study/uTools-Manuals
1
0
Fork 0
mirror of https://github.com/fofolee/uTools-Manuals.git synced 2025-07-08 02:32:46 +08:00
Code Issues Packages Projects Releases Wiki Activity
uTools-Manuals/docs/java/javax/security/sasl/SaslServer.html

390 lines
16 KiB
HTML
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<div class="header">
<div class="subTitle">
compact3
</div>
<div class="subTitle">
javax.security.sasl
</div>
<h2 class="title" title="Interface SaslServer">Interface SaslServer</h2>
</div><div class="contentContainer">
<div class="description">
<ul class="blockList">
<li class="blockList">
<hr/> <br/> <pre>public interface <span class="typeNameLabel">SaslServer</span></pre>
<div class="block">
<span>执行SASL身份验证作为服务器。</span>
<p> <span>LDAP服务器等服务器获取此类的实例以执行由特定SASL机制定义的认证。</span> <span><code>SaslServer</code>实例上的调用方法根据SaslServer实现的SASL机制产生<code>SaslServer</code></span> <span>当认证进行时该实例封装了SASL服务器的认证交换的状态。</span> </p>
<p> <span>以下是LDAP服务器如何使用<code>SaslServer</code></span> <span>它首先获得客户端请求的SASL机制的一个<code>SaslServer</code>的实例:</span> </p>
<blockquote>
<span><pre>
SaslServer ss = Sasl.createSaslServer(mechanism,
"ldap", myFQDN, props, callbackHandler);
</pre></span>
</blockquote>
<span>然后可以继续使用服务器进行身份验证。</span>
<span>例如假设LDAP服务器收到包含SASL机制的名称和可选初始响应的LDAP BIND请求。</span>
<span>然后可以使用服务器,如下所示:</span>
<blockquote>
<span><pre><code>
while (!ss.isComplete()) {
try {
byte[] challenge = ss.evaluateResponse(response);
if (ss.isComplete()) {
status = ldap.sendBindResponse(mechanism, challenge, SUCCESS);
} else {
status = ldap.sendBindResponse(mechanism, challenge,
SASL_BIND_IN_PROGRESS);
response = ldap.readBindRequest();
}
} catch (SaslException e) {
status = ldap.sendErrorResponse(e);
break;
}
}
if (ss.isComplete() &amp;&amp; status == SUCCESS) {
String qop = (String) sc.getNegotiatedProperty(Sasl.QOP);
if (qop != null
&amp;&amp; (qop.equalsIgnoreCase("auth-int")
|| qop.equalsIgnoreCase("auth-conf"))) {
// Use SaslServer.wrap() and SaslServer.unwrap() for future
// communication with client
ldap.in = new SecureInputStream(ss, ldap.in);
ldap.out = new SecureOutputStream(ss, ldap.out);
}
}
</code></pre></span>
</blockquote>
</div>
<dl>
<dt>
<span class="simpleTagLabel">从以下版本开始:</span>
</dt>
<dd>
1.5
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<span><a href="../../../javax/security/sasl/Sasl.html" title="javax.security.sasl中的类"><code>Sasl</code></a> <a href="../../../javax/security/sasl/SaslServerFactory.html" title="javax.security.sasl中的接口"><code>SaslServerFactory</code></a></span>
</dd>
</dl> </li>
</ul>
</div>
<div class="summary">
<ul class="blockList">
<li class="blockList">
<!-- ========== METHOD SUMMARY =========== -->
<ul class="blockList">
<li class="blockList"><a name="method.summary">
<!-- --> </a> <h3>方法摘要</h3>
<table border="0" cellpadding="3" cellspacing="0" class="memberSummary" summary="Method Summary table, listing methods, and an explanation">
<caption>
<span class="activeTableTab" id="t0"><span>所有方法</span><span class="tabEnd"> </span></span>
<span class="tableTab" id="t2"><span><a href="javascript:show(2);">接口方法</a></span><span class="tabEnd"> </span></span>
<span class="tableTab" id="t3"><span><a href="javascript:show(4);">抽象方法</a></span><span class="tabEnd"> </span></span>
