| Shuyi Chen | d7955ce | 2013-05-22 14:51:55 -0700 | [diff] [blame] | 1 | /**
|
| 2 | * $RCSfile$
|
| 3 | * $Revision$
|
| 4 | * $Date$
|
| 5 | *
|
| 6 | *
|
| 7 | * All rights reserved. Licensed under the Apache License, Version 2.0 (the "License");
|
| 8 | * you may not use this file except in compliance with the License.
|
| 9 | * You may obtain a copy of the License at
|
| 10 | *
|
| 11 | * http://www.apache.org/licenses/LICENSE-2.0
|
| 12 | *
|
| 13 | * Unless required by applicable law or agreed to in writing, software
|
| 14 | * distributed under the License is distributed on an "AS IS" BASIS,
|
| 15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
| 16 | * See the License for the specific language governing permissions and
|
| 17 | * limitations under the License.
|
| 18 | */
|
| 19 |
|
| 20 | package org.jivesoftware.smack.sasl;
|
| 21 |
|
| 22 | import org.jivesoftware.smack.SASLAuthentication;
|
| 23 | import org.jivesoftware.smack.XMPPException;
|
| 24 |
|
| 25 | import java.io.IOException;
|
| 26 | import java.util.Map;
|
| 27 | import java.util.HashMap;
|
| 28 | import de.measite.smack.Sasl;
|
| 29 | import org.apache.harmony.javax.security.auth.callback.CallbackHandler;
|
| 30 |
|
| 31 | /**
|
| 32 | * Implementation of the SASL GSSAPI mechanism
|
| 33 | *
|
| 34 | * @author Jay Kline
|
| 35 | */
|
| 36 | public class SASLGSSAPIMechanism extends SASLMechanism {
|
| 37 |
|
| 38 | public SASLGSSAPIMechanism(SASLAuthentication saslAuthentication) {
|
| 39 | super(saslAuthentication);
|
| 40 |
|
| 41 | System.setProperty("javax.security.auth.useSubjectCredsOnly","false");
|
| 42 | System.setProperty("java.security.auth.login.config","gss.conf");
|
| 43 |
|
| 44 | }
|
| 45 |
|
| 46 | protected String getName() {
|
| 47 | return "GSSAPI";
|
| 48 | }
|
| 49 |
|
| 50 | /**
|
| 51 | * Builds and sends the <tt>auth</tt> stanza to the server.
|
| 52 | * This overrides from the abstract class because the initial token
|
| 53 | * needed for GSSAPI is binary, and not safe to put in a string, thus
|
| 54 | * getAuthenticationText() cannot be used.
|
| 55 | *
|
| 56 | * @param username the username of the user being authenticated.
|
| 57 | * @param host the hostname where the user account resides.
|
| 58 | * @param cbh the CallbackHandler (not used with GSSAPI)
|
| 59 | * @throws IOException If a network error occures while authenticating.
|
| 60 | */
|
| 61 | public void authenticate(String username, String host, CallbackHandler cbh) throws IOException, XMPPException {
|
| 62 | String[] mechanisms = { getName() };
|
| 63 | Map<String,String> props = new HashMap<String,String>();
|
| 64 | props.put(Sasl.SERVER_AUTH,"TRUE");
|
| 65 | sc = Sasl.createSaslClient(mechanisms, username, "xmpp", host, props, cbh);
|
| 66 | authenticate();
|
| 67 | }
|
| 68 |
|
| 69 | /**
|
| 70 | * Builds and sends the <tt>auth</tt> stanza to the server.
|
| 71 | * This overrides from the abstract class because the initial token
|
| 72 | * needed for GSSAPI is binary, and not safe to put in a string, thus
|
| 73 | * getAuthenticationText() cannot be used.
|
| 74 | *
|
| 75 | * @param username the username of the user being authenticated.
|
| 76 | * @param host the hostname where the user account resides.
|
| 77 | * @param password the password of the user (ignored for GSSAPI)
|
| 78 | * @throws IOException If a network error occures while authenticating.
|
| 79 | */
|
| 80 | public void authenticate(String username, String host, String password) throws IOException, XMPPException {
|
| 81 | String[] mechanisms = { getName() };
|
| 82 | Map<String,String> props = new HashMap<String, String>();
|
| 83 | props.put(Sasl.SERVER_AUTH,"TRUE");
|
| 84 | sc = Sasl.createSaslClient(mechanisms, username, "xmpp", host, props, this);
|
| 85 | authenticate();
|
| 86 | }
|
| 87 |
|
| 88 |
|
| 89 | }
|