001/** 002 * 003 * Copyright the original author or authors 004 * 005 * Licensed under the Apache License, Version 2.0 (the "License"); 006 * you may not use this file except in compliance with the License. 007 * You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017package org.jivesoftware.smack.sasl; 018 019import org.jivesoftware.smack.SASLAuthentication; 020import org.jivesoftware.smack.SmackException.NotConnectedException; 021 022import java.io.IOException; 023import java.util.Map; 024import java.util.HashMap; 025 026import javax.security.sasl.Sasl; 027import javax.security.sasl.SaslException; 028import javax.security.auth.callback.CallbackHandler; 029 030/** 031 * Implementation of the SASL GSSAPI mechanism 032 * 033 * @author Jay Kline 034 */ 035public class SASLGSSAPIMechanism extends SASLMechanism { 036 037 public SASLGSSAPIMechanism(SASLAuthentication saslAuthentication) { 038 super(saslAuthentication); 039 040 System.setProperty("javax.security.auth.useSubjectCredsOnly","false"); 041 System.setProperty("java.security.auth.login.config","gss.conf"); 042 043 } 044 045 protected String getName() { 046 return "GSSAPI"; 047 } 048 049 /** 050 * Builds and sends the <tt>auth</tt> stanza to the server. 051 * This overrides from the abstract class because the initial token 052 * needed for GSSAPI is binary, and not safe to put in a string, thus 053 * getAuthenticationText() cannot be used. 054 * 055 * @param username the username of the user being authenticated. 056 * @param host the hostname where the user account resides. 057 * @param cbh the CallbackHandler (not used with GSSAPI) 058 * @throws IOException If a network error occures while authenticating. 059 * @throws NotConnectedException 060 */ 061 public void authenticate(String username, String host, CallbackHandler cbh) throws IOException, SaslException, NotConnectedException { 062 String[] mechanisms = { getName() }; 063 Map<String,String> props = new HashMap<String,String>(); 064 props.put(Sasl.SERVER_AUTH,"TRUE"); 065 sc = Sasl.createSaslClient(mechanisms, null, "xmpp", host, props, cbh); 066 authenticate(); 067 } 068 069 /** 070 * Builds and sends the <tt>auth</tt> stanza to the server. 071 * This overrides from the abstract class because the initial token 072 * needed for GSSAPI is binary, and not safe to put in a string, thus 073 * getAuthenticationText() cannot be used. 074 * 075 * @param username the username of the user being authenticated. 076 * @param host the hostname where the user account resides. 077 * @param password the password of the user (ignored for GSSAPI) 078 * @throws IOException If a network error occures while authenticating. 079 * @throws NotConnectedException 080 */ 081 public void authenticate(String username, String host, String password) throws IOException, SaslException, NotConnectedException { 082 String[] mechanisms = { getName() }; 083 Map<String,String> props = new HashMap<String, String>(); 084 props.put(Sasl.SERVER_AUTH,"TRUE"); 085 sc = Sasl.createSaslClient(mechanisms, null, "xmpp", host, props, this); 086 authenticate(); 087 } 088 089}