J. Duke | 319a3b9 | 2007-12-01 00:00:00 +0000 | [diff] [blame^] | 1 | /* |
| 2 | * Copyright 2000-2006 Sun Microsystems, Inc. All Rights Reserved. |
| 3 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| 4 | * |
| 5 | * This code is free software; you can redistribute it and/or modify it |
| 6 | * under the terms of the GNU General Public License version 2 only, as |
| 7 | * published by the Free Software Foundation. Sun designates this |
| 8 | * particular file as subject to the "Classpath" exception as provided |
| 9 | * by Sun in the LICENSE file that accompanied this code. |
| 10 | * |
| 11 | * This code is distributed in the hope that it will be useful, but WITHOUT |
| 12 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| 13 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| 14 | * version 2 for more details (a copy is included in the LICENSE file that |
| 15 | * accompanied this code). |
| 16 | * |
| 17 | * You should have received a copy of the GNU General Public License version |
| 18 | * 2 along with this work; if not, write to the Free Software Foundation, |
| 19 | * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| 20 | * |
| 21 | * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, |
| 22 | * CA 95054 USA or visit www.sun.com if you need additional information or |
| 23 | * have any questions. |
| 24 | */ |
| 25 | |
| 26 | package javax.security.sasl; |
| 27 | |
| 28 | import java.util.Map; |
| 29 | import javax.security.auth.callback.CallbackHandler; |
| 30 | |
| 31 | /** |
| 32 | * An interface for creating instances of <tt>SaslServer</tt>. |
| 33 | * A class that implements this interface |
| 34 | * must be thread-safe and handle multiple simultaneous |
| 35 | * requests. It must also have a public constructor that accepts no |
| 36 | * argument. |
| 37 | *<p> |
| 38 | * This interface is not normally accessed directly by a server, which will use the |
| 39 | * <tt>Sasl</tt> static methods |
| 40 | * instead. However, a particular environment may provide and install a |
| 41 | * new or different <tt>SaslServerFactory</tt>. |
| 42 | * |
| 43 | * @since 1.5 |
| 44 | * |
| 45 | * @see SaslServer |
| 46 | * @see Sasl |
| 47 | * |
| 48 | * @author Rosanna Lee |
| 49 | * @author Rob Weltman |
| 50 | */ |
| 51 | public abstract interface SaslServerFactory { |
| 52 | /** |
| 53 | * Creates a <tt>SaslServer</tt> using the parameters supplied. |
| 54 | * It returns null |
| 55 | * if no <tt>SaslServer</tt> can be created using the parameters supplied. |
| 56 | * Throws <tt>SaslException</tt> if it cannot create a <tt>SaslServer</tt> |
| 57 | * because of an error. |
| 58 | * |
| 59 | * @param mechanism The non-null |
| 60 | * IANA-registered name of a SASL mechanism. (e.g. "GSSAPI", "CRAM-MD5"). |
| 61 | * @param protocol The non-null string name of the protocol for which |
| 62 | * the authentication is being performed (e.g., "ldap"). |
| 63 | * @param serverName The non-null fully qualified host name of the server |
| 64 | * to authenticate to. |
| 65 | * @param props The possibly null set of properties used to select the SASL |
| 66 | * mechanism and to configure the authentication exchange of the selected |
| 67 | * mechanism. See the <tt>Sasl</tt> class for a list of standard properties. |
| 68 | * Other, possibly mechanism-specific, properties can be included. |
| 69 | * Properties not relevant to the selected mechanism are ignored, |
| 70 | * including any map entries with non-String keys. |
| 71 | * |
| 72 | * @param cbh The possibly null callback handler to used by the SASL |
| 73 | * mechanisms to get further information from the application/library |
| 74 | * to complete the authentication. For example, a SASL mechanism might |
| 75 | * require the authentication ID, password and realm from the caller. |
| 76 | * The authentication ID is requested by using a <tt>NameCallback</tt>. |
| 77 | * The password is requested by using a <tt>PasswordCallback</tt>. |
| 78 | * The realm is requested by using a <tt>RealmChoiceCallback</tt> if there is a list |
| 79 | * of realms to choose from, and by using a <tt>RealmCallback</tt> if |
| 80 | * the realm must be entered. |
| 81 | * |
| 82 | *@return A possibly null <tt>SaslServer</tt> created using the parameters |
| 83 | * supplied. If null, this factory cannot produce a <tt>SaslServer</tt> |
| 84 | * using the parameters supplied. |
| 85 | *@exception SaslException If cannot create a <tt>SaslServer</tt> because |
| 86 | * of an error. |
| 87 | */ |
| 88 | public abstract SaslServer createSaslServer( |
| 89 | String mechanism, |
| 90 | String protocol, |
| 91 | String serverName, |
| 92 | Map<String,?> props, |
| 93 | CallbackHandler cbh) throws SaslException; |
| 94 | |
| 95 | /** |
| 96 | * Returns an array of names of mechanisms that match the specified |
| 97 | * mechanism selection policies. |
| 98 | * @param props The possibly null set of properties used to specify the |
| 99 | * security policy of the SASL mechanisms. For example, if <tt>props</tt> |
| 100 | * contains the <tt>Sasl.POLICY_NOPLAINTEXT</tt> property with the value |
| 101 | * <tt>"true"</tt>, then the factory must not return any SASL mechanisms |
| 102 | * that are susceptible to simple plain passive attacks. |
| 103 | * See the <tt>Sasl</tt> class for a complete list of policy properties. |
| 104 | * Non-policy related properties, if present in <tt>props</tt>, are ignored, |
| 105 | * including any map entries with non-String keys. |
| 106 | * @return A non-null array containing a IANA-registered SASL mechanism names. |
| 107 | */ |
| 108 | public abstract String[] getMechanismNames(Map<String,?> props); |
| 109 | } |