javax.security.sasl
public interface SaslClientFactory
An interface for creating instances of {@link SaslClient}. A class that implements this interface must be thread-safe and handle multiple simultaneous requests. It must also have a public constructor that accepts no arguments.
This interface is not normally accessed directly by a client, which will
use the {@link Sasl} static methods to create a client instance instead.
However, a particular environment may provide and install a new or different
SaslClientFactory.
Since: 1.5
See Also: SaslClient
| Method Summary | |
|---|---|
| SaslClient | createSaslClient(String[] mechanisms, String authorizationID, String protocol, String serverName, Map<String,?> props, CallbackHandler cbh)
Creates a {@link SaslClient} using the parameters supplied.
|
| String[] | getMechanismNames(Map<String,?> props)
Returns an array of names of mechanisms that match the specified mechanism
selection policies.
|
Parameters: mechanisms the non-null list of mechanism names to try. Each is the
IANA-registered name of a SASL mechanism (e.g. "GSSAPI", "CRAM-MD5"). authorizationID the possibly null protocol-dependent identification
to be used for authorization. If null or empty, the server
derives an authorization ID from the client's authentication credentials.
When the SASL authentication completes successfully, the specified entity
is granted access. protocol the non-null string name of the protocol for which the
authentication is being performed (e.g. "ldap"). serverName the non-null fully qualified host name of the server to
authenticate to. props the possibly null set of properties used to
select the SASL mechanism and to configure the authentication exchange of
the selected mechanism. See the {@link Sasl} class for a list of standard
properties. Other, possibly mechanism-specific, properties can be included.
Properties not relevant to the selected mechanism are ignored. cbh the possibly null callback handler to used by the
SASL mechanisms to get further information from the application/library to
complete the authentication. For example, a SASL mechanism might require
the authentication ID, password and realm from the caller. The
authentication ID is requested by using a
{@link javax.security.auth.callback.NameCallback}. The password is
requested by using a {@link javax.security.auth.callback.PasswordCallback}.
The realm is requested by using a {@link RealmChoiceCallback} if there is
a list of realms to choose from, and by using a {@link RealmCallback} if
the realm must be entered.
Returns: a possibly null {@link SaslClient} created using the
parameters supplied. If null, this factory cannot produce a
{@link SaslClient} using the parameters supplied.
Throws: SaslException if a {@link SaslClient} instance cannot be created because of an error.
Parameters: props the possibly null set of properties used to
specify the security policy of the SASL mechanisms. For example, if props
contains the {@link Sasl#POLICY_NOPLAINTEXT} property with the value
"true", then the factory must not return any SASL mechanisms
that are susceptible to simple plain passive attacks. See the {@link Sasl}
class for a complete list of policy properties. Non-policy related
properties, if present in props, are ignored.
Returns: a non-null array containing IANA-registered SASL mechanism names.