivedAdditionalBytes, 0, clientReceivedAdditionalBytes.length); assertArrayEquals("Client should now know the server's outcome additional data", clientReceivedAdditionalBytes, clientReceivedAdditionalBytes); assertFalse("Should not have already received outcome", outcomeReceived.getAndSet(true)); }
Example 6
Source File: ProtonHandler.java From activemq-artemis with Apache License 2.0 | 5 votes |
@Override public void onSaslChallenge(Sasl sasl, Transport transport) { int challengeSize = sasl.pending(); byte[] challenge = new byte[challengeSize]; sasl.recv(challenge, 0, challengeSize); byte[] response = clientSASLMechanism.getResponse(challenge); sasl.send(response, 0, response.length); }
Example 7
Source File: ProtonServerImplTest.java From vertx-proton with Apache License 2.0 | 5 votes |
private boolean evaluatePlainResponse(Sasl sasl) { byte[] response = new byte[sasl.pending()]; sasl.recv(response, 0, response.length); // Per https://tools.ietf.org/html/rfc4616 the PLAIN message format is: [authzid] UTF8NUL authcid UTF8NUL passwd // Break initial response into its constituent parts. int authzidTerminatorPos = findNullPosition(response, 0); if (authzidTerminatorPos < 0) { // Invalid PLAIN encoding, authzid null terminator not found return false; } int authcidTerminatorPos = findNullPosition(response, authzidTerminatorPos + 1); if (authcidTerminatorPos < 0) { // Invalid PLAIN encoding, authcid null terminator not found return false; } if (authcidTerminatorPos == response.length - 1) { // Invalid PLAIN encoding, no password present return false; } // Grab the authcid and password (ignoring authzid if present) String authcid = new String(response, authzidTerminatorPos + 1, authcidTerminatorPos - authzidTerminatorPos - 1, StandardCharsets.UTF_8); String passwd = new String(response, authcidTerminatorPos + 1, response.length - authcidTerminatorPos - 1, StandardCharsets.UTF_8); // Now verify the given credentials if (GOOD_USER.equals(authcid) && PASSWD.equals(passwd)) { // Success return true; } return false; }
Example 8
Source File: AmqpSaslAuthenticator.java From qpid-jms with Apache License 2.0 | 5 votes |
public void handleSaslChallenge(Sasl sasl, Transport transport) { try { if (sasl.pending() >= 0) { byte[] challenge = new byte[sasl.pending()]; sasl.recv(challenge, 0, challenge.length); byte[] response = mechanism.getChallengeResponse(challenge); if (response != null) { sasl.send(response, 0, response.length); } } } catch (Throwable error) { recordFailure("Exception while processing SASL step: " + error.getMessage(), error); } }
Example 9
Source File: AmqpSaslAuthenticator.java From qpid-jms with Apache License 2.0 | 5 votes |
private void handleSaslCompletion(Sasl sasl) { try { if (sasl.pending() != 0) { byte[] additionalData = new byte[sasl.pending()]; sasl.recv(additionalData, 0, additionalData.length); mechanism.getChallengeResponse(additionalData); } mechanism.verifyCompletion(); complete = true; } catch (Throwable error) { recordFailure("Exception while processing SASL exchange completion: " + error.getMessage(), error); } }
Example 10
Source File: SaslTest.java From qpid-proton-j with Apache License 2.0 | 4 votes |
/** 5.3.2 SASL Negotiation. */ @Test public void testSaslNegotiation() throws Exception { getClient().transport = Proton.transport(); getServer().transport = Proton.transport(); Sasl clientSasl = getClient().transport.sasl(); clientSasl.client(); assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_NONE, clientSasl.getOutcome()); Sasl serverSasl = getServer().transport.sasl(); serverSasl.server(); serverSasl.setMechanisms(TESTMECH1, TESTMECH2); assertEquals("Server should not yet know the remote's chosen mechanism.", 0, serverSasl.getRemoteMechanisms().length); pumpClientToServer(); pumpServerToClient(); assertArrayEquals("Client should now know the server's mechanisms.", new