use of org.apache.qpid.server.protocol.v1_0.type.security.SaslInit in project qpid-broker-j by apache.
the class Interaction method copySaslInit.
private SaslInit copySaslInit(final SaslInit saslInit) {
final SaslInit saslInitCopy = new SaslInit();
saslInitCopy.setMechanism(saslInit.getMechanism());
saslInitCopy.setInitialResponse(saslInit.getInitialResponse());
saslInitCopy.setHostname(saslInit.getHostname());
return saslInitCopy;
}
use of org.apache.qpid.server.protocol.v1_0.type.security.SaslInit in project qpid-broker-j by apache.
the class SaslTest method saslSuccessfulAuthenticationWithPipelinedFrames.
@Test
@SpecificationTest(section = "2.4.2", description = "For applications that use many short-lived connections," + " it MAY be desirable to pipeline the connection negotiation process." + " A peer MAY do this by starting to send subsequent frames before receiving" + " the partner’s connection header or open frame")
public void saslSuccessfulAuthenticationWithPipelinedFrames() throws Exception {
final InetSocketAddress addr = getBrokerAdmin().getBrokerAddress(BrokerAdmin.PortType.AMQP);
try (FrameTransport transport = new FrameTransport(addr, true).connect()) {
final Binary initialResponse = new Binary(String.format("\0%s\0%s", _username, _password).getBytes(StandardCharsets.US_ASCII));
final Interaction interaction = transport.newInteraction();
interaction.protocolHeader(SASL_AMQP_HEADER_BYTES).negotiateProtocol().saslMechanism(PLAIN).saslInitialResponse(initialResponse).saslInit().protocolHeader(AMQP_HEADER_BYTES).negotiateProtocol().openContainerId("testContainerId").open();
final byte[] saslHeaderResponse = interaction.consumeResponse().getLatestResponse(byte[].class);
assertThat(saslHeaderResponse, is(equalTo(SASL_AMQP_HEADER_BYTES)));
SaslMechanisms saslMechanismsResponse = interaction.consumeResponse().getLatestResponse(SaslMechanisms.class);
assertThat(Arrays.asList(saslMechanismsResponse.getSaslServerMechanisms()), hasItem(PLAIN));
SaslOutcome saslOutcome = interaction.consumeResponse().getLatestResponse(SaslOutcome.class);
assertThat(saslOutcome.getCode(), equalTo(SaslCode.OK));
final byte[] headerResponse = interaction.consumeResponse().getLatestResponse(byte[].class);
assertThat(headerResponse, is(equalTo(AMQP_HEADER_BYTES)));
interaction.consumeResponse().getLatestResponse(Open.class);
interaction.doCloseConnection();
}
}
use of org.apache.qpid.server.protocol.v1_0.type.security.SaslInit in project qpid-broker-j by apache.
the class SaslTest method saslSuccessfulAuthenticationWithChallengeResponse.
@Test
@SpecificationTest(section = "5.3.2", description = "SASL Negotiation [...] challenge/response step occurs once")
public void saslSuccessfulAuthenticationWithChallengeResponse() throws Exception {
final InetSocketAddress addr = getBrokerAdmin().getBrokerAddress(BrokerAdmin.PortType.AMQP);
try (FrameTransport transport = new FrameTransport(addr, true).connect()) {
final Interaction interaction = transport.newInteraction();
final byte[] saslHeaderResponse = interaction.protocolHeader(SASL_AMQP_HEADER_BYTES).negotiateProtocol().consumeResponse().getLatestResponse(byte[].class);
assertThat(saslHeaderResponse, is(equalTo(SASL_AMQP_HEADER_BYTES)));
SaslMechanisms saslMechanismsResponse = interaction.consumeResponse().getLatestResponse(SaslMechanisms.class);
assertThat(Arrays.asList(saslMechanismsResponse.getSaslServerMechanisms()), hasItem(CRAM_MD5));
SaslChallenge saslChallenge = interaction.saslMechanism(CRAM_MD5).saslInit().consumeResponse().getLatestResponse(SaslChallenge.class);
assertThat(saslChallenge.getChallenge(), is(notNullValue()));
byte[] response = generateCramMD5ClientResponse(_username, _password, saslChallenge.getChallenge().getArray());
final SaslOutcome saslOutcome = interaction.saslResponseResponse(new Binary(response)).saslResponse().consumeResponse().getLatestResponse(SaslOutcome.class);
assertThat(saslOutcome.getCode(), equalTo(SaslCode.OK));
final byte[] headerResponse = interaction.protocolHeader(AMQP_HEADER_BYTES).negotiateProtocol().consumeResponse().getLatestResponse(byte[].class);
assertThat(headerResponse, is(equalTo(AMQP_HEADER_BYTES)));
transport.assertNoMoreResponses();
}
}
use of org.apache.qpid.server.protocol.v1_0.type.security.SaslInit in project qpid-broker-j by apache.
the class SaslTest method unsupportedSaslMechanism.
@Test
@SpecificationTest(section = "5.3.2", description = "The partner MUST then choose one of the supported mechanisms and initiate a sasl exchange." + "If the selected mechanism is not supported by the receiving peer, it MUST close the connection " + "with the authentication-failure close-code.")
public void unsupportedSaslMechanism() throws Exception {
final InetSocketAddress addr = getBrokerAdmin().getBrokerAddress(BrokerAdmin.PortType.AMQP);
try (FrameTransport transport = new FrameTransport(addr, true).connect()) {
final Interaction interaction = transport.newInteraction();
final byte[] saslHeaderResponse = interaction.protocolHeader(SASL_AMQP_HEADER_BYTES).negotiateProtocol().consumeResponse().getLatestResponse(byte[].class);
assertThat(saslHeaderResponse, is(equalTo(SASL_AMQP_HEADER_BYTES)));
interaction.consumeResponse(SaslMechanisms.class);
SaslOutcome saslOutcome = interaction.saslMechanism(Symbol.getSymbol("NOT-A-MECHANISM")).saslInit().consumeResponse().getLatestResponse(SaslOutcome.class);
assertThat(saslOutcome.getCode(), equalTo(SaslCode.AUTH));
assertThat(saslOutcome.getAdditionalData(), is(nullValue()));
transport.assertNoMoreResponsesAndChannelClosed();
}
}
Aggregations