diff options
Diffstat (limited to 'java/client/src/main/java/org/apache/qpid/client/security')
13 files changed, 0 insertions, 1092 deletions
diff --git a/java/client/src/main/java/org/apache/qpid/client/security/AMQCallbackHandler.java b/java/client/src/main/java/org/apache/qpid/client/security/AMQCallbackHandler.java deleted file mode 100644 index fbca444208..0000000000 --- a/java/client/src/main/java/org/apache/qpid/client/security/AMQCallbackHandler.java +++ /dev/null @@ -1,30 +0,0 @@ -/* - * - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.qpid.client.security; - -import javax.security.auth.callback.CallbackHandler; - -import org.apache.qpid.client.protocol.AMQProtocolSession; - -public interface AMQCallbackHandler extends CallbackHandler -{ - void initialise(AMQProtocolSession protocolSession); -} diff --git a/java/client/src/main/java/org/apache/qpid/client/security/CallbackHandlerRegistry.java b/java/client/src/main/java/org/apache/qpid/client/security/CallbackHandlerRegistry.java deleted file mode 100644 index 140cbdeb75..0000000000 --- a/java/client/src/main/java/org/apache/qpid/client/security/CallbackHandlerRegistry.java +++ /dev/null @@ -1,231 +0,0 @@ -/* - * - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.qpid.client.security; - -import org.apache.qpid.util.FileUtils; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.io.IOException; -import java.io.InputStream; -import java.util.Enumeration; -import java.util.HashMap; -import java.util.Map; -import java.util.Properties; - -/** - * CallbackHandlerRegistry is a registry for call back handlers for user authentication and interaction during user - * authentication. It is capable of reading its configuration from a properties file containing call back handler - * implementing class names for different SASL mechanism names. Instantiating this registry also has the effect of - * configuring and registering the SASL client factory implementations using {@link DynamicSaslRegistrar}. - * - * <p/>The callback configuration should be specified in a properties file, refered to by the System property - * "amp.callbackhandler.properties". The format of the properties file is: - * - * <p/><pre> - * CallbackHanlder.mechanism=fully.qualified.class.name - * </pre> - * - * <p/>Where mechanism is an IANA-registered mechanism name and the fully qualified class name refers to a - * class that implements org.apache.qpid.client.security.AMQCallbackHanlder and provides a call back handler for the - * specified mechanism. - * - * <p><table id="crc"><caption>CRC Card</caption> - * <tr><th> Responsibilities <th> Collaborations - * <tr><td> Parse callback properties. - * <tr><td> Provide mapping from SASL mechanisms to callback implementations. - * </table> - */ -public class CallbackHandlerRegistry -{ - private static final Logger _logger = LoggerFactory.getLogger(CallbackHandlerRegistry.class); - - /** The name of the system property that holds the name of the callback handler properties file. */ - private static final String FILE_PROPERTY = "amq.callbackhandler.properties"; - - /** The default name of the callback handler properties resource. */ - public static final String DEFAULT_RESOURCE_NAME = "org/apache/qpid/client/security/CallbackHandlerRegistry.properties"; - - /** A static reference to the singleton instance of this registry. */ - private static CallbackHandlerRegistry _instance = new CallbackHandlerRegistry(); - - /** Holds a map from SASL mechanism names to call back handlers. */ - private Map<String, Class> _mechanismToHandlerClassMap = new HashMap<String, Class>(); - - /** Holds a space delimited list of mechanisms that callback handlers exist for. */ - private String _mechanisms; - - /** - * Gets the singleton instance of this registry. - * - * @return The singleton instance of this registry. - */ - public static CallbackHandlerRegistry getInstance() - { - return _instance; - } - - /** - * Gets the callback handler class for a given SASL mechanism name. - * - * @param mechanism The SASL mechanism name. - * - * @return The callback handler class for the mechanism, or null if none is configured for that mechanism. - */ - public Class getCallbackHandlerClass(String mechanism) - { - return (Class) _mechanismToHandlerClassMap.get(mechanism); - } - - /** - * Gets a space delimited list of supported