Class JiveSharedSecretSaslServer

  • All Implemented Interfaces:
    SaslServer

    public class JiveSharedSecretSaslServer
    extends Object
    implements SaslServer
    Implementation of a proprietary Jive Software SASL mechanism that is based on a shared secret. Successful authentication will result in an anonymous authorization.
    Author:
    Guus der Kinderen, guus@goodbytes.nl
    • Constructor Detail

      • JiveSharedSecretSaslServer

        public JiveSharedSecretSaslServer()
    • Method Detail

      • authenticateSharedSecret

        public static boolean authenticateSharedSecret​(String digest)
        Returns true if the supplied digest matches the shared secret value. The digest must be an MD5 hash of the secret key, encoded as hex. This value is supplied by clients attempting shared secret authentication.
        Parameters:
        digest - the MD5 hash of the secret key, encoded as hex.
        Returns:
        true if authentication succeeds.
      • isSharedSecretAllowed

        public static boolean isSharedSecretAllowed()
        Returns true if shared secret authentication is enabled. Shared secret authentication creates an anonymous session, but requires that the authenticating entity know a shared secret key. The client sends a digest of the secret key, which is compared against a digest of the local shared key.
        Returns:
        true if shared secret authentication is enabled.
      • getSharedSecret

        public static String getSharedSecret()
        Returns the shared secret value, or null if shared secret authentication is disabled. If this is the first time the shared secret value has been requested (and shared secret auth is enabled), the key will be randomly generated and stored in the property xmpp.auth.sharedSecret.
        Returns:
        the shared secret value.
      • setSharedSecretAllowed

        public static void setSharedSecretAllowed​(boolean sharedSecretAllowed)
        Sets whether shared secret authentication is enabled. Shared secret authentication creates an anonymous session, but requires that the authenticating entity know a shared secret key. The client sends a digest of the secret key, which is compared against a digest of the local shared key.
        Parameters:
        sharedSecretAllowed - true if shared secret authentication should be enabled.