org.apache.qpid.server.security.auth.manager

Class KerberosAuthenticationManager

java.lang.Object

org.apache.qpid.server.model.AbstractConfiguredObject<T>

org.apache.qpid.server.security.auth.manager.AbstractAuthenticationManager<KerberosAuthenticationManager>

org.apache.qpid.server.security.auth.manager.KerberosAuthenticationManager

All Implemented Interfaces:

AuthenticationProvider<KerberosAuthenticationManager>, ConfiguredObject<KerberosAuthenticationManager>, ManagedInterface, PreferencesSupportingAuthenticationProvider

public class KerberosAuthenticationManager
extends AbstractAuthenticationManager<KerberosAuthenticationManager>
implements PreferencesSupportingAuthenticationProvider

Nested Class Summary

Nested classes/interfaces inherited from class org.apache.qpid.server.model.AbstractConfiguredObject

AbstractConfiguredObject.CallableWithArgument<V,A>, AbstractConfiguredObject.ChainedListenableFuture<V>, AbstractConfiguredObject.ChainedSettableFuture<V>, AbstractConfiguredObject.DuplicateIdException, AbstractConfiguredObject.DuplicateNameException

Field Summary

Fields

Modifier and Type	Field and Description
static String	PROVIDER_TYPE

Fields inherited from class org.apache.qpid.server.model.AbstractConfiguredObject

SECURED_STRING_VALUE

Fields inherited from interface org.apache.qpid.server.model.ConfiguredObject

CONTEXT, CREATED_BY, CREATED_TIME, DESCRIPTION, DESIRED_STATE, DURABLE, ID, LAST_UPDATED_BY, LAST_UPDATED_TIME, LIFETIME_POLICY, NAME, OVER_SIZED_ATTRIBUTE_ALTERNATIVE_TEXT, STATE, TYPE

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	KerberosAuthenticationManager(Map<String,Object> attributes, Broker broker)

Method Summary

Modifier and Type	Method and Description
AuthenticationResult	authenticate(SaslServer server, byte[] response) Authenticates a user using SASL negotiation.
SaslServer	createSaslServer(String mechanism, String localFQDN, Principal externalPrincipal) Creates a SASL server for the specified mechanism name for the given fully qualified domain name.
List<String>	getMechanisms() Gets the SASL mechanisms known to this manager.

Methods inherited from class org.apache.qpid.server.security.auth.manager.AbstractAuthenticationManager

activate, addChildAsync, doDelete, getBroker, getDisabledMechanisms, getPreferencesProvider, getSecureOnlyMechanisms, getSubjectCreator, getVirtualHostPortBindings, onOpen, onValidate, recoverUser, setPreferencesProvider, startQuiesced

Methods inherited from class org.apache.qpid.server.model.AbstractConfiguredObject

addChangeListener, applyToChildren, asObjectRecord, attainState, attributeSet, authoriseCreate, authoriseCreateChild, authoriseDelete, authoriseSetAttributes, beforeClose, changeAttribute, changeAttributes, childAdded, childRemoved, close, closeAsync, closeChildren, create, createAsync, createChild, createChildAsync, decryptSecrets, delete, deleteAsync, deleted, doAfter, doAfter, doAfter, doAfter, doAfter, doAfter, doAfterAlways, doAfterAlways, doCreation, doOnConfigThread, doOpening, doResolution, doSync, doSync, doValidation, findConfiguredObject, forceUpdateAllSecureAttributes, getActualAttributes, getAttainedChildById, getAttainedChildByName, getAttribute, getAttributeNames, getCategoryClass, getChildById, getChildByName, getChildExecutor, getChildren, getContext, getContextKeys, getContextValue, getContextValue, getCreatedBy, getCreatedTime, getDescription, getDesiredState, getId, getLastOpenedTime, getLastUpdatedBy, getLastUpdatedTime, getLifetimePolicy, getModel, getName, getObjectFactory, getParent, getSecurityManager, getState, getStatistics, getTaskExecutor, getType, getTypeClass, handleExceptionOnOpen, isDurable, managesChildStorage, notifyStateChanged, onClose, onCreate, onExceptionInOpen, onResolve, open, openAsync, parentsMap, postResolve, postResolveChildren, registerWithParents, removeChangeListener, rethrowRuntimeExceptionsOnOpen, runTask, setAttribute, setAttributes, setAttributesAsync, setEncrypter, setState, start, startAsync, stop, toString, validateChange, validateOnCreate

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface org.apache.qpid.server.model.PreferencesSupportingAuthenticationProvider

getPreferencesProvider, setPreferencesProvider

Methods inherited from interface org.apache.qpid.server.model.ConfiguredObject

addChangeListener, asObjectRecord, close, closeAsync, createChild, createChildAsync, decryptSecrets, delete, deleteAsync, findConfiguredObject, getActualAttributes, getAttainedChildById, getAttainedChildByName, getAttribute, getAttributeNames, getCategoryClass, getChildById, getChildByName, getChildExecutor, getChildren, getContext, getContextKeys, getContextValue, getContextValue, getCreatedBy, getCreatedTime, getDescription, getDesiredState, getId, getLastOpenedTime, getLastUpdatedBy, getLastUpdatedTime, getLifetimePolicy, getModel, getName, getObjectFactory, getParent, getState, getStatistics, getTaskExecutor, getType, getTypeClass, isDurable, managesChildStorage, open, openAsync, removeChangeListener, setAttribute, setAttributes, setAttributesAsync

Field Detail

PROVIDER_TYPE

public static final String PROVIDER_TYPE

See Also:

Constant Field Values

Constructor Detail

KerberosAuthenticationManager

protected KerberosAuthenticationManager(Map<String,Object> attributes,
                                        Broker broker)

Method Detail

getMechanisms

public List<String> getMechanisms()

Description copied from interface: AuthenticationProvider

Gets the SASL mechanisms known to this manager.

Specified by:

getMechanisms in interface AuthenticationProvider<KerberosAuthenticationManager>

Returns:

SASL mechanism names, space separated.

createSaslServer

public SaslServer createSaslServer(String mechanism,
                                   String localFQDN,
                                   Principal externalPrincipal)
                            throws SaslException

Description copied from interface: AuthenticationProvider

Creates a SASL server for the specified mechanism name for the given fully qualified domain name.

Specified by:

createSaslServer in interface AuthenticationProvider<KerberosAuthenticationManager>

Parameters:

mechanism - mechanism name

localFQDN - domain name

externalPrincipal - externally authenticated Principal

Returns:

SASL server

Throws:

SaslException

authenticate

public AuthenticationResult authenticate(SaslServer server,
                                         byte[] response)

Description copied from interface: AuthenticationProvider

Authenticates a user using SASL negotiation.

Specified by:

authenticate in interface AuthenticationProvider<KerberosAuthenticationManager>

Parameters:

server - SASL server

response - SASL response to process

Returns:

authentication result