study/uTools-Manuals
1
0
Fork 0
mirror of https://github.com/fofolee/uTools-Manuals.git synced 2025-07-07 18:22:57 +08:00
Code Issues Packages Projects Releases Wiki Activity
uTools-Manuals/docs/java/javax/security/sasl/SaslClient.html

389 lines
16 KiB
HTML
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<div class="header">
<div class="subTitle">
compact3
</div>
<div class="subTitle">
javax.security.sasl
</div>
<h2 class="title" title="Interface SaslClient">Interface SaslClient</h2>
</div><div class="contentContainer">
<div class="description">
<ul class="blockList">
<li class="blockList">
<hr/> <br/> <pre>public interface <span class="typeNameLabel">SaslClient</span></pre>
<div class="block">
<span>执行SASL身份验证作为客户端。</span>
<p> <span>诸如LDAP之类的协议库获取此类的实例以执行由特定SASL机制定义的认证。</span> <span>调用<code>SaslClient</code>实例过程的方法并根据SaslClient执行的SASL机制创建<code>SaslClient</code></span> <span>当认证进行时该实例封装了SASL客户端认证交换的状态。</span> </p>
<p> <span>以下是LDAP库可能使用<code>SaslClient</code></span> <span>它首先获得一个<code>SaslClient</code>的实例:</span> </p>
<blockquote>
<span><pre><code>
SaslClient sc = Sasl.createSaslClient(mechanisms,
authorizationId, protocol, serverName, props, callbackHandler);
</code></pre></span>
</blockquote>
<span>然后可以继续使用客户端进行身份验证。</span>
<span>例如LDAP库可能会使用客户端如下所示</span>
<blockquote>
<span><pre><code>
// Get initial response and send to server
byte[] response = (sc.hasInitialResponse() ? sc.evaluateChallenge(new byte[0]) :
null);
LdapResult res = ldap.sendBindRequest(dn, sc.getName(), response);
while (!sc.isComplete() &amp;&amp;
(res.status == SASL_BIND_IN_PROGRESS || res.status == SUCCESS)) {
response = sc.evaluateChallenge(res.getBytes());
if (res.status == SUCCESS) {
// we're done; don't expect to send another BIND
if (response != null) {
throw new SaslException(
"Protocol error: attempting to send response after completion");
}
break;
}
res = ldap.sendBindRequest(dn, sc.getName(), response);
}
if (sc.isComplete() &amp;&amp; res.status == SUCCESS) {
String qop = (String) sc.getNegotiatedProperty(Sasl.QOP);
if (qop != null
&amp;&amp; (qop.equalsIgnoreCase("auth-int")
|| qop.equalsIgnoreCase("auth-conf"))) {
// Use SaslClient.wrap() and SaslClient.unwrap() for future
// communication with server
ldap.in = new SecureInputStream(sc, ldap.in);
ldap.out = new SecureOutputStream(sc, ldap.out);
}
}
</code></pre></span>
</blockquote>
<span>如果机制有一个初始响应,库将调用<code>evaluateChallenge()</code>一个空挑战并得到初始响应。</span>
<span>诸如IMAP4之类的协议其中不包括对服务器的第一认证命令的初始响应在没有首先呼叫<code>hasInitialResponse()</code><code>evaluateChallenge()</code>情况下<code>hasInitialResponse()</code> <code>evaluateChallenge()</code></span>
<span>当服务器响应该命令时,它发送初始挑战。</span>
<span>对于客户端首先发送数据的SASL机制服务器应该发出无数据的挑战。</span>
<span>这将导致一个呼叫(在客户端)到<code>evaluateChallenge()</code>一个空的挑战。</span>
</div>
<dl>
<dt>
<span class="simpleTagLabel">从以下版本开始:</span>
</dt>
<dd>
1.5
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<span><a href="../../../javax/security/sasl/Sasl.html" title="javax.security.sasl中的类"><code>Sasl</code></a> <a href="../../../javax/security/sasl/SaslClientFactory.html" title="javax.security.sasl中的接口"><code>SaslClientFactory</code></a></span>
</dd>
</dl> </li>
</ul>
</div>
<div class="summary">
<ul class="blockList">
<li class="blockList">