SASL mechanisms. - * - * @return A space delimited list of supported SASL mechanisms. - */ - public String getMechanisms() - { - return _mechanisms; - } - - /** - * Creates the call back handler registry from its configuration resource or file. This also has the side effect - * of configuring and registering the SASL client factory implementations using {@link DynamicSaslRegistrar}. - */ - private CallbackHandlerRegistry() - { - // Register any configured SASL client factories. - DynamicSaslRegistrar.registerSaslProviders(); - - String filename = System.getProperty(FILE_PROPERTY); - InputStream is = - FileUtils.openFileOrDefaultResource(filename, DEFAULT_RESOURCE_NAME, - CallbackHandlerRegistry.class.getClassLoader()); - - try - { - Properties props = new Properties(); - props.load(is); - parseProperties(props); - _logger.info("Callback handlers available for SASL mechanisms: " + _mechanisms); - } - catch (IOException e) - { - _logger.error("Error reading properties: " + e, e); - } - finally - { - if (is != null) - { - try - { - is.close(); - - } - catch (IOException e) - { - _logger.error("Unable to close properties stream: " + e, e); - } - } - } - } - - /*private InputStream openPropertiesInputStream(String filename) - { - boolean useDefault = true; - InputStream is = null; - if (filename != null) - { - try - { - is = new BufferedInputStream(new FileInputStream(new File(filename))); - useDefault = false; - } - catch (FileNotFoundException e) - { - _logger.error("Unable to read from file " + filename + ": " + e, e); - } - } - - if (useDefault) - { - is = CallbackHandlerRegistry.class.getResourceAsStream(DEFAULT_RESOURCE_NAME); - } - - return is; - }*/ - - /** - * Scans the specified properties as a mapping from IANA registered SASL mechanism to call back handler - * implementations, that provide the necessary call back handling for obtaining user log in credentials - * during authentication for the specified mechanism, and builds a map from mechanism names to handler - * classes. - * - * @param props - */ - private void parseProperties(Properties props) - { - Enumeration e = props.propertyNames(); - while (e.hasMoreElements()) - { - String propertyName = (String) e.nextElement(); - int period = propertyName.indexOf("."); - if (period < 0) - { - _logger.warn("Unable to parse property " + propertyName + " when configuring SASL providers"); - - continue; - } - - String mechanism = propertyName.substring(period + 1); - String className = props.getProperty(propertyName); - Class clazz = null; - try - { - clazz = Class.forName(className); - if (!AMQCallbackHandler.class.isAssignableFrom(clazz)) - { - _logger.warn("SASL provider " + clazz + " does not implement " + AMQCallbackHandler.class - + ". Skipping"); - - continue; - } - - _mechanismToHandlerClassMap.put(mechanism, clazz); - if (_mechanisms == null) - { - _mechanisms = mechanism; - } - else - { - // one time cost - _mechanisms = _mechanisms + " " + mechanism; - } - } - catch (ClassNotFoundException ex) - { - _logger.warn("Unable to load class " + className + ". Skipping that SASL provider"); - - continue; - } - } - } -} diff --git a/java/client/src/main/java/org/apache/qpid/client/security/CallbackHandlerRegistry.properties b/java/client/src/main/java/org/apache/qpid/client/security/CallbackHandlerRegistry.properties deleted file mode 100644 index 1fcfde3579..0000000000 --- a/java/client/src/main/java/org/apache/qpid/client/security/CallbackHandlerRegistry.properties +++ /dev/null @@ -1,22 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -# -CallbackHandler.CRAM-MD5-HASHED=org.apache.qpid.client.security.UsernameHashedPasswordCallbackHandler -CallbackHandler.CRAM-MD5=org.apache.qpid.client.security.UsernamePasswordCallbackHandler -CallbackHandler.AMQPLAIN=org.apache.qpid.client.security.UsernamePasswordCallbackHandler -CallbackHandler.PLAIN=org.apache.qpid.client.security.UsernamePasswordCallbackHandler diff --git a/java/client/src/main/java/org/apache/qpid/client/security/DynamicSaslRegistrar.java b/java/client/src/main/java/org/apache/qpid/client/security/DynamicSaslRegistrar.java deleted file mode 100644 index 2b4261b4b7..0000000000 --- a/java/client/src/main/java/org/apache/qpid/client/security/DynamicSaslRegistrar.java +++ /dev/null @@ -1,210 +0,0 @@ -/* - * - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.qpid.client.security; - -import