org.apache.directory.server.ldap.handlers.bind
Class SaslFilter

java.lang.Object
  extended by org.apache.mina.common.IoFilterAdapter
      extended by org.apache.directory.server.ldap.handlers.bind.SaslFilter
All Implemented Interfaces:
org.apache.mina.common.IoFilter

public class SaslFilter
extends org.apache.mina.common.IoFilterAdapter

An IoFilterAdapter that handles integrity and confidentiality protection for a SASL bound session. The SaslFilter must be constructed with a SASL context that has completed SASL negotiation. Some SASL mechanisms, such as CRAM-MD5, only support authentication and thus do not need this filter. DIGEST-MD5 and GSSAPI do support message integrity and confidentiality and, therefore, do need this filter.

Version:
$Rev$, $Date$
Author:
Apache Directory Project

Nested Class Summary
 
Nested classes/interfaces inherited from interface org.apache.mina.common.IoFilter
org.apache.mina.common.IoFilter.NextFilter, org.apache.mina.common.IoFilter.WriteRequest
 
Field Summary
static java.lang.String DISABLE_SECURITY_LAYER_ONCE
          A session attribute key that makes next one write request bypass this filter (not adding a security layer).
 
Constructor Summary
SaslFilter(javax.security.sasl.SaslServer saslServer)
          Creates a new instance of SaslFilter.
 
Method Summary
 void filterWrite(org.apache.mina.common.IoFilter.NextFilter nextFilter, org.apache.mina.common.IoSession session, org.apache.mina.common.IoFilter.WriteRequest writeRequest)
           
 void messageReceived(org.apache.mina.common.IoFilter.NextFilter nextFilter, org.apache.mina.common.IoSession session, java.lang.Object message)
           
 
Methods inherited from class org.apache.mina.common.IoFilterAdapter
destroy, exceptionCaught, filterClose, init, messageSent, onPostAdd, onPostRemove, onPreAdd, onPreRemove, sessionClosed, sessionCreated, sessionIdle, sessionOpened
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

DISABLE_SECURITY_LAYER_ONCE

public static final java.lang.String DISABLE_SECURITY_LAYER_ONCE
A session attribute key that makes next one write request bypass this filter (not adding a security layer). This is a marker attribute, which means that you can put whatever as its value. (Boolean.TRUE is preferred.) The attribute is automatically removed from the session attribute map as soon as IoSession.write(Object) is invoked, and therefore should be put again if you want to make more messages bypass this filter.

Constructor Detail

SaslFilter

public SaslFilter(javax.security.sasl.SaslServer saslServer)
Creates a new instance of SaslFilter. The SaslFilter must be constructed with a SASL context that has completed SASL negotiation. The SASL context will be used to provide message integrity and, optionally, message confidentiality.

Parameters:
context - The initialized SASL context.
Method Detail

messageReceived

public void messageReceived(org.apache.mina.common.IoFilter.NextFilter nextFilter,
                            org.apache.mina.common.IoSession session,
                            java.lang.Object message)
                     throws javax.security.sasl.SaslException
Specified by:
messageReceived in interface org.apache.mina.common.IoFilter
Overrides:
messageReceived in class org.apache.mina.common.IoFilterAdapter
Throws:
javax.security.sasl.SaslException

filterWrite

public void filterWrite(org.apache.mina.common.IoFilter.NextFilter nextFilter,
                        org.apache.mina.common.IoSession session,
                        org.apache.mina.common.IoFilter.WriteRequest writeRequest)
                 throws javax.security.sasl.SaslException
Specified by:
filterWrite in interface org.apache.mina.common.IoFilter
Overrides:
filterWrite in class org.apache.mina.common.IoFilterAdapter
Throws:
javax.security.sasl.SaslException


Copyright © 2003-2009 Apache Software Foundation. All Rights Reserved.