<!-- ========== METHOD SUMMARY =========== -->
<ul class="blockList">
<li class="blockList"><a name="method.summary">
<!-- --> </a> <h3>方法摘要</h3>
<table border="0" cellpadding="3" cellspacing="0" class="memberSummary" summary="Method Summary table, listing methods, and an explanation">
<caption>
<span class="activeTableTab" id="t0"><span>所有方法</span><span class="tabEnd"> </span></span>
<span class="tableTab" id="t2"><span><a href="javascript:show(2);">接口方法</a></span><span class="tabEnd"> </span></span>
<span class="tableTab" id="t3"><span><a href="javascript:show(4);">抽象方法</a></span><span class="tabEnd"> </span></span>
</caption>
<tbody>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colLast" scope="col">Method and Description</th>
</tr>
<tr class="altColor" id="i0">
<td class="colFirst"><code>void</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/sasl/SaslClient.html#dispose--">dispose</a></span>()</code>
<div class="block">
处理SaslClient可能使用的任何系统资源或安全敏感信息。
</div> </td>
</tr>
<tr class="rowColor" id="i1">
<td class="colFirst"><code>byte[]</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/sasl/SaslClient.html#evaluateChallenge-byte:A-">evaluateChallenge</a></span>(byte[] challenge)</code>
<div class="block">
评估挑战数据并产生响应。
</div> </td>
</tr>
<tr class="altColor" id="i2">
<td class="colFirst"><code><a href="../../../java/lang/String.html" title="class in java.lang">String</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/sasl/SaslClient.html#getMechanismName--">getMechanismName</a></span>()</code>
<div class="block">
返回此SASL客户端的IANA注册机制名称。
</div> </td>
</tr>
<tr class="rowColor" id="i3">
<td class="colFirst"><code><a href="../../../java/lang/Object.html" title="class in java.lang">Object</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/sasl/SaslClient.html#getNegotiatedProperty-java.lang.String-">getNegotiatedProperty</a></span>(<a href="../../../java/lang/String.html" title="class in java.lang">String</a> propName)</code>
<div class="block">
检索谈判的财产。
</div> </td>
</tr>
<tr class="altColor" id="i4">
<td class="colFirst"><code>boolean</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/sasl/SaslClient.html#hasInitialResponse--">hasInitialResponse</a></span>()</code>
<div class="block">
确定此机制是否具有可选的初始响应。
</div> </td>
</tr>
<tr class="rowColor" id="i5">
<td class="colFirst"><code>boolean</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/sasl/SaslClient.html#isComplete--">isComplete</a></span>()</code>
<div class="block">
确定认证交换是否已完成。
</div> </td>
</tr>
<tr class="altColor" id="i6">
<td class="colFirst"><code>byte[]</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/sasl/SaslClient.html#unwrap-byte:A-int-int-">unwrap</a></span>(byte[] incoming, int offset, int len)</code>
<div class="block">
解开从服务器接收的字节数组。
</div> </td>
</tr>
<tr class="rowColor" id="i7">
<td class="colFirst"><code>byte[]</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/sasl/SaslClient.html#wrap-byte:A-int-int-">wrap</a></span>(byte[] outgoing, int offset, int len)</code>
<div class="block">
包装要发送到服务器的字节数组。
</div> </td>
</tr>
</tbody>
</table> </li>
</ul> </li>
</ul>
</div>
<div class="details">
<ul class="blockList">
<li class="blockList">
<!-- ============ METHOD DETAIL ========== -->
<ul class="blockList">
