001/**
002 *
003 * Copyright the original author or authors
004 *
005 * Licensed under the Apache License, Version 2.0 (the "License");
006 * you may not use this file except in compliance with the License.
007 * You may obtain a copy of the License at
008 *
009 *     http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017package org.jivesoftware.smack.sasl.javax;
018
019/**
020 * Implementation of the SASL EXTERNAL mechanism.
021 *
022 * To effectively use this mechanism, Java must be configured to properly
023 * supply a client SSL certificate (of some sort) to the server. It is up
024 * to the implementer to determine how to do this.  Here is one method:
025 *
026 * Create a java keystore with your SSL certificate in it:
027 * keytool -genkey -alias username -dname "cn=username,ou=organizationalUnit,o=organizationaName,l=locality,s=state,c=country"
028 *
029 * Next, set the System Properties:
030 *  <ul>
031 *  <li>javax.net.ssl.keyStore to the location of the keyStore
032 *  <li>javax.net.ssl.keyStorePassword to the password of the keyStore
033 *  <li>javax.net.ssl.trustStore to the location of the trustStore
034 *  <li>javax.net.ssl.trustStorePassword to the password of the trustStore
035 *  </ul>
036 *
037 * Then, when the server requests or requires the client certificate, java will
038 * simply provide the one in the keyStore.
039 *
040 * Also worth noting is the EXTERNAL mechanism in Smack is not enabled by default.
041 * To enable it, the implementer will need to call SASLAuthentication.supportSASLMechamism("EXTERNAL");
042 *
043 * @author Jay Kline
044 */
045public class SASLExternalMechanism extends SASLJavaXMechanism  {
046
047    public static final String NAME = EXTERNAL;
048
049    @Override
050    public boolean authzidSupported() {
051      return true;
052    }
053
054    @Override
055    public String getName() {
056        return EXTERNAL;
057    }
058
059    @Override
060    public int getPriority() {
061        return 500;
062    }
063
064    @Override
065    public SASLExternalMechanism newInstance() {
066        return new SASLExternalMechanism();
067    }
068
069    @Override
070    public boolean requiresPassword() {
071        return false;
072    }
073}