org.apache.qpid.util.FileUtils; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import javax.security.sasl.SaslClientFactory; - -import java.io.IOException; -import java.io.InputStream; -import java.security.Security; -import java.util.Enumeration; -import java.util.Map; -import java.util.Properties; -import java.util.TreeMap; - -/** - * DynamicSaslRegistrar provides a collection of helper methods for reading a configuration file that contains a mapping - * from SASL mechanism names to implementing client factory class names and registering a security provider with the - * Java runtime system, that uses the configured client factory implementations. - * - * <p/>The sasl configuration should be specified in a properties file, refered to by the System property - * "amp.dynamicsaslregistrar.properties". The format of the properties file is: - * - * <p/><pre> - * mechanism=fully.qualified.class.name - * </pre> - * - * <p/>Where mechanism is an IANA-registered mechanism name and the fully qualified class name refers to a class that - * implements javax.security.sasl.SaslClientFactory and provides the specified mechanism. - * - * <p><table id="crc"><caption>CRC Card</caption> <tr><th> Responsibilities <th> Collaborations <tr><td> Parse SASL - * mechanism properties. <tr><td> Create and register security provider for SASL mechanisms. </table> - */ -public class DynamicSaslRegistrar -{ - private static final Logger _logger = LoggerFactory.getLogger(DynamicSaslRegistrar.class); - - /** The name of the system property that holds the name of the SASL configuration properties. */ - private static final String FILE_PROPERTY = "amq.dynamicsaslregistrar.properties"; - - /** The default name of the SASL properties file resource. */ - public static final String DEFAULT_RESOURCE_NAME = "org/apache/qpid/client/security/DynamicSaslRegistrar.properties"; - - /** Reads the properties file, and creates a dynamic security provider to register the SASL implementations with. */ - public static void registerSaslProviders() - { - _logger.debug("public static void registerSaslProviders(): called"); - - // Open the SASL properties file, using the default name is one is not specified. - String filename = System.getProperty(FILE_PROPERTY); - InputStream is = - FileUtils.openFileOrDefaultResource(filename, DEFAULT_RESOURCE_NAME, - DynamicSaslRegistrar.class.getClassLoader()); - - try - { - Properties props = new Properties(); - props.load(is); - - _logger.debug("props = " + props); - - Map<String, Class<? extends SaslClientFactory>> factories = parseProperties(props); - - if (factories.size() > 0) - { - // Ensure we are used before the defaults - if (Security.insertProviderAt(new JCAProvider(factories), 1) == -1) - { - _logger.error("Unable to load custom SASL providers."); - } - else - { - _logger.info("Additional SASL providers successfully registered."); - } - } - else - { - _logger.warn("No additional SASL providers registered."); - } - } - catch (IOException e) - { - _logger.error("Error reading properties: " + e, e); - } - finally - { - if (is != null) - { - try - { - is.close(); - - } - catch (IOException e) - { - _logger.error("Unable to close properties stream: " + e, e); - } - } - } - } - - /** - * Either attempts to open the specified filename as an input stream, or uses the default SASL configuration - * resource. - * - * @param filename The name of the file to get the SASL properties from, null to use the default. - * - * @return An input stream to read the dynamic SASL configuration from, or null if one could not be opened. - */ - /*private static InputStream openPropertiesInputStream(String filename) - { - InputStream is = null; - - // Flag to indicate whether the default resource should be used. By default this is true, so that the default - // is used when opening the file fails. - boolean useDefault = true; - - // Try to open the file if one was specified. - if (filename != null) - { - try - { - is = new BufferedInputStream(new FileInputStream(new File(filename))); - - // Clear the default flag because the file was succesfully opened. - useDefault = false; - } - catch (FileNotFoundException e) - { - _logger.error("Unable to read from file " + filename + ": " + e, e); - } - } - - // Load the default resource if a file was not