<li class="blockList"><a name="method.detail">
<!-- --> </a> <h3>方法详细信息</h3> <a name="getMechanismName--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>getMechanismName</h4> <pre><a href="../../../java/lang/String.html" title="class in java.lang">String</a> getMechanismName()</pre>
<div class="block">
<span>返回此SASL客户端的IANA注册机制名称。</span>
<span>例如“CRAM-MD5”“GSSAPI”</span>
</div>
<dl>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
表示IANA注册的机制名称的非空字符串。
</dd>
</dl> </li>
</ul> <a name="hasInitialResponse--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>hasInitialResponse</h4> <pre>boolean hasInitialResponse()</pre>
<div class="block">
<span>确定此机制是否具有可选的初始响应。</span>
<span>如果为真,则呼叫方应使用空数组来调用<code>evaluateChallenge()</code>以获取初始响应。</span>
</div>
<dl>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
如果此机制具有初始响应则为true。
</dd>
</dl> </li>
</ul> <a name="evaluateChallenge-byte:A-">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>evaluateChallenge</h4> <pre>byte[] evaluateChallenge(byte[] challenge)
throws <a href="../../../javax/security/sasl/SaslException.html" title="class in javax.security.sasl">SaslException</a></pre>
<div class="block">
<span>评估挑战数据并产生响应。</span>
<span>如果在认证过程中从服务器收到质询,则会调用此方法来准备适当的下一个响应以提交给服务器。</span>
</div>
<dl>
<dt>
<span class="paramLabel">参数</span>
</dt>
<dd>
<span><code>challenge</code> - 从服务器发送的非空挑战。</span>
<span>挑战阵列可能具有零长度。</span>
</dd>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
<span>可能的空响应发送到服务器。</span>
<span>如果挑战伴随“SUCCESS”状态则该值为空并且质询仅包含客户端更新其状态的数据并且不需要将响应发送到服务器。</span>
<span>如果客户端要发送没有数据的响应,则响应是零长度字节数组。</span>
</dd>
<dt>
<span class="throwsLabel">异常</span>
</dt>
<dd>
<code><a href="../../../javax/security/sasl/SaslException.html" title="class in javax.security.sasl">SaslException</a></code> - 如果在处理挑战或产生响应时发生错误。
</dd>
</dl> </li>
</ul> <a name="isComplete--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>isComplete</h4> <pre>boolean isComplete()</pre>
<div class="block">
<span>确定认证交换是否已完成。</span>
<span>该方法可以在任何时间被调用,但是通常,直到主叫方已经从服务器(以协议特定的方式)接收到交换已经完成的指示才会被调用。</span>
</div>
<dl>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
<span>如果认证交换完成,则为真;</span>
<span>否则为假。</span>
</dd>
</dl> </li>
</ul> <a name="unwrap-byte:A-int-int-">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>unwrap</h4> <pre>byte[] unwrap(byte[] incoming,
int offset,
int len)
throws <a href="../../../javax/security/sasl/SaslException.html" title="class in javax.security.sasl">SaslException</a></pre>
<div class="block">
<span>解开从服务器接收的字节数组。</span>
<span>只有认证交换完成后(即当<code>isComplete()</code>返回true时并且只有认证交换协商完整性和/或隐私作为保护质量,才可以调用此方法。</span>
<span>否则,抛出一个<code>IllegalStateException</code></span>
<p> <span><code>incoming</code>是RFC 2222中定义的SASL缓冲区的内容没有表示长度的前四个八位字节字段。</span> <span><code>offset</code><code>len</code>指定要使用的部分<code>incoming</code></span> </p>
</div>
<dl>
<dt>
<span class="paramLabel">参数</span>
</dt>
<dd>
<code>incoming</code> - 包含服务器编码字节的非空字节数组。
</dd>
<dd>
<code>offset</code> - 起始位置在
<code>incoming</code>的字节使用。
</dd>
<dd>
<code>len</code> - 从
<code>incoming</code>使用的字节数。
</dd>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
包含解码字节的非空字节数组。
</dd>
<dt>
<span class="throwsLabel">异常</span>
</dt>
<dd>
