public class SASLAuthentication extends Object
This class is responsible authenticating the user using SASL, binding the resource to the connection and establishing a session with the server.
Once TLS has been negotiated (i.e. the connection has been secured) it is possible to register with the server, authenticate using Non-SASL or authenticate using SASL. If the server supports SASL then Smack will first try to authenticate using SASL. But if that fails then Non-SASL will be tried.
The server may support many SASL mechanisms to use for authenticating. Out of the box
Smack provides several SASL mechanisms, but it is possible to register new SASL Mechanisms. Use
registerSASLMechanism(String, Class)
to register a new mechanisms. A registered
mechanism wont be used until supportSASLMechanism(String, int)
is called. By default,
the list of supported SASL mechanisms is determined from the SmackConfiguration
.
Once the user has been authenticated with SASL, it is necessary to bind a resource for
the connection. If no resource is passed in authenticate(String, String, String)
then the server will assign a resource for the connection. In case a resource is passed
then the server will receive the desired resource but may assign a modified resource for
the connection.
Once a resource has been binded and if the server supports sessions then Smack will establish a session so that instant messaging and presence functionalities may be used.
SASLMechanism
Modifier and Type | Method and Description |
---|---|
void |
authenticate(String resource,
CallbackHandler cbh)
Performs SASL authentication of the specified user.
|
void |
authenticate(String username,
String password,
String resource)
Performs SASL authentication of the specified user.
|
void |
authenticateAnonymously()
Performs ANONYMOUS SASL authentication.
|
void |
authenticated()
Notification message saying that SASL authentication was successful.
|
void |
authenticationFailed(SASLMechanism.SASLFailure saslFailure)
Notification message saying that SASL authentication has failed.
|
void |
challengeReceived(String challenge)
The server is challenging the SASL authentication we just sent.
|
static List<Class<? extends SASLMechanism>> |
getRegisterSASLMechanisms()
Returns the registerd SASLMechanism classes sorted by the level of preference.
|
boolean |
hasAnonymousAuthentication()
Returns true if the server offered ANONYMOUS SASL as a way to authenticate users.
|
boolean |
hasNonAnonymousAuthentication()
Returns true if the server offered SASL authentication besides ANONYMOUS SASL.
|
protected void |
init()
Initializes the internal state in order to be able to be reused.
|
boolean |
isAuthenticated()
Returns true if the user was able to authenticate with the server usins SASL.
|
static void |
registerSASLMechanism(String name,
Class<? extends SASLMechanism> mClass)
Registers a new SASL mechanism
|
void |
send(Packet stanza) |
void |
setAvailableSASLMethods(Collection<String> mechanisms)
Sets the available SASL mechanism reported by the server.
|
static void |
supportSASLMechanism(String name)
Registers a new SASL mechanism in the specified preference position.
|
static void |
supportSASLMechanism(String name,
int index)
Registers a new SASL mechanism in the specified preference position.
|
static void |
unregisterSASLMechanism(String name)
Unregisters an existing SASL mechanism.
|
static void |
unsupportSASLMechanism(String name)
Un-supports an existing SASL mechanism.
|
public static void registerSASLMechanism(String name, Class<? extends SASLMechanism> mClass)
name
- common name of the SASL mechanism. E.g.: PLAIN, DIGEST-MD5 or KERBEROS_V4.mClass
- a SASLMechanism subclass.public static void unregisterSASLMechanism(String name)
name
- common name of the SASL mechanism. E.g.: PLAIN, DIGEST-MD5 or KERBEROS_V4.public static void supportSASLMechanism(String name)
registerSASLMechanism(String, Class)
name
- common name of the SASL mechanism. E.g.: PLAIN, DIGEST-MD5 or KERBEROS_V4.public static void supportSASLMechanism(String name, int index)
registerSASLMechanism(String, Class)
name
- common name of the SASL mechanism. E.g.: PLAIN, DIGEST-MD5 or KERBEROS_V4.index
- preference position amongst all the implemented SASL mechanism. Starts with 0.public static void unsupportSASLMechanism(String name)
name
- common name of the SASL mechanism. E.g.: PLAIN, DIGEST-MD5 or KERBEROS_V4.public static List<Class<? extends SASLMechanism>> getRegisterSASLMechanisms()
public boolean hasAnonymousAuthentication()
public boolean hasNonAnonymousAuthentication()
public void authenticate(String resource, CallbackHandler cbh) throws IOException, SmackException.NoResponseException, XMPPException.XMPPErrorException, SASLErrorException, SmackException.ResourceBindingNotOfferedException, SmackException.NotConnectedException
The server may assign a full JID with a username or resource different than the requested by this method.
resource
- the desired resource.cbh
- the CallbackHandler used to get information from the userIOException
XMPPException.XMPPErrorException
SmackException.NoResponseException
SASLErrorException
SmackException.ResourceBindingNotOfferedException
SmackException.NotConnectedException
public void authenticate(String username, String password, String resource) throws XMPPException.XMPPErrorException, SASLErrorException, SaslException, IOException, SmackException
The server may assign a full JID with a username or resource different than the requested by this method.
username
- the username that is authenticating with the server.password
- the password to send to the server.resource
- the desired resource.XMPPException.XMPPErrorException
SASLErrorException
IOException
SaslException
SmackException
public void authenticateAnonymously() throws SASLErrorException, SaslException, IOException, SmackException, XMPPException.XMPPErrorException
The server will assign a full JID with a randomly generated resource and possibly with no username.
SASLErrorException
IOException
SaslException
XMPPException.XMPPErrorException
- if an error occures while authenticating.SmackException
- if there was no response from the server.public void setAvailableSASLMethods(Collection<String> mechanisms)
mechanisms
- collection of strings with the available SASL mechanism reported
by the server.public boolean isAuthenticated()
public void challengeReceived(String challenge) throws IOException, SmackException.NotConnectedException
challenge
- a base64 encoded string representing the challenge.IOException
- If a network error occures while authenticating.SmackException.NotConnectedException
public void authenticated()
public void authenticationFailed(SASLMechanism.SASLFailure saslFailure)
saslFailure
- the SASL failure as reported by the serverpublic void send(Packet stanza) throws SmackException.NotConnectedException
protected void init()