| blob | 475be09e01e27f1e470a604e3695142033d561b8 |
1 /* Sasl.java --
2 Copyright (C) 2003, 2004, 2005 Free Software Foundation, Inc.
4 This file is part of GNU Classpath.
6 GNU Classpath is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2, or (at your option)
9 any later version.
11 GNU Classpath is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with GNU Classpath; see the file COPYING. If not, write to the
18 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
19 02110-1301 USA.
21 Linking this library statically or dynamically with other modules is
22 making a combined work based on this library. Thus, the terms and
23 conditions of the GNU General Public License cover the whole
24 combination.
26 As a special exception, the copyright holders of this library give you
27 permission to link this library with independent modules to produce an
28 executable, regardless of the license terms of these independent
29 modules, and to copy and distribute the resulting executable under
30 terms of your choice, provided that you also meet, for each linked
31 independent module, the terms and conditions of the license of that
32 module. An independent module is a module which is not derived from
33 or based on this library. If you modify this library, you may extend
34 this exception to your version of the library, but you are not
35 obligated to do so. If you do not wish to do so, delete this
36 exception statement from your version. */
51 /**
52 * <p>A static class for creating SASL clients and servers.</p>
53 *
54 * <p>This class defines the policy of how to locate, load, and instantiate SASL
55 * clients and servers.</p>
56 *
57 * <p>For example, an application or library gets a SASL client instance by
58 * doing something like:</p>
59 *
60 * <pre>
61 *SaslClient sc =
62 * Sasl.createSaslClient(mechanisms, authorizationID, protocol,
63 * serverName, props, callbackHandler);
64 * </pre>
65 *
66 * <p>It can then proceed to use the instance to create an authenticated
67 * connection.</p>
68 *
69 * <p>Similarly, a server gets a SASL server instance by using code that looks
70 * as follows:</p>
71 *
72 * <pre>
73 *SaslServer ss =
74 * Sasl.createSaslServer(mechanism, protocol, serverName, props,
75 * callbackHandler);
76 * </pre>
77 *
78 * @since 1.5
79 */
80 public class Sasl
81 {
83 // Constants and variables
84 // -------------------------------------------------------------------------
86 /**
87 * <p>The name of a property that specifies the quality-of-protection to use.
88 * The property contains a comma-separated, ordered list of quality-of-
89 * protection values that the client or server is willing to support. A qop
90 * value is one of:</p>
91 *
92 * <ul>
93 * <li><code>"auth"</code> - authentication only,</li>
94 * <li><code>"auth-int"</code> - authentication plus integrity
95 * protection,</li>
96 * <li><code>"auth-conf"</code> - authentication plus integrity and
97 * confidentiality protection.</li>
98 * </ul>
99 *
100 * <p>The order of the list specifies the preference order of the client or
101 * server.</p>
102 *
103 * <p>If this property is absent, the default qop is <code>"auth"</code>.</p>
104 *
105 * <p>The value of this constant is <code>"javax.security.sasl.qop"</code>.</p>
106 */
109 /**
110 * <p>The name of a property that specifies the cipher strength to use. The
111 * property contains a comma-separated, ordered list of cipher strength
112 * values that the client or server is willing to support. A strength value
113 * is one of:</p>
114 *
115 * <ul>
116 * <li><code>"low"</code>,</li>
117 * <li><code>"medium"</code>,</li>
118 * <li><code>"high"</code>.</li>
119 * </ul>
120 *
121 * <p>The order of the list specifies the preference order of the client or
122 * server. An implementation should allow configuration of the meaning of
123 * these values. An application may use the Java Cryptography Extension (JCE)
124 * with JCE-aware mechanisms to control the selection of cipher suites that
125 * match the strength values.</p>
126 *
127 * <p>If this property is absent, the default strength is
128 * <code>"high,medium,low"</code>.</p>
129 *
130 * <p>The value of this constant is <code>"javax.security.sasl.strength"</code>.
