001/** 002 * 003 * Copyright the original author or authors 004 * 005 * Licensed under the Apache License, Version 2.0 (the "License"); 006 * you may not use this file except in compliance with the License. 007 * You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017package org.jivesoftware.smack.sasl.javax; 018 019/** 020 * Implementation of the SASL EXTERNAL mechanism. 021 * 022 * To effectively use this mechanism, Java must be configured to properly 023 * supply a client SSL certificate (of some sort) to the server. It is up 024 * to the implementer to determine how to do this. Here is one method: 025 * 026 * Create a java keystore with your SSL certificate in it: 027 * keytool -genkey -alias username -dname "cn=username,ou=organizationalUnit,o=organizationalName,l=locality,s=state,c=country" 028 * 029 * Next, set the System Properties: 030 * <ul> 031 * <li>javax.net.ssl.keyStore to the location of the keyStore 032 * <li>javax.net.ssl.keyStorePassword to the password of the keyStore 033 * <li>javax.net.ssl.trustStore to the location of the trustStore 034 * <li>javax.net.ssl.trustStorePassword to the password of the trustStore 035 * </ul> 036 * 037 * Then, when the server requests or requires the client certificate, java will 038 * simply provide the one in the keyStore. 039 * 040 * Also worth noting is the EXTERNAL mechanism in Smack is not enabled by default. 041 * To enable it, the implementer will need to call SASLAuthentication.supportSASLMechanism("EXTERNAL"); 042 * 043 * @author Jay Kline 044 */ 045public class SASLExternalMechanism extends SASLJavaXMechanism { 046 047 public static final String NAME = EXTERNAL; 048 049 @Override 050 public boolean authzidSupported() { 051 return true; 052 } 053 054 @Override 055 public String getName() { 056 return EXTERNAL; 057 } 058 059 @Override 060 public int getPriority() { 061 return 500; 062 } 063 064 @Override 065 public SASLExternalMechanism newInstance() { 066 return new SASLExternalMechanism(); 067 } 068 069 @Override 070 public boolean requiresPassword() { 071 return false; 072 } 073}