Package org.apache.thrift.transport

Class TSaslServerTransport

  • All Implemented Interfaces:
    java.io.Closeable, java.lang.AutoCloseable
    public class TSaslServerTransport
extends TEndpointTransport
    Wraps another Thrift TTransport, but performs SASL server negotiation on the call to open(). This class will wrap ensuing communication over it, if a SASL QOP is negotiated with the other party.

    • Constructor Detail

      • TSaslServerTransport

        public TSaslServerTransport​(TTransport transport)
                     throws TTransportException
        Uses the given underlying transport. Assumes that addServerDefinition is called later.
        Parameters:
        transport - Transport underlying this one.
        Throws:
        TTransportException

      • TSaslServerTransport

        public TSaslServerTransport​(java.lang.String mechanism,
                            java.lang.String protocol,
                            java.lang.String serverName,
                            java.util.Map<java.lang.String,​java.lang.String> props,
                            javax.security.auth.callback.CallbackHandler cbh,
                            TTransport transport)
                     throws TTransportException
        Creates a SaslServer using the given SASL-specific parameters. See the Java documentation for Sasl.createSaslServer for the details of the parameters.
        Parameters:
        transport - The underlying Thrift transport.
        Throws:
        TTransportException

    • Method Detail

      • addServerDefinition

        public void addServerDefinition​(java.lang.String mechanism,
                                java.lang.String protocol,
                                java.lang.String serverName,
                                java.util.Map<java.lang.String,​java.lang.String> props,
                                javax.security.auth.callback.CallbackHandler cbh)
        Add a supported server definition to this transport. See the Java documentation for Sasl.createSaslServer for the details of the parameters.

      • getRole

        protected org.apache.thrift.transport.TSaslTransport.SaslRole getRole()

      • handleSaslStartMessage

        protected void handleSaslStartMessage()
                               throws TTransportException,
                                      javax.security.sasl.SaslException
        Performs the server side of the initial portion of the Thrift SASL protocol. Receives the initial response from the client, creates a SASL server using the mechanism requested by the client (if this server supports it), and sends the first challenge back to the client.
        Throws:
        TTransportException
        javax.security.sasl.SaslException

      • setSaslServer

        protected void setSaslServer​(javax.security.sasl.SaslServer saslServer)

      • sendSaslMessage

        protected void sendSaslMessage​(NegotiationStatus status,
                               byte[] payload)
                        throws TTransportException
        Send a complete Thrift SASL message.
        Parameters:
        status - The status to send.
        payload - The data to send as the payload of this message.
        Throws:
        TTransportException

      • receiveSaslMessage

        protected org.apache.thrift.transport.TSaslTransport.SaslResponse receiveSaslMessage()
                                                                              throws TTransportException
        Read a complete Thrift SASL message.
        Returns:
        The SASL status and payload from this message.
        Throws:
        TTransportException - Thrown if there is a failure reading from the underlying transport, or if a status code of BAD or ERROR is encountered.

      • sendAndThrowMessage

        protected TTransportException sendAndThrowMessage​(NegotiationStatus status,
                                                  java.lang.String message)
                                           throws TTransportException
        Send a Thrift SASL message with the given status (usually BAD or ERROR) and string message, and then throw a TTransportException with the given message.
        Parameters:
        status - The Thrift SASL status code to send. Usually BAD or ERROR.
        message - The optional message to send to the other side.
        Returns:
        always throws TTransportException but declares return type to allow throw sendAndThrowMessage(...) to inform compiler control flow
        Throws:
        TTransportException - Always thrown with the message provided.

      • open

        public void open()
          throws TTransportException
        Opens the underlying transport if it's not already open and then performs SASL negotiation. If a QOP is negotiated during this SASL handshake, it used for all communication on this transport after this call is complete.
        Specified by:
        open in class TTransport
        Throws:
        TTransportException - if the transport could not be opened

      • getSaslClient

        public javax.security.sasl.SaslClient getSaslClient()
        Get the underlying SaslClient.
        Returns:
        The SaslClient, or null if this transport is backed by a SaslServer.

      • getUnderlyingTransport

        public TTransport getUnderlyingTransport()
        Get the underlying transport that Sasl is using.
        Returns:
        The TTransport transport

      • getSaslServer

        public javax.security.sasl.SaslServer getSaslServer()
        Get the underlying SaslServer.
        Returns:
        The SaslServer, or null if this transport is backed by a SaslClient.

      • readLength

        protected int readLength()
                  throws TTransportException
        Read a 4-byte word from the underlying transport and interpret it as an integer.
        Returns:
        The length prefix of the next SASL message to read.
        Throws:
        TTransportException - Thrown if reading from the underlying transport fails.

      • writeLength

        protected void writeLength​(int length)
                    throws TTransportException
        Write the given integer as 4 bytes to the underlying transport.
        Parameters:
        length - The length prefix of the next SASL message to write.
        Throws:
        TTransportException - Thrown if writing to the underlying transport fails.

      • close

        public void close()
        Closes the underlying transport and disposes of the SASL implementation underlying this transport.
        Specified by:
        close in interface java.lang.AutoCloseable
        Specified by:
        close in interface java.io.Closeable
        Specified by:
        close in class TTransport

      • isOpen

        public boolean isOpen()
        True if the underlying transport is open and the SASL handshake is complete.
        Specified by:
        isOpen in class TTransport
        Returns:
        True if the transport is open.

      • read

        public int read​(byte[] buf,
                int off,
                int len)
         throws TTransportException
        Read from the underlying transport. Unwraps the contents if a QOP was negotiated during the SASL handshake.
        Specified by:
        read in class TTransport
        Parameters:
        buf - Array to read into
        off - Index to start reading at
        len - Maximum number of bytes to read
        Returns:
        The number of bytes actually read
        Throws:
        TTransportException - if there was an error reading data

      • write

        public void write​(byte[] buf,
                  int off,
                  int len)
           throws TTransportException
        Write to the underlying transport.
        Specified by:
        write in class TTransport
        Parameters:
        buf - The output data buffer
        off - The offset to start writing from
        len - The number of bytes to write
        Throws:
        TTransportException - if there was an error writing data

      • flush

        public void flush()
           throws TTransportException
        Flushes to the underlying transport. Wraps the contents if a QOP was negotiated during the SASL handshake.
        Overrides:
        flush in class TTransport
        Throws:
        TTransportException - if there was an error writing out data.