131 * </p>
132 */
135 /**
136 * <p>The name of a property that specifies whether the server must authenticate
137 * to the client. The property contains <code>"true"</code> if the server
138 * must authenticate the to client; <code>"false"</code> otherwise. The
139 * default is <code>"false"</code>.</p>
140 *
141 * <p>The value of this constant is
142 * <code>"javax.security.sasl.server.authentication"</code>.</p>
143 */
146 /**
147 * <p>The name of a property that specifies the maximum size of the receive
148 * buffer in bytes of {@link SaslClient}/{@link SaslServer}. The property
149 * contains the string representation of an integer.</p>
150 *
151 * <p>If this property is absent, the default size is defined by the
152 * mechanism.</p>
153 *
154 * <p>The value of this constant is <code>"javax.security.sasl.maxbuffer"</code>.
155 * </p>
156 */
159 /**
160 * <p>The name of a property that specifies the maximum size of the raw send
161 * buffer in bytes of {@link SaslClient}/{@link SaslServer}. The property
162 * contains the string representation of an integer. The value of this
163 * property is negotiated between the client and server during the
164 * authentication exchange.</p>
165 *
166 * <p>The value of this constant is <code>"javax.security.sasl.rawsendsize"</code>.
167 * </p>
168 */
171 /**
172 * <p>The name of a property that specifies whether mechanisms susceptible
173 * to simple plain passive attacks (e.g., "PLAIN") are not permitted. The
174 * property contains <code>"true"</code> if such mechanisms are not
175 * permitted; <code>"false"</code> if such mechanisms are permitted. The
176 * default is <code>"false"</code>.</p>
177 *
178 * <p>The value of this constant is <code>"javax.security.sasl.policy.noplaintext"</code>.
179 * </p>
180 */
183 /**
184 * <p>The name of a property that specifies whether mechanisms susceptible to
185 * active (non-dictionary) attacks are not permitted. The property contains
186 * <code>"true"</code> if mechanisms susceptible to active attacks are not
187 * permitted; <code>"false"</code> if such mechanisms are permitted. The
188 * default is <code>"false"</code>.</p>
189 *
190 * <p>The value of this constant is <code>"javax.security.sasl.policy.noactive"</code>.
191 * </p>
192 */
195 /**
196 * <p>The name of a property that specifies whether mechanisms susceptible to
197 * passive dictionary attacks are not permitted. The property contains
198 * <code>"true"</code> if mechanisms susceptible to dictionary attacks are
199 * not permitted; <code>"false"</code> if such mechanisms are permitted. The
200 * default is <code>"false"</code>.</p>
201 *
202 * <p>The value of this constant is <code>"javax.security.sasl.policy.nodictionary"</code>.
203 * </p>
204 */
207 /**
208 * <p>The name of a property that specifies whether mechanisms that accept
209 * anonymous login are not permitted. The property contains <code>"true"</code>
210 * if mechanisms that accept anonymous login are not permitted; <code>"false"
211 * </code> if such mechanisms are permitted. The default is <code>"false"</code>.
212 * </p>
213 *
214 * <p>The value of this constant is <code>"javax.security.sasl.policy.noanonymous"</code>.
215 * </p>
216 */
219 /**
220 * The name of a property that specifies whether mechanisms that implement
221 * forward secrecy between sessions are required. Forward secrecy means that
222 * breaking into one session will not automatically provide information for
223 * breaking into future sessions. The property contains <code>"true"</code>
224 * if mechanisms that implement forward secrecy between sessions are
225 * required; <code>"false"</code> if such mechanisms are not required. The
226 * default is <code>"false"</code>.
227 *
228 * <p>The value of this constant is <code>"javax.security.sasl.policy.forward"</code>.
