use of org.apache.qpid.server.protocol.v1_0.type.security.SaslOutcome in project qpid-broker-j by apache.
the class SaslOutcome method toString.
@Override
public String toString() {
StringBuilder builder = new StringBuilder("SaslOutcome{");
final int origLength = builder.length();
if (_code != null) {
if (builder.length() != origLength) {
builder.append(',');
}
builder.append("code=").append(_code);
}
if (_additionalData != null) {
if (builder.length() != origLength) {
builder.append(',');
}
builder.append("additionalData=").append(_additionalData);
}
builder.append('}');
return builder.toString();
}
use of org.apache.qpid.server.protocol.v1_0.type.security.SaslOutcome in project qpid-broker-j by apache.
the class SaslTest method saslSuccessfulAuthentication.
@Test
@SpecificationTest(section = "5.3.2", description = "SASL Negotiation [...] challenge/response step occurs zero times")
public void saslSuccessfulAuthentication() throws Exception {
try (FrameTransport transport = new FrameTransport(getBrokerAdmin(), BrokerAdmin.PortType.AMQP).connect()) {
final Interaction interaction = transport.newInteraction();
final byte[] saslHeaderResponse = interaction.protocolHeader(SASL_AMQP_HEADER_BYTES).negotiateProtocol().consumeResponse().getLatestResponse(byte[].class);
assertThat(saslHeaderResponse, is(equalTo(SASL_AMQP_HEADER_BYTES)));
SaslMechanisms saslMechanismsResponse = interaction.consumeResponse().getLatestResponse(SaslMechanisms.class);
assumeThat(Arrays.asList(saslMechanismsResponse.getSaslServerMechanisms()), hasItem(PLAIN));
final Binary initialResponse = new Binary(String.format("\0%s\0%s", _username, _password).getBytes(StandardCharsets.US_ASCII));
SaslOutcome saslOutcome = interaction.saslMechanism(PLAIN).saslInitialResponse(initialResponse).saslInit().consumeResponse().getLatestResponse(SaslOutcome.class);
assertThat(saslOutcome.getCode(), equalTo(SaslCode.OK));
final byte[] headerResponse = interaction.protocolHeader(AMQP_HEADER_BYTES).negotiateProtocol().consumeResponse().getLatestResponse(byte[].class);
assertThat(headerResponse, is(equalTo(AMQP_HEADER_BYTES)));
transport.assertNoMoreResponses();
}
}
use of org.apache.qpid.server.protocol.v1_0.type.security.SaslOutcome in project qpid-broker-j by apache.
the class SaslTest method clientSendsSaslOutcome.
@Test
@SpecificationTest(section = "5.3.2", description = "SASL Negotiation")
public void clientSendsSaslOutcome() throws Exception {
try (FrameTransport transport = new FrameTransport(getBrokerAdmin(), BrokerAdmin.PortType.AMQP).connect()) {
SaslOutcome saslOutcome = new SaslOutcome();
saslOutcome.setCode(SaslCode.OK);
transport.newInteraction().protocolHeader(SASL_AMQP_HEADER_BYTES).negotiateProtocol().consumeResponse().consumeResponse(SaslMechanisms.class).sendPerformative(saslOutcome).sync();
transport.assertNoMoreResponsesAndChannelClosed();
}
}
use of org.apache.qpid.server.protocol.v1_0.type.security.SaslOutcome in project qpid-broker-j by apache.
the class SaslTest method saslUnsuccessfulAuthentication.
@Test
@SpecificationTest(section = "5.3.2", description = "SASL Negotiation")
public void saslUnsuccessfulAuthentication() throws Exception {
try (FrameTransport transport = new FrameTransport(getBrokerAdmin(), BrokerAdmin.PortType.AMQP).connect()) {
final Interaction interaction = transport.newInteraction();
final byte[] saslHeaderResponse = interaction.protocolHeader(SASL_AMQP_HEADER_BYTES).negotiateProtocol().consumeResponse().getLatestResponse(byte[].class);
assertThat(saslHeaderResponse, is(equalTo(SASL_AMQP_HEADER_BYTES)));
SaslMechanisms saslMechanismsResponse = interaction.consumeResponse().getLatestResponse(SaslMechanisms.class);
assumeThat(Arrays.asList(saslMechanismsResponse.getSaslServerMechanisms()), hasItem(PLAIN));
final Binary initialResponse = new Binary(String.format("\0%s\0badpassword", _username).getBytes(StandardCharsets.US_ASCII));
SaslOutcome saslOutcome = interaction.saslMechanism(PLAIN).saslInitialResponse(initialResponse).saslInit().consumeResponse().getLatestResponse(SaslOutcome.class);
assertThat(saslOutcome.getCode(), equalTo(SaslCode.AUTH));
transport.assertNoMoreResponsesAndChannelClosed();
}
}
use of org.apache.qpid.server.protocol.v1_0.type.security.SaslOutcome in project qpid-broker-j by apache.
the class AMQPConnection_1_0Impl method processSaslResponse.
private void processSaslResponse(final byte[] response) {
byte[] challenge = null;
SubjectAuthenticationResult authenticationResult = _successfulAuthenticationResult;
if (authenticationResult == null) {
authenticationResult = _subjectCreator.authenticate(_saslNegotiator, response != null ? response : new byte[0]);
challenge = authenticationResult.getChallenge();
}
if (authenticationResult.getStatus() == AuthenticationResult.AuthenticationStatus.SUCCESS) {
final boolean finalChallenge = challenge != null && challenge.length != 0;
_successfulAuthenticationResult = authenticationResult;
if (_sendSaslFinalChallengeAsChallenge && finalChallenge) {
continueSaslNegotiation(challenge);
} else {
setSubject(_successfulAuthenticationResult.getSubject());
SaslOutcome outcome = new SaslOutcome();
outcome.setCode(SaslCode.OK);
if (finalChallenge) {
outcome.setAdditionalData(new Binary(challenge));
}
send(new SASLFrame(outcome));
_saslComplete = true;
_connectionState = ConnectionState.AWAIT_AMQP_HEADER;
disposeSaslNegotiator();
}
} else if (authenticationResult.getStatus() == AuthenticationResult.AuthenticationStatus.CONTINUE) {
continueSaslNegotiation(challenge);
} else {
handleSaslError();
}
}
Aggregations