<code><a href="../../../javax/security/sasl/SaslException.html" title="class in javax.security.sasl">SaslException</a></code> - 如果
<code>incoming</code>无法成功解包。
</dd>
<dd>
<code><a href="../../../java/lang/IllegalStateException.html" title="class in java.lang">IllegalStateException</a></code> - 如果验证交换尚未完成,或者协商的保护质量既不完整也不具有隐私。
</dd>
</dl> </li>
</ul> <a name="wrap-byte:A-int-int-">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>wrap</h4> <pre>byte[] wrap(byte[] outgoing,
int offset,
int len)
throws <a href="../../../javax/security/sasl/SaslException.html" title="class in javax.security.sasl">SaslException</a></pre>
<div class="block">
<span>包装要发送到服务器的字节数组。</span>
<span>只有认证交换完成后(即当<code>isComplete()</code>返回true时只有认证交换协商完整性和/或隐私作为保护质量,才可以调用此方法。</span>
<span>否则,抛出<code>IllegalStateException</code></span>
<p> <span>该方法的结果将构成RFC 2222中定义的SASL缓冲区的内容而不包含表示长度的前导四个八位字节字段。</span> <span><code>offset</code><code>len</code>指定要使用的部分<code>outgoing</code></span> </p>
</div>
<dl>
<dt>
<span class="paramLabel">参数</span>
</dt>
<dd>
<code>outgoing</code> - 包含要编码的字节的非空字节数组。
</dd>
<dd>
<code>offset</code> - 起始位置在
<code>outgoing</code>的字节使用。
</dd>
<dd>
<code>len</code> - 从
<code>outgoing</code>使用的字节数。
</dd>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
包含编码字节的非空字节数组。
</dd>
<dt>
<span class="throwsLabel">异常</span>
</dt>
<dd>
<code><a href="../../../javax/security/sasl/SaslException.html" title="class in javax.security.sasl">SaslException</a></code> - 如果
<code>outgoing</code>无法成功包装。
</dd>
<dd>
<code><a href="../../../java/lang/IllegalStateException.html" title="class in java.lang">IllegalStateException</a></code> - 如果认证交换尚未完成,或者协商的保护质量既没有完整性也没有隐私。
</dd>
</dl> </li>
</ul> <a name="getNegotiatedProperty-java.lang.String-">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>getNegotiatedProperty</h4> <pre><a href="../../../java/lang/Object.html" title="class in java.lang">Object</a> getNegotiatedProperty(<a href="../../../java/lang/String.html" title="class in java.lang">String</a> propName)</pre>
<div class="block">
<span>检索谈判的财产。</span>
<span>只有认证交换完成后才能调用此方法(即当<code>isComplete()</code>返回true时</span>
<span>否则,抛出一个<code>IllegalStateException</code></span>
</div>
<dl>
<dt>
<span class="paramLabel">参数</span>
</dt>
<dd>
<code>propName</code> - 非空属性名称。
</dd>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
<span>谈判财产的价值。</span>
<span>如果为null则该属性未被协商或不适用于该机制。</span>
</dd>
<dt>
<span class="throwsLabel">异常</span>
</dt>
<dd>
<code><a href="../../../java/lang/IllegalStateException.html" title="class in java.lang">IllegalStateException</a></code> - 如果此认证交换尚未完成
</dd>
</dl> </li>
</ul> <a name="dispose--">
<!-- --> </a>
<ul class="blockListLast">
<li class="blockList"> <h4>dispose</h4> <pre>void dispose()
throws <a href="../../../javax/security/sasl/SaslException.html" title="class in javax.security.sasl">SaslException</a></pre>
<div class="block">
<span>处理SaslClient可能使用的任何系统资源或安全敏感信息。</span>
<span>调用此方法会使SaslClient实例无效。</span>
<span>这种方法是幂等的。</span>
</div>
<dl>
<dt>
<span class="throwsLabel">异常</span>
</dt>
<dd>
<code><a href="../../../javax/security/sasl/SaslException.html" title="class in javax.security.sasl">SaslException</a></code> - 处理资源时遇到问题。
</dd>
</dl> </li>
</ul> </li>
</ul> </li>
</ul>
</div>
</div>
Reference in New Issue View Git Blame Copy Permalink