public static interface IAuthenticator.SaslNegotiator
SaslServer| Modifier and Type | Method and Description |
|---|---|
byte[] |
evaluateResponse(byte[] clientResponse)
Evaluates the client response data and generates a byte[] reply which may be a further challenge or purely
informational in the case that the negotiation is completed on this round.
|
AuthenticatedUser |
getAuthenticatedUser()
Following a sucessful negotiation, get the AuthenticatedUser representing the logged in subject.
|
boolean |
isComplete()
Called after each invocation of
evaluateResponse(byte[]) to determine whether the authentication has
completed successfully or should be continued. |
byte[] evaluateResponse(byte[] clientResponse)
throws AuthenticationException
AuthResponse is received
from a client. After it is called, isComplete() is checked to determine whether the negotiation has
finished. If so, an AuthenticatedUser is obtained by calling getAuthenticatedUser() and that user
associated with the active connection and the byte[] sent back to the client via an
AuthSuccess message. If the negotiation is not yet complete,
the byte[] is returned to the client as a further challenge in an
AuthChallenge message. This continues until the negotiation
does complete or an error is encountered.clientResponse - The non-null (but possibly empty) response sent by the clientAuthenticationException - see SaslServer.evaluateResponse(byte[])boolean isComplete()
evaluateResponse(byte[]) to determine whether the authentication has
completed successfully or should be continued.SaslServer.isComplete()AuthenticatedUser getAuthenticatedUser() throws AuthenticationException
isComplete() returns true.
Should never return null - always throw AuthenticationException instead.
Returning AuthenticatedUser.ANONYMOUS_USER is an option if authentication is not required.AuthenticationExceptionCopyright © 2016 The Apache Software Foundation