specified, or if opening the file failed. - if (useDefault) - { - is = CallbackHandlerRegistry.class.getResourceAsStream(DEFAULT_RESOURCE_NAME); - } - - return is; - }*/ - - /** - * Parses the specified properties as a mapping from IANA registered SASL mechanism names to implementing client - * factories. If the client factories cannot be instantiated or do not implement SaslClientFactory then the - * properties refering to them are ignored. - * - * @param props The properties to scan for Sasl client factory implementations. - * - * @return A map from SASL mechanism names to implementing client factory classes. - * - * @todo Why tree map here? Do really want mechanisms in alphabetical order? Seems more likely that the declared - * order of the mechanisms is intended to be preserved, so that they are registered in the declared order of - * preference. Consider LinkedHashMap instead. - */ - private static Map<String, Class<? extends SaslClientFactory>> parseProperties(Properties props) - { - Enumeration e = props.propertyNames(); - - TreeMap<String, Class<? extends SaslClientFactory>> factoriesToRegister = - new TreeMap<String, Class<? extends SaslClientFactory>>(); - - while (e.hasMoreElements()) - { - String mechanism = (String) e.nextElement(); - String className = props.getProperty(mechanism); - try - { - Class<?> clazz = Class.forName(className); - if (!(SaslClientFactory.class.isAssignableFrom(clazz))) - { - _logger.error("Class " + clazz + " does not implement " + SaslClientFactory.class + " - skipping"); - - continue; - } - - _logger.debug("Registering class "+ clazz.getName() +" for mechanism "+mechanism); - factoriesToRegister.put(mechanism, (Class<? extends SaslClientFactory>) clazz); - } - catch (Exception ex) - { - _logger.error("Error instantiating SaslClientFactory calss " + className + " - skipping"); - } - } - - return factoriesToRegister; - } -} diff --git a/java/client/src/main/java/org/apache/qpid/client/security/DynamicSaslRegistrar.properties b/java/client/src/main/java/org/apache/qpid/client/security/DynamicSaslRegistrar.properties deleted file mode 100644 index b903208927..0000000000 --- a/java/client/src/main/java/org/apache/qpid/client/security/DynamicSaslRegistrar.properties +++ /dev/null @@ -1,21 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -# -AMQPLAIN=org.apache.qpid.client.security.amqplain.AmqPlainSaslClientFactory -CRAM-MD5-HASHED=org.apache.qpid.client.security.crammd5hashed.CRAMMD5HashedSaslClientFactory -ANONYMOUS=org.apache.qpid.client.security.anonymous.AnonymousSaslClientFactory diff --git a/java/client/src/main/java/org/apache/qpid/client/security/JCAProvider.java b/java/client/src/main/java/org/apache/qpid/client/security/JCAProvider.java deleted file mode 100644 index 828d26ed0d..0000000000 --- a/java/client/src/main/java/org/apache/qpid/client/security/JCAProvider.java +++ /dev/null @@ -1,72 +0,0 @@ -/* - * - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.qpid.client.security; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import javax.security.sasl.SaslClientFactory; - -import java.security.Provider; -import java.security.Security; -import java.util.Map; - -/** - * JCAProvider is a security provider for SASL client factories that is configured from a map of SASL mechanism names - * to client factories implementation class names. It is intended that the map of client factories can be read from a - * configuration file or other application configuration mechanism. - * - * <p><table id="crc"><caption>CRC Card</caption> - * <tr><th> Responsibilities <th> Collaborations - * <tr><td> Register SASL mechanism implementations. - * </table> - */ -public class JCAProvider extends Provider -{ - private static final Logger log = LoggerFactory.getLogger(JCAProvider.class); - - /** - * Creates the security provider with a map from SASL mechanisms to implementing factories. - * - * @param providerMap The map from SASL mechanims to implementing factory classes. - */ - public JCAProvider(Map<String, Class<? extends SaslClientFactory>> providerMap) - { - super("AMQSASLProvider-Client", 1.0, "A JCA provider that registers all " - + "AMQ SASL providers that want to be registered"); - register(providerMap); -// Security.addProvider(this); - } - - /** - * Registers client factory classes for a map of mechanism names to client factory classes. - * - * @param providerMap The map from SASL mechanims to implementing factory classes. - */ - private void register(Map<String, Class<? extends SaslClientFactory>> providerMap) - { - for (Map.Entry<String, Class<? extends SaslClientFactory>> me : providerMap.entrySet()) - { - put( "SaslClientFactory."