</caption>
<tbody>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colLast" scope="col">Method and Description</th>
</tr>
<tr class="altColor" id="i0">
<td class="colFirst"><code>void</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/sasl/SaslServer.html#dispose--">dispose</a></span>()</code>
<div class="block">
处理SaslServer可能使用的任何系统资源或安全敏感信息。
</div> </td>
</tr>
<tr class="rowColor" id="i1">
<td class="colFirst"><code>byte[]</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/sasl/SaslServer.html#evaluateResponse-byte:A-">evaluateResponse</a></span>(byte[] response)</code>
<div class="block">
评估响应数据并产生挑战。
</div> </td>
</tr>
<tr class="altColor" id="i2">
<td class="colFirst"><code><a href="../../../java/lang/String.html" title="class in java.lang">String</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/sasl/SaslServer.html#getAuthorizationID--">getAuthorizationID</a></span>()</code>
<div class="block">
报告此会话客户端的授权ID。
</div> </td>
</tr>
<tr class="rowColor" id="i3">
<td class="colFirst"><code><a href="../../../java/lang/String.html" title="class in java.lang">String</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/sasl/SaslServer.html#getMechanismName--">getMechanismName</a></span>()</code>
<div class="block">
返回该SASL服务器的IANA注册的机制名称。
</div> </td>
</tr>
<tr class="altColor" id="i4">
<td class="colFirst"><code><a href="../../../java/lang/Object.html" title="class in java.lang">Object</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/sasl/SaslServer.html#getNegotiatedProperty-java.lang.String-">getNegotiatedProperty</a></span>(<a href="../../../java/lang/String.html" title="class in java.lang">String</a> propName)</code>
<div class="block">
检索谈判的财产。
</div> </td>
</tr>
<tr class="rowColor" id="i5">
<td class="colFirst"><code>boolean</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/sasl/SaslServer.html#isComplete--">isComplete</a></span>()</code>
<div class="block">
确定认证交换是否已完成。
</div> </td>
</tr>
<tr class="altColor" id="i6">
<td class="colFirst"><code>byte[]</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/sasl/SaslServer.html#unwrap-byte:A-int-int-">unwrap</a></span>(byte[] incoming, int offset, int len)</code>
<div class="block">
解开从客户端接收的字节数组。
</div> </td>
</tr>
<tr class="rowColor" id="i7">
<td class="colFirst"><code>byte[]</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/sasl/SaslServer.html#wrap-byte:A-int-int-">wrap</a></span>(byte[] outgoing, int offset, int len)</code>
<div class="block">
包装要发送给客户端的字节数组。
</div> </td>
</tr>
</tbody>
</table> </li>
</ul> </li>
</ul>
</div>
<div class="details">
<ul class="blockList">
<li class="blockList">
<!-- ============ METHOD DETAIL ========== -->
<ul class="blockList">
<li class="blockList"><a name="method.detail">
<!-- --> </a> <h3>方法详细信息</h3> <a name="getMechanismName--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>getMechanismName</h4> <pre><a href="../../../java/lang/String.html" title="class in java.lang">String</a> getMechanismName()</pre>
<div class="block">
<span>返回该SASL服务器的IANA注册的机制名称。</span>
<span>例如“CRAM-MD5”“GSSAPI”</span>
</div>
<dl>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
