Frames | No Frames |
1: /* SaslClientFactory.java 2: Copyright (C) 2003, 2005, Free Software Foundation, Inc. 3: 4: This file is part of GNU Classpath. 5: 6: GNU Classpath is free software; you can redistribute it and/or modify 7: it under the terms of the GNU General Public License as published by 8: the Free Software Foundation; either version 2, or (at your option) 9: any later version. 10: 11: GNU Classpath is distributed in the hope that it will be useful, but 12: WITHOUT ANY WARRANTY; without even the implied warranty of 13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14: General Public License for more details. 15: 16: You should have received a copy of the GNU General Public License 17: along with GNU Classpath; see the file COPYING. If not, write to the 18: Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 19: 02110-1301 USA. 20: 21: Linking this library statically or dynamically with other modules is 22: making a combined work based on this library. Thus, the terms and 23: conditions of the GNU General Public License cover the whole 24: combination. 25: 26: As a special exception, the copyright holders of this library give you 27: permission to link this library with independent modules to produce an 28: executable, regardless of the license terms of these independent 29: modules, and to copy and distribute the resulting executable under 30: terms of your choice, provided that you also meet, for each linked 31: independent module, the terms and conditions of the license of that 32: module. An independent module is a module which is not derived from 33: or based on this library. If you modify this library, you may extend 34: this exception to your version of the library, but you are not 35: obligated to do so. If you do not wish to do so, delete this 36: exception statement from your version. */ 37: 38: 39: package javax.security.sasl; 40: 41: import java.util.Map; 42: 43: import javax.security.auth.callback.CallbackHandler; 44: 45: /** 46: * <p>An interface for creating instances of {@link SaslClient}. A class that 47: * implements this interface must be thread-safe and handle multiple 48: * simultaneous requests. It must also have a public constructor that accepts 49: * no arguments.</p> 50: * 51: * <p>This interface is not normally accessed directly by a client, which will 52: * use the {@link Sasl} static methods to create a client instance instead. 53: * However, a particular environment may provide and install a new or different 54: * <code>SaslClientFactory</code>.</p> 55: * 56: * @see SaslClient 57: * @see Sasl 58: * 59: * @since 1.5 60: */ 61: public interface SaslClientFactory 62: { 63: 64: /** 65: * Creates a {@link SaslClient} using the parameters supplied. 66: * 67: * @param mechanisms the non-null list of mechanism names to try. Each is the 68: * IANA-registered name of a SASL mechanism (e.g. "GSSAPI", "CRAM-MD5"). 69: * @param authorizationID the possibly null protocol-dependent identification 70: * to be used for authorization. If <code>null</code> or empty, the server 71: * derives an authorization ID from the client's authentication credentials. 72: * When the SASL authentication completes successfully, the specified entity 73: * is granted access. 74: * @param protocol the non-null string name of the protocol for which the 75: * authentication is being performed (e.g. "ldap"). 76: * @param serverName the non-null fully qualified host name of the server to 77: * authenticate to. 78: * @param props the possibly <code>null</code> set of properties used to 79: * select the SASL mechanism and to configure the authentication exchange of 80: * the selected mechanism. See the {@link Sasl} class for a list of standard 81: * properties. Other, possibly mechanism-specific, properties can be included. 82: * Properties not relevant to the selected mechanism are ignored. 83: * @param cbh the possibly <code>null</code> callback handler to used by the 84: * SASL mechanisms to get further information from the application/library to 85: * complete the authentication. For example, a SASL mechanism might require 86: * the authentication ID, password and realm from the caller. The 87: * authentication ID is requested by using a 88: * {@link javax.security.auth.callback.NameCallback}. The password is 89: * requested by using a {@link javax.security.auth.callback.PasswordCallback}. 90: * The realm is requested by using a {@link RealmChoiceCallback} if there is 91: * a list of realms to choose from, and by using a {@link RealmCallback} if 92: * the realm must be entered. 93: * @return a possibly <code>null</code> {@link SaslClient} created using the 94: * parameters supplied. If <code>null</code>, this factory cannot produce a 95: * {@link SaslClient} using the parameters supplied. 96: * @throws SaslException if a {@link SaslClient} instance cannot be created 97: * because of an error. 98: */ 99: SaslClient createSaslClient(String[] mechanisms, String authorizationID, 100: String protocol, String serverName, 101: Map<String, ?> props, CallbackHandler cbh) 102: throws SaslException; 103: 104: /** 105: * Returns an array of names of mechanisms that match the specified mechanism 106: * selection policies. 107: * 108: * @param props the possibly <code>null</code> set of properties used to 109: * specify the security policy of the SASL mechanisms. For example, if props 110: * contains the {@link Sasl#POLICY_NOPLAINTEXT} property with the value 111: * <code>"true"</code>, then the factory must not return any SASL mechanisms 112: * that are susceptible to simple plain passive attacks. See the {@link Sasl} 113: * class for a complete list of policy properties. Non-policy related 114: * properties, if present in props, are ignored. 115: * @return a non-null array containing IANA-registered SASL mechanism names. 116: */ 117: String[] getMechanismNames(Map<String, ?> props); 118: }