Search in sources :

Example 1 with SaslOutcome

use of org.apache.qpid.server.protocol.v1_0.type.security.SaslOutcome in project qpid-broker-j by apache.

the class SaslOutcome method toString.

@Override
public String toString() {
    StringBuilder builder = new StringBuilder("SaslOutcome{");
    final int origLength = builder.length();
    if (_code != null) {
        if (builder.length() != origLength) {
            builder.append(',');
        }
        builder.append("code=").append(_code);
    }
    if (_additionalData != null) {
        if (builder.length() != origLength) {
            builder.append(',');
        }
        builder.append("additionalData=").append(_additionalData);
    }
    builder.append('}');
    return builder.toString();
}
Also used : SASLEndpoint(org.apache.qpid.server.protocol.v1_0.SASLEndpoint)

Example 2 with SaslOutcome

use of org.apache.qpid.server.protocol.v1_0.type.security.SaslOutcome in project qpid-broker-j by apache.

the class SaslTest method saslSuccessfulAuthentication.

@Test
@SpecificationTest(section = "5.3.2", description = "SASL Negotiation [...] challenge/response step occurs zero times")
public void saslSuccessfulAuthentication() throws Exception {
    try (FrameTransport transport = new FrameTransport(getBrokerAdmin(), BrokerAdmin.PortType.AMQP).connect()) {
        final Interaction interaction = transport.newInteraction();
        final byte[] saslHeaderResponse = interaction.protocolHeader(SASL_AMQP_HEADER_BYTES).negotiateProtocol().consumeResponse().getLatestResponse(byte[].class);
        assertThat(saslHeaderResponse, is(equalTo(SASL_AMQP_HEADER_BYTES)));
        SaslMechanisms saslMechanismsResponse = interaction.consumeResponse().getLatestResponse(SaslMechanisms.class);
        assumeThat(Arrays.asList(saslMechanismsResponse.getSaslServerMechanisms()), hasItem(PLAIN));
        final Binary initialResponse = new Binary(String.format("\0%s\0%s", _username, _password).getBytes(StandardCharsets.US_ASCII));
        SaslOutcome saslOutcome = interaction.saslMechanism(PLAIN).saslInitialResponse(initialResponse).saslInit().consumeResponse().getLatestResponse(SaslOutcome.class);
        assertThat(saslOutcome.getCode(), equalTo(SaslCode.OK));
        final byte[] headerResponse = interaction.protocolHeader(AMQP_HEADER_BYTES).negotiateProtocol().consumeResponse().getLatestResponse(byte[].class);
        assertThat(headerResponse, is(equalTo(AMQP_HEADER_BYTES)));
        transport.assertNoMoreResponses();
    }
}
Also used : FrameTransport(org.apache.qpid.tests.protocol.v1_0.FrameTransport) SaslOutcome(org.apache.qpid.server.protocol.v1_0.type.security.SaslOutcome) Interaction(org.apache.qpid.tests.protocol.v1_0.Interaction) Binary(org.apache.qpid.server.protocol.v1_0.type.Binary) SaslMechanisms(org.apache.qpid.server.protocol.v1_0.type.security.SaslMechanisms) Test(org.junit.Test) SpecificationTest(org.apache.qpid.tests.protocol.SpecificationTest) SpecificationTest(org.apache.qpid.tests.protocol.SpecificationTest)

Example 3 with SaslOutcome

use of org.apache.qpid.server.protocol.v1_0.type.security.SaslOutcome in project qpid-broker-j by apache.

the class SaslTest method clientSendsSaslOutcome.

@Test
@SpecificationTest(section = "5.3.2", description = "SASL Negotiation")
public void clientSendsSaslOutcome() throws Exception {
    try (FrameTransport transport = new FrameTransport(getBrokerAdmin(), BrokerAdmin.PortType.AMQP).connect()) {
        SaslOutcome saslOutcome = new SaslOutcome();
        saslOutcome.setCode(SaslCode.OK);
        transport.newInteraction().protocolHeader(SASL_AMQP_HEADER_BYTES).negotiateProtocol().consumeResponse().consumeResponse(SaslMechanisms.class).sendPerformative(saslOutcome).sync();
        transport.assertNoMoreResponsesAndChannelClosed();
    }
}
Also used : FrameTransport(org.apache.qpid.tests.protocol.v1_0.FrameTransport) SaslOutcome(org.apache.qpid.server.protocol.v1_0.type.security.SaslOutcome) Test(org.junit.Test) SpecificationTest(org.apache.qpid.tests.protocol.SpecificationTest) SpecificationTest(org.apache.qpid.tests.protocol.SpecificationTest)

Example 4 with SaslOutcome

use of org.apache.qpid.server.protocol.v1_0.type.security.SaslOutcome in project qpid-broker-j by apache.

the class SaslTest method saslUnsuccessfulAuthentication.