229 * </p>
230 */
233 /**
234 * The name of a property that specifies whether mechanisms that pass client
235 * credentials are required. The property contains <code>"true"</code> if
236 * mechanisms that pass client credentials are required; <code>"false"</code>
237 * if such mechanisms are not required. The default is <code>"false"</code>.
238 *
239 * <p>The value of this constant is <code>"javax.security.sasl.policy.credentials"</code>.
240 * </p>
241 */
244 /**
245 * <p>The name of a property that specifies whether to reuse previously
246 * authenticated session information. The property contains <code>"true"</code>
247 * if the mechanism implementation may attempt to reuse previously
248 * authenticated session information; it contains <code>"false"</code> if the
249 * implementation must not reuse previously authenticated session information.
250 * A setting of <code>"true"</code> serves only as a hint; it does not
251 * necessarily entail actual reuse because reuse might not be possible due to
252 * a number of reasons, including, but not limited to, lack of mechanism
253 * support for reuse, expiration of reusable information, and the peer's
254 * refusal to support reuse. The property's default value is <code>"false"</code>.
255 * </p>
256 *
257 * <p>The value of this constant is <code>"javax.security.sasl.reuse"</code>.
258 * Note that all other parameters and properties required to create a SASL
259 * client/server instance must be provided regardless of whether this
260 * property has been supplied. That is, you cannot supply any less
261 * information in anticipation of reuse. Mechanism implementations that
262 * support reuse might allow customization of its implementation for factors
263 * such as cache size, timeouts, and criteria for reuseability. Such
264 * customizations are implementation-dependent.</p>
265 */
268 /**
269 * <p>The name of a property which specifies the credentials to use.
270 * The value of the property is a mechanism-specific object which can
271 * be used to supply credentials to a mechanism which provides delegated
272 * authentication.</p>
273 *
274 * <p>The value of this constant is <code>"javax.security.sasl.credentials"</code>.</p>
275 */
282 // Constructor(s)
283 // -------------------------------------------------------------------------
286 {
288 }
290 // Class methods
291 // -------------------------------------------------------------------------
293 /**
294 * Creates a {@link SaslClient} for the specified mechanism.
295 *
296 * <p>This method uses the JCA Security Provider Framework, described in the
297 * "Java Cryptography Architecture API Specification & Reference", for
298 * locating and selecting a {@link SaslClient} implementation.</p>
299 *
300 * <p>First, it obtains an ordered list of {@link SaslClientFactory}
301 * instances from the registered security providers for the
302 * <code>"SaslClientFactory"</code> service and the specified mechanism. It
303 * then invokes <code>createSaslClient()</code> on each factory instance on
304 * the list until one produces a non-null {@link SaslClient} instance. It
305 * returns the non-null {@link SaslClient} instance, or <code>null</code> if
306 * the search fails to produce a non-null {@link SaslClient} instance.</p>
307 *
308 * <p>A security provider for <code>SaslClientFactory</code> registers with
309 * the JCA Security Provider Framework keys of the form:</p>
310 *
311 * <pre>
312 * SaslClientFactory.mechanism_name
313 * </pre>
314 *
315 * <p>and values that are class names of implementations of {@link
316 * SaslClientFactory}.</p>
317 *
318 * <p>For example, a provider that contains a factory class,
319 * <code>com.wiz.sasl.digest.ClientFactory</code>, that supports the
320 * <code>"DIGEST-MD5"</code> mechanism would register the following entry
321 * with the JCA:</p>
322 *
323 * <pre>
324 * SaslClientFactory.DIGEST-MD5 com.wiz.sasl.digest.ClientFactory
325 * </pre>
326 *
327 * <p>See the "Java Cryptography Architecture API Specification &
328 * Reference" for information about how to install and configure security
329 * service providers.</p>
330 *
331 * @param mechanisms the non-null list of mechanism names to try. Each is the
332 * IANA-registered name of a SASL mechanism. (e.g. "GSSAPI", "CRAM-MD5").