+me.getKey(), me.getValue().getName()); - log.debug("Registered SASL Client factory for " + me.getKey() + " as " + me.getValue().getName()); - } - } -} diff --git a/java/client/src/main/java/org/apache/qpid/client/security/UsernameHashedPasswordCallbackHandler.java b/java/client/src/main/java/org/apache/qpid/client/security/UsernameHashedPasswordCallbackHandler.java deleted file mode 100644 index 66176dac3c..0000000000 --- a/java/client/src/main/java/org/apache/qpid/client/security/UsernameHashedPasswordCallbackHandler.java +++ /dev/null @@ -1,102 +0,0 @@ -/* - * - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.qpid.client.security; - -import org.apache.qpid.client.protocol.AMQProtocolSession; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import javax.security.auth.callback.Callback; -import javax.security.auth.callback.NameCallback; -import javax.security.auth.callback.PasswordCallback; -import javax.security.auth.callback.UnsupportedCallbackException; - -import java.io.IOException; -import java.io.UnsupportedEncodingException; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; - -public class UsernameHashedPasswordCallbackHandler implements AMQCallbackHandler -{ - private static final Logger _logger = LoggerFactory.getLogger(UsernameHashedPasswordCallbackHandler.class); - - private AMQProtocolSession _protocolSession; - - public void initialise(AMQProtocolSession protocolSession) - { - _protocolSession = protocolSession; - } - - public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException - { - for (int i = 0; i < callbacks.length; i++) - { - Callback cb = callbacks[i]; - if (cb instanceof NameCallback) - { - ((NameCallback) cb).setName(_protocolSession.getUsername()); - } - else if (cb instanceof PasswordCallback) - { - try - { - ((PasswordCallback) cb).setPassword(getHash(_protocolSession.getPassword())); - } - catch (NoSuchAlgorithmException e) - { - UnsupportedCallbackException uce = new UnsupportedCallbackException(cb); - uce.initCause(e); - throw uce; - } - } - else - { - throw new UnsupportedCallbackException(cb); - } - } - } - - private char[] getHash(String text) throws NoSuchAlgorithmException, UnsupportedEncodingException - { - - byte[] data = text.getBytes("utf-8"); - - MessageDigest md = MessageDigest.getInstance("MD5"); - - for (byte b : data) - { - md.update(b); - } - - byte[] digest = md.digest(); - - char[] hash = new char[digest.length]; - - int index = 0; - for (byte b : digest) - { - hash[index++] = (char) b; - } - - return hash; - } -} diff --git a/java/client/src/main/java/org/apache/qpid/client/security/UsernamePasswordCallbackHandler.java b/java/client/src/main/java/org/apache/qpid/client/security/UsernamePasswordCallbackHandler.java deleted file mode 100644 index c50c62710f..0000000000 --- a/java/client/src/main/java/org/apache/qpid/client/security/UsernamePasswordCallbackHandler.java +++ /dev/null @@ -1,60 +0,0 @@ -/* - * - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.qpid.client.security; - -import java.io.IOException; - -import javax.security.auth.callback.Callback; -import javax.security.auth.callback.NameCallback; -import javax.security.auth.callback.PasswordCallback; -import javax.security.auth.callback.UnsupportedCallbackException; - -import org.apache.qpid.client.protocol.AMQProtocolSession; - -public class UsernamePasswordCallbackHandler implements AMQCallbackHandler -{ - private AMQProtocolSession _protocolSession; - - public void initialise(AMQProtocolSession protocolSession) - { - _protocolSession = protocolSession; - } - - public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException - { - for (int i = 0; i < callbacks.length; i++) - { - Callback cb = callbacks[i]; - if (cb instanceof NameCallback) - { - ((NameCallback)cb).setName(_protocolSession.getUsername()); - } - else if (cb instanceof PasswordCallback) - { - ((PasswordCallback)cb).setPassword(_protocolSession.getPassword().toCharArray()); - } - else - { - throw new UnsupportedCallbackException(cb); - } - } - } -} diff --git a/java/client/src/main/java/org/apache/qpid/client/security/amqplain/AmqPlainSaslClient.java b/java/client/src/main/java/org/apache/qpid/client/security/amqplain/AmqPlainSaslClient.java deleted file mode 100644 index f8a25c630c..0000000000 --- a/java/client/src/main/java/org/apache/qpid/client/security/amqplain/AmqPlainSaslClient.java +++ /dev/null @@ -1,105 +0,0 @@ -/* - * - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.qpid.client.security.amqplain; - -import javax.security.auth.callback.Callback; -import javax.security.auth.callback.CallbackHandler; -import javax.security.auth.callback.NameCallback; -import javax.security.auth.callback.PasswordCallback; -import javax.security.sasl.SaslClient; -import javax.security.sasl.SaslException; - -import org.apache.qpid.framing.FieldTable; -import org.apache.qpid.framing.FieldTableFactory; - -/** - * Implements the "AMQPlain" authentication protocol that uses FieldTables to send username and pwd. - * - */ -public class AmqPlainSaslClient implements SaslClient -{ - /** - * The name of this mechanism - */ - public static final String MECHANISM = "AMQPLAIN"; - - private CallbackHandler _cbh; - - public AmqPlainSaslClient(CallbackHandler cbh) - { - _cbh = cbh; - } - - public String getMechanismName() - { - return "AMQPLAIN"; - } - - public boolean hasInitialResponse() - { - return true; - } - - public byte[] evaluateChallenge(byte[] challenge) throws SaslException - { - // we do not care about the prompt or the default name - NameCallback nameCallback = new NameCallback("prompt", "defaultName"); - PasswordCallback pwdCallback = new PasswordCallback("prompt", false); - Callback[] callbacks = new Callback[]{nameCallback, pwdCallback}; - try - { - _cbh.handle(callbacks); - } - catch (Exception e) - { - throw new SaslException("Error handling SASL callbacks: " + e, e); - } - FieldTable table = FieldTableFactory.newFieldTable(); - table.setString("LOGIN", nameCallback.getName()); - table.setString("PASSWORD", new String(pwdCallback.getPassword())); - return table.getDataAsBytes(); - } - - public boolean isComplete() - { - return true; - } - - public byte[] unwrap(byte[] incoming, int offset, int len) throws SaslException - { - throw new SaslException("Not supported"); - } - - public byte[] wrap(byte[] outgoing, int offset, int len) throws SaslException - { - throw new SaslException("Not supported"); - } - - public Object getNegotiatedProperty(String propName) - { - return null; - } - - public void dispose() throws SaslException - { - _cbh = null; - } -} diff --git a/java/client/src/main/java/org/apache/qpid/client/security/amqplain/AmqPlainSaslClientFactory.java b/java/client/src/main/java/org/apache/qpid/client/security/amqplain/AmqPlainSaslClientFactory.java deleted file mode 100644 index 30cc786890..0000000000 --- a/java/client/src/main/java/org/apache/qpid/client/security/amqplain/AmqPlainSaslClientFactory.java +++ /dev/null @@ -1,63 +0,0 @@ -/* - * - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.qpid.client.security.amqplain; - -import java.util.Map; - -import javax.security.auth.callback.CallbackHandler; -import javax.security.sasl.Sasl; -import javax.security.sasl.SaslClient; -import javax.security.sasl.SaslClientFactory; -import javax.security.sasl.SaslException; - -public class AmqPlainSaslClientFactory implements SaslClientFactory -{ - public SaslClient createSaslClient(String[] mechanisms, String authorizationId, String protocol, String serverName, Map props, CallbackHandler cbh) throws SaslException - { - for (int i = 0; i < mechanisms.length; i++) - { - if (mechanisms[i].equals(AmqPlainSaslClient.MECHANISM)) - { - if (cbh == null) - { - throw new SaslException("CallbackHandler must not be null"); - } - return new AmqPlainSaslClient(cbh); - } - } - return null; - } - - public String[] getMechanismNames(Map props) - { - if (props.containsKey(Sasl.POLICY_NOPLAINTEXT) || - props.containsKey(Sasl.POLICY_NODICTIONARY) || - props.containsKey(Sasl.POLICY_NOACTIVE)) - { - // returned array must be non null according to interface documentation - return new String[0]; - } - else - { - return new String[]{AmqPlainSaslClient.MECHANISM}; - } - } -} diff --git a/java/client/src/main/java/org/apache/qpid/client/security/anonymous/AnonymousSaslClient.java b/java/client/src/main/java/org/apache/qpid/client/security/anonymous/AnonymousSaslClient.java deleted file mode 100644 index 0f56b2ef6c..0000000000 --- a/java/client/src/main/java/org/apache/qpid/client/security/anonymous/AnonymousSaslClient.