@Test
@SpecificationTest(section = "5.3.2", description = "SASL Negotiation")
public void saslUnsuccessfulAuthentication() throws Exception {
    try (FrameTransport transport = new FrameTransport(getBrokerAdmin(), BrokerAdmin.PortType.AMQP).connect()) {
        final Interaction interaction = transport.newInteraction();
        final byte[] saslHeaderResponse = interaction.protocolHeader(SASL_AMQP_HEADER_BYTES).negotiateProtocol().consumeResponse().getLatestResponse(byte[].class);
        assertThat(saslHeaderResponse, is(equalTo(SASL_AMQP_HEADER_BYTES)));
        SaslMechanisms saslMechanismsResponse = interaction.consumeResponse().getLatestResponse(SaslMechanisms.class);
        assumeThat(Arrays.asList(saslMechanismsResponse.getSaslServerMechanisms()), hasItem(PLAIN));
        final Binary initialResponse = new Binary(String.format("\0%s\0badpassword", _username).getBytes(StandardCharsets.US_ASCII));
        SaslOutcome saslOutcome = interaction.saslMechanism(PLAIN).saslInitialResponse(initialResponse).saslInit().consumeResponse().getLatestResponse(SaslOutcome.class);
        assertThat(saslOutcome.getCode(), equalTo(SaslCode.AUTH));
        transport.assertNoMoreResponsesAndChannelClosed();
    }
}
Also used : FrameTransport(org.apache.qpid.tests.protocol.v1_0.FrameTransport) SaslOutcome(org.apache.qpid.server.protocol.v1_0.type.security.SaslOutcome) Interaction(org.apache.qpid.tests.protocol.v1_0.Interaction) Binary(org.apache.qpid.server.protocol.v1_0.type.Binary) SaslMechanisms(org.apache.qpid.server.protocol.v1_0.type.security.SaslMechanisms) Test(org.junit.Test) SpecificationTest(org.apache.qpid.tests.protocol.SpecificationTest) SpecificationTest(org.apache.qpid.tests.protocol.SpecificationTest)

Example 5 with SaslOutcome

use of org.apache.qpid.server.protocol.v1_0.type.security.SaslOutcome in project qpid-broker-j by apache.

the class AMQPConnection_1_0Impl method processSaslResponse.

private void processSaslResponse(final byte[] response) {
    byte[] challenge = null;
    SubjectAuthenticationResult authenticationResult = _successfulAuthenticationResult;
    if (authenticationResult == null) {
        authenticationResult = _subjectCreator.authenticate(_saslNegotiator, response != null ? response : new byte[0]);
        challenge = authenticationResult.getChallenge();
    }
    if (authenticationResult.getStatus() == AuthenticationResult.AuthenticationStatus.SUCCESS) {
        final boolean finalChallenge = challenge != null && challenge.length != 0;
        _successfulAuthenticationResult = authenticationResult;
        if (_sendSaslFinalChallengeAsChallenge && finalChallenge) {
            continueSaslNegotiation(challenge);
        } else {
            setSubject(_successfulAuthenticationResult.getSubject());
            SaslOutcome outcome = new SaslOutcome();
            outcome.setCode(SaslCode.OK);
            if (finalChallenge) {
                outcome.setAdditionalData(new Binary(challenge));
            }
            send(new SASLFrame(outcome));
            _saslComplete = true;
            _connectionState = ConnectionState.AWAIT_AMQP_HEADER;
            disposeSaslNegotiator();
        }
    } else if (authenticationResult.getStatus() == AuthenticationResult.AuthenticationStatus.CONTINUE) {
        continueSaslNegotiation(challenge);
    } else {
        handleSaslError();
    }
}
Also used : SaslOutcome(org.apache.qpid.server.protocol.v1_0.type.security.SaslOutcome) SASLFrame(org.apache.qpid.server.protocol.v1_0.framing.SASLFrame) Binary(org.apache.qpid.server.protocol.v1_0.type.Binary) SubjectAuthenticationResult(org.apache.qpid.server.security.auth.SubjectAuthenticationResult)

Aggregations

SaslOutcome (org.apache.qpid.server.protocol.v1_0.type.security.SaslOutcome)8 SpecificationTest (org.apache.qpid.tests.protocol.SpecificationTest)6 FrameTransport (org.apache.qpid.tests.protocol.v1_0.FrameTransport)6 Test (org.junit.Test)6 Binary (org.apache.qpid.server.protocol.v1_0.type.Binary)5 Interaction (org.apache.qpid.tests.protocol.v1_0.Interaction)5 SaslMechanisms (org.apache.qpid.server.protocol.v1_0.type.security.SaslMechanisms)4 SASLFrame (org.apache.qpid.server.protocol.v1_0.framing.SASLFrame)2 SASLEndpoint (org.apache.qpid.server.protocol.v1_0.SASLEndpoint)1 SaslChallenge (org.apache.qpid.server.protocol.v1_0.type.security.SaslChallenge)1 SubjectAuthenticationResult (org.apache.qpid.server.security.auth.SubjectAuthenticationResult)1