summaryrefslogtreecommitdiff
path: root/java/broker/src/main/java/org/apache/qpid/server/security/auth/sasl/plain/PlainSaslServer.java
diff options
context:
space:
mode:
Diffstat (limited to 'java/broker/src/main/java/org/apache/qpid/server/security/auth/sasl/plain/PlainSaslServer.java')
-rw-r--r--java/broker/src/main/java/org/apache/qpid/server/security/auth/sasl/plain/PlainSaslServer.java63
1 files changed, 36 insertions, 27 deletions
diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/sasl/plain/PlainSaslServer.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/sasl/plain/PlainSaslServer.java
index c1f306dce9..a811806c00 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/sasl/plain/PlainSaslServer.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/sasl/plain/PlainSaslServer.java
@@ -51,56 +51,65 @@ public class PlainSaslServer implements SaslServer
public byte[] evaluateResponse(byte[] response) throws SaslException
{
- try
+ int authzidNullPosition = findNullPosition(response, 0);
+ if (authzidNullPosition < 0)
{
- int authzidNullPosition = findNullPosition(response, 0);
- if (authzidNullPosition < 0)
- {
- throw new SaslException("Invalid PLAIN encoding, authzid null terminator not found");
- }
- int authcidNullPosition = findNullPosition(response, authzidNullPosition + 1);
- if (authcidNullPosition < 0)
- {
- throw new SaslException("Invalid PLAIN encoding, authcid null terminator not found");
- }
+ throw new SaslException("Invalid PLAIN encoding, authzid null terminator not found");
+ }
+ int authcidNullPosition = findNullPosition(response, authzidNullPosition + 1);
+ if (authcidNullPosition < 0)
+ {
+ throw new SaslException("Invalid PLAIN encoding, authcid null terminator not found");
+ }
+
+ PlainPasswordCallback passwordCb;
+ AuthorizeCallback authzCb;
+ try
+ {
// we do not currently support authcid in any meaningful way
String authzid = new String(response, authzidNullPosition + 1, authcidNullPosition - authzidNullPosition - 1, "utf8");
// TODO: should not get pwd as a String but as a char array...
int passwordLen = response.length - authcidNullPosition - 1;
String pwd = new String(response, authcidNullPosition + 1, passwordLen, "utf8");
-
+
// we do not care about the prompt but it throws if null
NameCallback nameCb = new NameCallback("prompt", authzid);
- PlainPasswordCallback passwordCb = new PlainPasswordCallback("prompt", false, pwd);
- AuthorizeCallback authzCb = new AuthorizeCallback(authzid, authzid);
+ passwordCb = new PlainPasswordCallback("prompt", false, pwd);
+ authzCb = new AuthorizeCallback(authzid, authzid);
Callback[] callbacks = new Callback[]{nameCb, passwordCb, authzCb};
_cbh.handle(callbacks);
- if (passwordCb.isAuthenticated())
- {
- _complete = true;
- }
- if (authzCb.isAuthorized() && _complete)
- {
- _authorizationId = authzCb.getAuthenticationID();
- return null;
- }
- else
- {
- throw new SaslException("Authentication failed");
- }
}
catch (IOException e)
{
+ if(e instanceof SaslException)
+ {
+ throw (SaslException) e;
+ }
throw new SaslException("Error processing data: " + e, e);
}
catch (UnsupportedCallbackException e)
{
throw new SaslException("Unable to obtain data from callback handler: " + e, e);
}
+
+ if (passwordCb.isAuthenticated())
+ {
+ _complete = true;
+ }
+
+ if (authzCb.isAuthorized() && _complete)
+ {
+ _authorizationId = authzCb.getAuthenticationID();
+ return null;
+ }
+ else
+ {
+ throw new SaslException("Authentication failed");
+ }
}
View Lorry Controller Status