Examples with SaslOutcome org.apache.qpid.server.protocol.v1_0.type.security.SaslOutcome used on opensource projects

Example 6 with SaslOutcome

use of org.apache.qpid.server.protocol.v1_0.type.security.SaslOutcome in project qpid-broker-j by apache.

the class AMQPConnection_1_0Impl method handleSaslError.

private void handleSaslError() {
    SaslOutcome outcome = new SaslOutcome();
    outcome.setCode(SaslCode.AUTH);
    send(new SASLFrame(outcome), null);
    _saslComplete = true;
    closeSaslWithFailure();
}

Example 7 with SaslOutcome

use of org.apache.qpid.server.protocol.v1_0.type.security.SaslOutcome in project qpid-broker-j by apache.

the class SaslTest method saslSuccessfulAuthenticationWithPipelinedFrames.

@Test
@SpecificationTest(section = "2.4.2", description = "For applications that use many short-lived connections," + " it MAY be desirable to pipeline the connection negotiation process." + " A peer MAY do this by starting to send subsequent frames before receiving" + " the partner’s connection header or open frame")
public void saslSuccessfulAuthenticationWithPipelinedFrames() throws Exception {
    final InetSocketAddress addr = getBrokerAdmin().getBrokerAddress(BrokerAdmin.PortType.AMQP);
    try (FrameTransport transport = new FrameTransport(addr, true).connect()) {
        final Binary initialResponse = new Binary(String.format("\0%s\0%s", _username, _password).getBytes(StandardCharsets.US_ASCII));
        final Interaction interaction = transport.newInteraction();
        interaction.protocolHeader(SASL_AMQP_HEADER_BYTES).negotiateProtocol().saslMechanism(PLAIN).saslInitialResponse(initialResponse).saslInit().protocolHeader(AMQP_HEADER_BYTES).negotiateProtocol().openContainerId("testContainerId").open();
        final byte[] saslHeaderResponse = interaction.consumeResponse().getLatestResponse(byte[].class);
        assertThat(saslHeaderResponse, is(equalTo(SASL_AMQP_HEADER_BYTES)));
        SaslMechanisms saslMechanismsResponse = interaction.consumeResponse().getLatestResponse(SaslMechanisms.class);
        assertThat(Arrays.asList(saslMechanismsResponse.getSaslServerMechanisms()), hasItem(PLAIN));
        SaslOutcome saslOutcome = interaction.consumeResponse().getLatestResponse(SaslOutcome.class);
        assertThat(saslOutcome.getCode(), equalTo(SaslCode.OK));
        final byte[] headerResponse = interaction.consumeResponse().getLatestResponse(byte[].class);
        assertThat(headerResponse, is(equalTo(AMQP_HEADER_BYTES)));
        interaction.consumeResponse().getLatestResponse(Open.class);
        interaction.doCloseConnection();
    }
}

Example 8 with SaslOutcome

use of org.apache.qpid.server.protocol.v1_0.type.security.SaslOutcome in project qpid-broker-j by apache.

the class SaslTest method saslSuccessfulAuthenticationWithChallengeResponse.

@Test
@SpecificationTest(section = "5.3.2", description = "SASL Negotiation [...] challenge/response step occurs once")
public void saslSuccessfulAuthenticationWithChallengeResponse() throws Exception {
    final InetSocketAddress addr = getBrokerAdmin().getBrokerAddress(BrokerAdmin.PortType.AMQP);
    try (FrameTransport transport = new FrameTransport(addr, true).connect()) {
        final Interaction interaction = transport.newInteraction();
        final byte[] saslHeaderResponse = interaction.protocolHeader(SASL_AMQP_HEADER_BYTES).negotiateProtocol().consumeResponse().getLatestResponse(byte[].class);
        assertThat(saslHeaderResponse, is(equalTo(SASL_AMQP_HEADER_BYTES)));
        SaslMechanisms saslMechanismsResponse = interaction.consumeResponse().getLatestResponse(SaslMechanisms.class);
        assertThat(Arrays.asList(saslMechanismsResponse.getSaslServerMechanisms()), hasItem(CRAM_MD5));
        SaslChallenge saslChallenge = interaction.saslMechanism(CRAM_MD5).saslInit().consumeResponse().getLatestResponse(SaslChallenge.class);
        assertThat(saslChallenge.getChallenge(), is(notNullValue()));
        byte[] response = generateCramMD5ClientResponse(_username, _password, saslChallenge.getChallenge().getArray());
        final SaslOutcome saslOutcome = interaction.saslResponseResponse(new Binary(response)).saslResponse().consumeResponse().getLatestResponse(SaslOutcome.class);
        assertThat(saslOutcome.getCode(), equalTo(SaslCode.OK));
        final byte[] headerResponse = interaction.protocolHeader(AMQP_HEADER_BYTES).negotiateProtocol().consumeResponse().getLatestResponse(byte[].class);
        assertThat(headerResponse, is(equalTo(AMQP_HEADER_BYTES)));
        transport.assertNoMoreResponses();
    }
}

Example 9 with SaslOutcome

use of org.apache.qpid.server.protocol.v1_0.type.security.SaslOutcome in project qpid-broker-j by apache.

the class SaslTest method unsupportedSaslMechanism.

@Test
@SpecificationTest(section = "5.3.2", description = "The partner MUST then choose one of the supported mechanisms and initiate a sasl exchange." + "If the selected mechanism is not supported by the receiving peer, it MUST close the connection " + "with the authentication-failure close-code.")
public void unsupportedSaslMechanism() throws Exception {
    final InetSocketAddress addr = getBrokerAdmin().getBrokerAddress(BrokerAdmin.PortType.AMQP);
    try (FrameTransport transport = new FrameTransport(addr, true).connect()) {
        final Interaction interaction = transport.newInteraction();
        final byte[] saslHeaderResponse = interaction.protocolHeader(SASL_AMQP_HEADER_BYTES).negotiateProtocol().consumeResponse().getLatestResponse(byte[].class);
        assertThat(saslHeaderResponse, is(equalTo(SASL_AMQP_HEADER_BYTES)));
        interaction.consumeResponse(SaslMechanisms.class);
        SaslOutcome saslOutcome = interaction.saslMechanism(Symbol.getSymbol("NOT-A-MECHANISM")).saslInit().consumeResponse().getLatestResponse(SaslOutcome.class);
        assertThat(saslOutcome.getCode(), equalTo(SaslCode.AUTH));
        assertThat(saslOutcome.getAdditionalData(), is(nullValue()));
        transport.assertNoMoreResponsesAndChannelClosed();
    }
}