SASLExternalMechanism.java

  1. /**
  2.  *
  3.  * Copyright the original author or authors
  4.  *
  5.  * Licensed under the Apache License, Version 2.0 (the "License");
  6.  * you may not use this file except in compliance with the License.
  7.  * You may obtain a copy of the License at
  8.  *
  9.  *     http://www.apache.org/licenses/LICENSE-2.0
  10.  *
  11.  * Unless required by applicable law or agreed to in writing, software
  12.  * distributed under the License is distributed on an "AS IS" BASIS,
  13.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  14.  * See the License for the specific language governing permissions and
  15.  * limitations under the License.
  16.  */
  17. package org.jivesoftware.smack.sasl.javax;

  18. /**
  19.  * Implementation of the SASL EXTERNAL mechanism.
  20.  *
  21.  * To effectively use this mechanism, Java must be configured to properly
  22.  * supply a client SSL certificate (of some sort) to the server. It is up
  23.  * to the implementer to determine how to do this.  Here is one method:
  24.  *
  25.  * Create a java keystore with your SSL certificate in it:
  26.  * keytool -genkey -alias username -dname "cn=username,ou=organizationalUnit,o=organizationalName,l=locality,s=state,c=country"
  27.  *
  28.  * Next, set the System Properties:
  29.  *  <ul>
  30.  *  <li>javax.net.ssl.keyStore to the location of the keyStore
  31.  *  <li>javax.net.ssl.keyStorePassword to the password of the keyStore
  32.  *  <li>javax.net.ssl.trustStore to the location of the trustStore
  33.  *  <li>javax.net.ssl.trustStorePassword to the password of the trustStore
  34.  *  </ul>
  35.  *
  36.  * Then, when the server requests or requires the client certificate, java will
  37.  * simply provide the one in the keyStore.
  38.  *
  39.  * Also worth noting is the EXTERNAL mechanism in Smack is not enabled by default.
  40.  * To enable it, the implementer will need to call SASLAuthentication.supportSASLMechanism("EXTERNAL");
  41.  *
  42.  * @author Jay Kline
  43.  */
  44. public class SASLExternalMechanism extends SASLJavaXMechanism  {

  45.     public static final String NAME = EXTERNAL;

  46.     @Override
  47.     public boolean authzidSupported() {
  48.       return true;
  49.     }

  50.     @Override
  51.     public String getName() {
  52.         return EXTERNAL;
  53.     }

  54.     @Override
  55.     public int getPriority() {
  56.         return 500;
  57.     }

  58.     @Override
  59.     public SASLExternalMechanism newInstance() {
  60.         return new SASLExternalMechanism();
  61.     }

  62.     @Override
  63.     public boolean requiresPassword() {
  64.         return false;
  65.     }
  66. }