表示IANA注册的机制名称的非空字符串。
</dd>
</dl> </li>
</ul> <a name="evaluateResponse-byte:A-">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>evaluateResponse</h4> <pre>byte[] evaluateResponse(byte[] response)
throws <a href="../../../javax/security/sasl/SaslException.html" title="class in javax.security.sasl">SaslException</a></pre>
<div class="block">
<span>评估响应数据并产生挑战。</span>
<span>如果在认证过程中从客户端收到响应,则调用此方法来准备适当的下一个挑战以提交给客户端。</span>
<span>如果身份验证成功,并且没有更多的挑战数据要发送给客户端,那么质询将为空。</span>
<span>如果认证必须通过向客户端发送质询,或验证成功但需要由客户端处理的数据进行验证,则该值为非空值。</span>
<span><code>isComplete()</code>应该每次调用之后调用<code>evaluateResponse()</code> ,以确定是否从所述客户端所需要的任何进一步的反应。</span>
</div>
<dl>
<dt>
<span class="paramLabel">参数</span>
</dt>
<dd>
<code>response</code> - 客户端发送的非空(但可能为空)响应。
</dd>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
<span>发送给客户端可能是空的挑战。</span>
<span>如果认证成功并且没有更多的挑战数据要发送给客户端则为null。</span>
</dd>
<dt>
<span class="throwsLabel">异常</span>
</dt>
<dd>
<code><a href="../../../javax/security/sasl/SaslException.html" title="class in javax.security.sasl">SaslException</a></code> - 如果在处理响应或产生挑战时发生错误。
</dd>
</dl> </li>
</ul> <a name="isComplete--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>isComplete</h4> <pre>boolean isComplete()</pre>
<div class="block">
<span>确定认证交换是否已完成。</span>
<span>此方法通常称为每次调用后<code>evaluateResponse()</code> ,确定认证是否已成功完成,还是应该继续下去。</span>
</div>
<dl>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
<span>如果认证交换完成,则为真;</span>
<span>否则为假。</span>
</dd>
</dl> </li>
</ul> <a name="getAuthorizationID--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>getAuthorizationID</h4> <pre><a href="../../../java/lang/String.html" title="class in java.lang">String</a> getAuthorizationID()</pre>
<div class="block">
<span>报告此会话客户端的授权ID。</span>
<span>只有当isComplete返回true时才能调用此方法。</span>
</div>
<dl>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
客户端的授权ID。
</dd>
<dt>
<span class="throwsLabel">异常</span>
</dt>
<dd>
<code><a href="../../../java/lang/IllegalStateException.html" title="class in java.lang">IllegalStateException</a></code> - 如果此验证会话尚未完成
</dd>
</dl> </li>
</ul> <a name="unwrap-byte:A-int-int-">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>unwrap</h4> <pre>byte[] unwrap(byte[] incoming,
int offset,
int len)
throws <a href="../../../javax/security/sasl/SaslException.html" title="class in javax.security.sasl">SaslException</a></pre>
<div class="block">
<span>解开从客户端接收的字节数组。</span>
<span>只有认证交换完成后(即当<code>isComplete()</code>返回true时并且只有认证交换协商完整性和/或隐私作为保护质量,才可以调用此方法。</span>
<span>否则,抛出一个<code>IllegalStateException</code></span>
<p> <span><code>incoming</code>是RFC 2222中定义的SASL缓冲区的内容没有表示长度的前四个八位字节字段。</span> <span><code>offset</code><code>len</code>指定要使用的部分<code>incoming</code></span> </p>
</div>
<dl>
<dt>
<span class="paramLabel">参数</span>
</dt>
<dd>
<code>incoming</code> - 包含客户端编码字节的非空字节数组。
</dd>
<dd>
<code>offset</code> - 起始位置在
<code>incoming</code>的字节使用。
</dd>
<dd>
<code>len</code> - 从
<code>incoming</code>使用的字节数。
</dd>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
包含解码字节的非空字节数组。
</dd>
<dt>
<span class="throwsLabel">异常</span>
</dt>
<dd>
<code><a href="../../../javax/security/sasl/SaslException.html" title="class in javax.security.sasl">SaslException</a></code> - 如果
