public static interface Authenticator.SaslNegotiator
SaslServer
Modifier and Type | Method and Description |
---|---|
byte[] |
evaluateResponse(byte[] clientResponse)
Evaluates the client response data and generates a byte[] reply which may be a further challenge or purely
informational in the case that the negotiation is completed on this round.
|
AuthenticatedUser |
getAuthenticatedUser()
Following a successful negotiation, get the AuthenticatedUser representing the logged in subject.
|
boolean |
isComplete()
Called after each invocation of
evaluateResponse(byte[]) to determine whether the authentication has
completed successfully or should be continued. |
byte[] evaluateResponse(byte[] clientResponse) throws AuthenticationException
RequestMessage
with an "op" code of "authenticate" is received
from a client. After it is called, isComplete()
is checked to determine whether the negotiation has
finished. If so, an AuthenticatedUser
is obtained by calling getAuthenticatedUser()
and
that user associated with the active connection. If the negotiation is not yet complete,
the byte[] is returned to the client as a further challenge in an
ResponseMessage
with ResponseStatusCode.AUTHENTICATE
. This continues until the negotiation
does complete or an error is encountered.AuthenticationException
boolean isComplete()
evaluateResponse(byte[])
to determine whether the authentication has
completed successfully or should be continued.AuthenticatedUser getAuthenticatedUser() throws AuthenticationException
isComplete()
returns true.
Should never return null - always throw AuthenticationException instead.
Returning AuthenticatedUser.ANONYMOUS_USER is an option if authentication is not required.AuthenticationException
Copyright © 2013–2022 Apache Software Foundation. All rights reserved.