333 * @param authorizationID the possibly <code>null</code> protocol-dependent
334 * identification to be used for authorization. If <code>null</code> or
335 * empty, the server derives an authorization ID from the client's
336 * authentication credentials. When the SASL authentication completes
337 * successfully, the specified entity is granted access.
338 * @param protocol the non-null string name of the protocol for which the
339 * authentication is being performed (e.g. "ldap").
340 * @param serverName the non-null fully-qualified host name of the server to
341 * authenticate to.
342 * @param props the possibly null set of properties used to select the SASL
343 * mechanism and to configure the authentication exchange of the selected
344 * mechanism. For example, if props contains the {@link Sasl#POLICY_NOPLAINTEXT}
345 * property with the value <code>"true"</code>, then the selected SASL
346 * mechanism must not be susceptible to simple plain passive attacks. In
347 * addition to the standard properties declared in this class, other,
348 * possibly mechanism-specific, properties can be included. Properties not
349 * relevant to the selected mechanism are ignored.
350 * @param cbh the possibly <code>null</code> callback handler to used by the
351 * SASL mechanisms to get further information from the application/library to
352 * complete the authentication. For example, a SASL mechanism might require
353 * the authentication ID, password and realm from the caller. The
354 * authentication ID is requested by using a
355 * {@link javax.security.auth.callback.NameCallback}. The password is
356 * requested by using a {@link javax.security.auth.callback.PasswordCallback}.
357 * The realm is requested by using a {@link RealmChoiceCallback} if there is
358 * a list of realms to choose from, and by using a {@link RealmCallback} if
359 * the realm must be entered.
360 * @return a possibly <code>null</code> {@link SaslClient} created using the
361 * parameters supplied. If <code>null</code>, the method could not find a
362 * {@link SaslClientFactory} that will produce one.
363 * @throws SaslException if a {@link SaslClient} cannot be created because
364 * of an error.
365 */
367 String authorizationID,
368 String protocol,
369 String serverName,
371 CallbackHandler cbh)
372 throws SaslException
373 {
375 {
377 }
380 {
382 }
388 Provider p;
390 {
395 {
398 {
399 // try the name as is
402 {
406 {
409 {
413 }
415 }
416 }
419 else
421 }
423 try
424 {
429 }
431 {
432 }
434 {
435 }
437 {
438 }
440 {
441 }
444 }
445 }
447 }
449 /**
450 * Gets an enumeration of known factories for producing a {@link SaslClient}
451 * instance. This method uses the same sources for locating factories as
452 * <code>createSaslClient()</code>.
453 *
454 * @return a non-null {@link Enumeration} of known factories for producing a
455 * {@link SaslClient} instance.
456 * @see #createSaslClient(String[],String,String,String,Map,CallbackHandler)
457 */
459 {
463 Iterator it;
465 {
466 Provider p;
467 String key;
469 {
472 {
474 // add key's binding (a) it is a class of a client factory,
475 // and (b) the key does not include blanks
477 {
480 }
481 }
482 }
483 }
484 // we have the factory class names in names; instantiate and enumerate
485 String c;
487 {
489 try
490 {
498 }
499 }
502 }
504 /**
505 * Creates a {@link SaslServer} for the specified mechanism.