<code>incoming</code>无法成功解包。
</dd>
<dd>
<code><a href="../../../java/lang/IllegalStateException.html" title="class in java.lang">IllegalStateException</a></code> - 如果验证交换尚未完成,或者协商的保护质量既不完整也不具有隐私
</dd>
</dl> </li>
</ul> <a name="wrap-byte:A-int-int-">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>wrap</h4> <pre>byte[] wrap(byte[] outgoing,
int offset,
int len)
throws <a href="../../../javax/security/sasl/SaslException.html" title="class in javax.security.sasl">SaslException</a></pre>
<div class="block">
<span>包装要发送给客户端的字节数组。</span>
<span>只有认证交换完成后(即当<code>isComplete()</code>返回true时并且只有认证交换协商完整性和/或隐私作为保护质量,才能调用此方法。</span>
<span>否则,抛出一个<code>SaslException</code></span>
<p> <span>该方法的结果将构成RFC 2222中定义的SASL缓冲区的内容而不包含表示长度的前导四个八位字节字段。</span> <span><code>offset</code><code>len</code>指定要使用的部分<code>outgoing</code></span> </p>
</div>
<dl>
<dt>
<span class="paramLabel">参数</span>
</dt>
<dd>
<code>outgoing</code> - 包含要编码的字节的非空字节数组。
</dd>
<dd>
<code>offset</code> - 起始位置在
<code>outgoing</code>的字节使用。
</dd>
<dd>
<code>len</code> - 从
<code>outgoing</code>使用的字节数。
</dd>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
包含编码字节的非空字节数组。
</dd>
<dt>
<span class="throwsLabel">异常</span>
</dt>
<dd>
<code><a href="../../../javax/security/sasl/SaslException.html" title="class in javax.security.sasl">SaslException</a></code> - 如果
<code>outgoing</code>无法成功包装。
</dd>
<dd>
<code><a href="../../../java/lang/IllegalStateException.html" title="class in java.lang">IllegalStateException</a></code> - 如果认证交换尚未完成,或者协商的保护质量既不完整也不具有隐私。
</dd>
</dl> </li>
</ul> <a name="getNegotiatedProperty-java.lang.String-">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>getNegotiatedProperty</h4> <pre><a href="../../../java/lang/Object.html" title="class in java.lang">Object</a> getNegotiatedProperty(<a href="../../../java/lang/String.html" title="class in java.lang">String</a> propName)</pre>
<div class="block">
<span>检索谈判的财产。</span>
<span>只有认证交换完成后才能调用此方法(即当<code>isComplete()</code>返回true时</span>
<span>否则,抛出<code>IllegalStateException</code></span>
</div>
<dl>
<dt>
<span class="paramLabel">参数</span>
</dt>
<dd>
<code>propName</code> - 该物业
</dd>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
<span>谈判财产的价值。</span>
<span>如果为null则该属性未被协商或不适用于该机制。</span>
</dd>
<dt>
<span class="throwsLabel">异常</span>
</dt>
<dd>
<code><a href="../../../java/lang/IllegalStateException.html" title="class in java.lang">IllegalStateException</a></code> - 如果此认证交换尚未完成
</dd>
</dl> </li>
</ul> <a name="dispose--">
<!-- --> </a>
<ul class="blockListLast">
<li class="blockList"> <h4>dispose</h4> <pre>void dispose()
throws <a href="../../../javax/security/sasl/SaslException.html" title="class in javax.security.sasl">SaslException</a></pre>
<div class="block">
<span>处理SaslServer可能使用的任何系统资源或安全敏感信息。</span>
<span>调用此方法会使SaslServer实例无效。</span>
<span>这种方法是幂等的。</span>
</div>
<dl>
<dt>
<span class="throwsLabel">异常</span>
</dt>
<dd>
<code><a href="../../../javax/security/sasl/SaslException.html" title="class in javax.security.sasl">SaslException</a></code> - 处理资源时遇到问题。
</dd>
</dl> </li>
</ul> </li>
</ul> </li>
</ul>
</div>
</div>
Reference in New Issue View Git Blame Copy Permalink