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.qpid.client.security.anonymous; - -import javax.security.sasl.SaslClient; -import javax.security.sasl.SaslException; - -public class AnonymousSaslClient implements SaslClient -{ - public String getMechanismName() { - return "ANONYMOUS"; - } - public boolean hasInitialResponse() { - return true; - } - public byte[] evaluateChallenge(byte[] challenge) throws SaslException { - return new byte[0]; - } - public boolean isComplete() { - return true; - } - public byte[] unwrap(byte[] incoming, int offset, int len) throws SaslException - { - throw new IllegalStateException("No security layer supported"); - } - public byte[] wrap(byte[] outgoing, int offset, int len) throws SaslException - { - throw new IllegalStateException("No security layer supported"); - } - public Object getNegotiatedProperty(String propName) { - return null; - } - public void dispose() throws SaslException {} -} diff --git a/java/client/src/main/java/org/apache/qpid/client/security/anonymous/AnonymousSaslClientFactory.java b/java/client/src/main/java/org/apache/qpid/client/security/anonymous/AnonymousSaslClientFactory.java deleted file mode 100644 index de698f87c6..0000000000 --- a/java/client/src/main/java/org/apache/qpid/client/security/anonymous/AnonymousSaslClientFactory.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.qpid.client.security.anonymous; - -import java.util.Arrays; -import java.util.Map; - -import javax.security.sasl.Sasl; -import javax.security.sasl.SaslClient; -import javax.security.sasl.SaslClientFactory; -import javax.security.sasl.SaslException; -import javax.security.auth.callback.CallbackHandler; - -public class AnonymousSaslClientFactory implements SaslClientFactory -{ - public SaslClient createSaslClient(String[] mechanisms, String authId, - String protocol, String server, - Map props, CallbackHandler cbh) throws SaslException - { - if (Arrays.asList(mechanisms).contains("ANONYMOUS")) { - return new AnonymousSaslClient(); - } else { - return null; - } - } - public String[] getMechanismNames(Map props) - { - if (props == null || props.isEmpty()) { - return new String[]{"ANONYMOUS"}; - } else { - return new String[0]; - } - } -} diff --git a/java/client/src/main/java/org/apache/qpid/client/security/crammd5hashed/CRAMMD5HashedSaslClientFactory.java b/java/client/src/main/java/org/apache/qpid/client/security/crammd5hashed/CRAMMD5HashedSaslClientFactory.java deleted file mode 100644 index 22bb1ac156..0000000000 --- a/java/client/src/main/java/org/apache/qpid/client/security/crammd5hashed/CRAMMD5HashedSaslClientFactory.java +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - * - */ -package org.apache.qpid.client.security.crammd5hashed; - -import org.apache.qpid.client.security.amqplain.AmqPlainSaslClient; - -import javax.security.sasl.SaslClientFactory; -import javax.security.sasl.SaslClient; -import javax.security.sasl.SaslException; -import javax.security.sasl.Sasl; -import javax.security.auth.callback.CallbackHandler; -import java.util.Map; -import java.security.Security; - -public class CRAMMD5HashedSaslClientFactory implements SaslClientFactory -{ - /** The name of this mechanism */ - public static final String MECHANISM = "CRAM-MD5-HASHED"; - - - public SaslClient createSaslClient(String[] mechanisms, String authorizationId, String protocol, String serverName, Map<String, ?> props, CallbackHandler cbh) throws SaslException - { - for (int i = 0; i < mechanisms.length; i++) - { - if (mechanisms[i].equals(MECHANISM)) - { - if (cbh == null) - { - throw new SaslException("CallbackHandler must not be null"); - } - - String[] mechs = {"CRAM-MD5"}; - return Sasl.createSaslClient(mechs, authorizationId, protocol, serverName, props, cbh); - } - } - return null; - } - - public String[] getMechanismNames(Map props) - { - if (props != null) - { - if (props.containsKey(Sasl.POLICY_NOPLAINTEXT) || - props.containsKey(Sasl.POLICY_NODICTIONARY) || - props.containsKey(Sasl.POLICY_NOACTIVE)) - { - // returned array must be non null according to interface documentation - return new String[0]; - } - } - - return new String[]{MECHANISM}; - } -} |