506 *
507 * <p>This method uses the JCA Security Provider Framework, described in the
508 * "Java Cryptography Architecture API Specification & Reference", for
509 * locating and selecting a SaslServer implementation.</p>
510 *
511 * <p>First, it obtains an ordered list of {@link SaslServerFactory}
512 * instances from the registered security providers for the
513 * <code>"SaslServerFactory"</code> service and the specified mechanism. It
514 * then invokes <code>createSaslServer()</code> on each factory instance on
515 * the list until one produces a non-null {@link SaslServer} instance. It
516 * returns the non-null {@link SaslServer} instance, or <code>null</code> if
517 * the search fails to produce a non-null {@link SaslServer} instance.</p>
518 *
519 * <p>A security provider for {@link SaslServerFactory} registers with the
520 * JCA Security Provider Framework keys of the form:</p>
521 *
522 * <pre>
523 * SaslServerFactory.mechanism_name
524 * </pre>
525 *
526 * <p>and values that are class names of implementations of {@link
527 * SaslServerFactory}.</p>
528 *
529 * <p>For example, a provider that contains a factory class,
530 * <code>com.wiz.sasl.digest.ServerFactory</code>, that supports the
531 * <code>"DIGEST-MD5"</code> mechanism would register the following entry
532 * with the JCA:</p>
533 *
534 * <pre>
535 * SaslServerFactory.DIGEST-MD5 com.wiz.sasl.digest.ServerFactory
536 * </pre>
537 *
538 * <p>See the "Java Cryptography Architecture API Specification &
539 * Reference" for information about how to install and configure security
540 * service providers.</p>
541 *
542 * @param mechanism the non-null mechanism name. It must be an
543 * IANA-registered name of a SASL mechanism. (e.g. "GSSAPI", "CRAM-MD5").
544 * @param protocol the non-null string name of the protocol for which the
545 * authentication is being performed (e.g. "ldap").
546 * @param serverName the non-null fully qualified host name of the server.
547 * @param props the possibly <code>null</code> set of properties used to
548 * select the SASL mechanism and to configure the authentication exchange of
549 * the selected mechanism. For example, if props contains the {@link
550 * Sasl#POLICY_NOPLAINTEXT} property with the value <code>"true"</code>, then
551 * the selected SASL mechanism must not be susceptible to simple plain
552 * passive attacks. In addition to the standard properties declared in this
553 * class, other, possibly mechanism-specific, properties can be included.
554 * Properties not relevant to the selected mechanism are ignored.
555 * @param cbh the possibly <code>null</code> callback handler to used by the
556 * SASL mechanisms to get further information from the application/library to
557 * complete the authentication. For example, a SASL mechanism might require
558 * the authentication ID, password and realm from the caller. The
559 * authentication ID is requested by using a
560 * {@link javax.security.auth.callback.NameCallback}. The password is
561 * requested by using a {@link javax.security.auth.callback.PasswordCallback}.
562 * The realm is requested by using a {@link RealmChoiceCallback} if there is
563 * a list of realms to choose from, and by using a {@link RealmCallback} if
564 * the realm must be entered.
565 * @return a possibly <code>null</code> {@link SaslServer} created using the
566 * parameters supplied. If <code>null</code>, the method cannot find a
567 * {@link SaslServerFactory} instance that will produce one.
568 * @throws SaslException if a {@link SaslServer} instance cannot be created
569 * because of an error.
570 */
572 String serverName,
574 CallbackHandler cbh)
575 throws SaslException
576 {
587 Provider p;
589 {
592 {
593 // try the name as is
596 {
600 {
603 {
607 }
608 }
610 }
611 }
614 else
617 try
618 {
621 result =
623 }
625 {
626 }
628 {
629 }
631 {
632 }
634 {
635 }
638 }
640 }
642 /**
643 * Gets an enumeration of known factories for producing a {@link SaslServer}
644 * instance. This method uses the same sources for locating factories as
645 * <code>createSaslServer()</code>.
646 *
647 * @return a non-null {@link Enumeration} of known factories for producing a
648 * {@link SaslServer} instance.
649 * @see #createSaslServer(String,String,String,Map,CallbackHandler)
650 */
652 {
656 Iterator it;
658 {
659 Provider p;
660 String key;
662 {
665 {
667 // add key's binding (a) it is a class of a server factory,
668 // and (b) the key does not include blanks
670 {
673 }
674 }
675 }
676 }
677 // we have the factory class names in names; instantiate and enumerate
678 String c;
680 {
682 try
683 {
687 }
689 {
690 }
692 {
693 }
695 {
696 }
698 {
699 }
700 }
703 }
704 }