String[]{TESTMECH1, TESTMECH2}, clientSasl.getRemoteMechanisms()); assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_NONE, clientSasl.getOutcome()); clientSasl.setMechanisms(TESTMECH1); pumpClientToServer(); assertArrayEquals("Server should now know the client's chosen mechanism.", new String[]{TESTMECH1}, serverSasl.getRemoteMechanisms()); serverSasl.send(CHALLENGE_BYTES, 0, CHALLENGE_BYTES.length); pumpServerToClient(); byte[] clientReceivedChallengeBytes = new byte[clientSasl.pending()]; clientSasl.recv(clientReceivedChallengeBytes, 0, clientReceivedChallengeBytes.length); assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_NONE, clientSasl.getOutcome()); assertArrayEquals("Client should now know the server's challenge", CHALLENGE_BYTES, clientReceivedChallengeBytes); clientSasl.send(RESPONSE_BYTES, 0, RESPONSE_BYTES.length); pumpClientToServer(); byte[] serverReceivedResponseBytes = new byte[serverSasl.pending()]; serverSasl.recv(serverReceivedResponseBytes, 0, serverReceivedResponseBytes.length); assertArrayEquals("Server should now know the client's response", RESPONSE_BYTES, serverReceivedResponseBytes); serverSasl.done(SaslOutcome.PN_SASL_OK); pumpServerToClient(); assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_OK, clientSasl.getOutcome()); }
Example 11
Source File: SaslTest.java From qpid-proton-j with Apache License 2.0 | 4 votes |
/** * 5.3.3.5 The additional-data field carries additional data on successful authentication outcome as specified * by the SASL specification [RFC4422]. */ @Test public void testOutcomeAdditionalData() throws Exception { getClient().transport = Proton.transport(); getServer().transport = Proton.transport(); Sasl clientSasl = getClient().transport.sasl(); clientSasl.client(); assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_NONE, clientSasl.getOutcome()); Sasl serverSasl = getServer().transport.sasl(); serverSasl.server(); serverSasl.setMechanisms(TESTMECH1); pumpClientToServer(); pumpServerToClient(); assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_NONE, clientSasl.getOutcome()); clientSasl.setMechanisms(TESTMECH1); pumpClientToServer(); serverSasl.send(CHALLENGE_BYTES, 0, CHALLENGE_BYTES.length); pumpServerToClient(); byte[] clientReceivedChallengeBytes = new byte[clientSasl.pending()]; clientSasl.recv(clientReceivedChallengeBytes, 0, clientReceivedChallengeBytes.length); assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_NONE, clientSasl.getOutcome()); clientSasl.send(RESPONSE_BYTES, 0, RESPONSE_BYTES.length); pumpClientToServer(); byte[] serverReceivedResponseBytes = new byte[serverSasl.pending()]; serverSasl.recv(serverReceivedResponseBytes, 0, serverReceivedResponseBytes.length); serverSasl.send(ADDITIONAL_DATA_BYTES, 0, ADDITIONAL_DATA_BYTES.length); serverSasl.done(SaslOutcome.PN_SASL_OK); pumpServerToClient(); byte[] clientReceivedAdditionalDataBytes = new byte[clientSasl.pending()]; clientSasl.recv(clientReceivedAdditionalDataBytes, 0, clientReceivedAdditionalDataBytes.length); assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_OK, clientSasl.getOutcome()); assertArrayEquals("Client should now know the serrver's additional-data", ADDITIONAL_DATA_BYTES, clientReceivedAdditionalDataBytes); }
Example 12
Source File: SaslTest.java From qpid-proton-j with Apache License 2.0 | 4 votes |
@Test public void testSaslNegotiationWithConfiguredLargerFrameSize() throws Exception { final byte[] largeInitialResponseBytesOrig = fillBytes("initialResponse", 1431); final byte[] largeChallengeBytesOrig = fillBytes("challenge", 1375); final byte[] largeResponseBytesOrig = fillBytes("response", 1282); final byte[] largeAdditionalBytesOrig = fillBytes("additionalData", 1529); getClient().transport = Proton.transport(); getServer().transport = Proton.transport(); // Configure transports to allow for larger initial frame sizes getClient().transport.setInitialRemoteMaxFrameSize(2048); getServer().transport.setInitialRemoteMaxFrameSize(2048); Sasl clientSasl = getClient().transport.sasl(); clientSasl.client(); Sasl serverSasl = getServer().transport.sasl(); serverSasl.server(); // Negotiate the mech serverSasl.setMechanisms(TESTMECH1, TESTMECH2); pumpClientToServer(); pumpServerToClient(); assertArrayEquals("Client should now know the server's mechanisms.", new String[] { TESTMECH1, TESTMECH2 }, clientSasl.getRemoteMechanisms()); assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_NONE, clientSasl.getOutcome()); // Select a mech, send large initial response along with it in sasl-init, verify server receives it clientSasl.setMechanisms(TESTMECH1); byte[] initialResponseBytes = Arrays.copyOf(largeInitialResponseBytesOrig, largeInitialResponseBytesOrig.length); clientSasl.send(initialResponseBytes, 0, initialResponseBytes.length); pumpClientToServer(); assertArrayEquals("Server should now know the client's chosen mechanism.", new String[] { TESTMECH1 }, serverSasl.getRemoteMechanisms()); byte[] serverReceivedInitialResponseBytes = new byte[serverSasl.pending()]; serverSasl.recv(serverReceivedInitialResponseBytes, 0, serverReceivedInitialResponseBytes.length); assertArrayEquals("Server should now know the clients initial response", largeInitialResponseBytesOrig, serverReceivedInitialResponseBytes); // Send a large challenge in a sasl-challenge, verify client receives it byte[] challengeBytes = Arrays.copyOf(largeChallengeBytesOrig, largeChallengeBytesOrig.length); serverSasl.send(challengeBytes, 0, challengeBytes.length); pumpServerToClient(); byte[] clientReceivedChallengeBytes = new byte[clientSasl.pending()]; clientSasl.recv(clientReceivedChallengeBytes, 0, clientReceivedChallengeBytes.length); assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_NONE, clientSasl.getOutcome()); assertArrayEquals("Client should now know the server's challenge", largeChallengeBytesOrig, clientReceivedChallengeBytes); // Send a large response in a sasl-response, verify server receives it byte[] responseBytes = Arrays.copyOf(largeResponseBytesOrig, largeResponseBytesOrig.length); clientSasl.send(responseBytes, 0, responseBytes.length); pumpClientToServer(); byte[] serverReceivedResponseBytes = new byte[serverSasl.pending()]; serverSasl.recv(serverReceivedResponseBytes, 0, serverReceivedResponseBytes.length); assertArrayEquals("Server should now know the client's response", largeResponseBytesOrig, serverReceivedResponseBytes); // Send an outcome with large additional data in a sasl-outcome, verify client receives it byte[] additionalBytes = Arrays.copyOf(largeAdditionalBytesOrig, largeAdditionalBytesOrig.length); serverSasl.send(additionalBytes, 0, additionalBytes.length); serverSasl.done(SaslOutcome.PN_SASL_OK); pumpServerToClient(); assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_OK, clientSasl.getOutcome()); byte[] clientReceivedAdditionalBytes = new byte[clientSasl.pending()]; clientSasl.recv(clientReceivedAdditionalBytes, 0, clientReceivedAdditionalBytes.length); assertArrayEquals("Client should now know the server's outcome additional data", largeAdditionalBytesOrig, clientReceivedAdditionalBytes); }
Example 13
Source File: ProtonHandler.java From activemq-artemis with Apache License 2.0 | 4 votes |
@Override public void onSaslOutcome(Sasl sasl, Transport transport) { log.debug("onSaslOutcome: " + sasl); switch (sasl.getState()) { case PN_SASL_FAIL: log.info("Outbound connection failed, authentication failure"); dispatchAuthFailed(); break; case PN_SASL_PASS: log.debug("Outbound connection succeeded"); if (sasl.pending() != 0) { byte[] additionalData = new byte[sasl.pending()]; sasl.recv(additionalData, 0, additionalData.length); clientSASLMechanism.getResponse(additionalData); } saslResult = new SASLResult() { @Override public String getUser() { return null; } @Override public Subject getSubject() { return null; } @Override public boolean isSuccess() { return true; } }; dispatchAuthSuccess(); break; default: break; } }