/// <exception cref="Javax.Security.Sasl.SaslException"/>
public virtual byte[] EvaluateResponse(byte[] response)
{
if (completed)
{
throw new InvalidOperationException("PLAIN authentication has completed");
}
if (response == null)
{
throw new ArgumentException("Received null response");
}
try
{
string payload;
try
{
payload = Runtime.GetStringForBytes(response, "UTF-8");
}
catch (Exception e)
{
throw new ArgumentException("Received corrupt response", e);
}
// [ authz, authn, password ]
string[] parts = payload.Split("\u0000", 3);
if (parts.Length != 3)
{
throw new ArgumentException("Received corrupt response");
}
if (parts[0].IsEmpty())
{
// authz = authn
parts[0] = parts[1];
}
NameCallback nc = new NameCallback("SASL PLAIN");
nc.SetName(parts[1]);
PasswordCallback pc = new PasswordCallback("SASL PLAIN", false);
pc.SetPassword(parts[2].ToCharArray());
AuthorizeCallback ac = new AuthorizeCallback(parts[1], parts[0]);
cbh.Handle(new Javax.Security.Auth.Callback.Callback[] { nc, pc, ac });
if (ac.IsAuthorized())
{
authz = ac.GetAuthorizedID();
}
}
catch (Exception e)
{
throw new SaslException("PLAIN auth failed: " + e.Message);
}
finally
{
completed = true;
}
return(null);
}
/// <exception cref="System.IO.IOException"/>
/// <exception cref="Javax.Security.Auth.Callback.UnsupportedCallbackException"/>
public void Handle(Javax.Security.Auth.Callback.Callback[] callbacks)
{
NameCallback nc = null;
PasswordCallback pc = null;
AuthorizeCallback ac = null;
foreach (Javax.Security.Auth.Callback.Callback callback in callbacks)
{
if (callback is AuthorizeCallback)
{
ac = (AuthorizeCallback)callback;
}
else
{
if (callback is PasswordCallback)
{
pc = (PasswordCallback)callback;
}
else
{
if (callback is NameCallback)
{
nc = (NameCallback)callback;
}
else
{
if (callback is RealmCallback)
{
continue;
}
else
{
// realm is ignored
throw new UnsupportedCallbackException(callback, "Unrecognized SASL DIGEST-MD5 Callback: "
+ callback);
}
}
}
}
}
if (pc != null)
{
pc.SetPassword(passwordFunction.Apply(nc.GetDefaultName()));
}
if (ac != null)
{
ac.SetAuthorized(true);
ac.SetAuthorizedID(ac.GetAuthorizationID());
}
}
/// <exception cref="Javax.Security.Auth.Callback.UnsupportedCallbackException"/>
public virtual void Handle(Javax.Security.Auth.Callback.Callback[] callbacks)
{
AuthorizeCallback ac = null;
foreach (Javax.Security.Auth.Callback.Callback callback in callbacks)
{
if (callback is AuthorizeCallback)
{
ac = (AuthorizeCallback)callback;
}
else
{
throw new UnsupportedCallbackException(callback, "Unrecognized SASL GSSAPI Callback"
);
}
}
if (ac != null)
{
string authid = ac.GetAuthenticationID();
string authzid = ac.GetAuthorizationID();
if (authid.Equals(authzid))
{
ac.SetAuthorized(true);
}
else
{
ac.SetAuthorized(false);
}
if (ac.IsAuthorized())
{
if (Log.IsDebugEnabled())
{
Log.Debug("SASL server GSSAPI callback: setting " + "canonicalized client ID: " +
authzid);
}
ac.SetAuthorizedID(authzid);
}
}
}
/// <exception cref="Org.Apache.Hadoop.Security.Token.SecretManager.InvalidToken"/>
/// <exception cref="Javax.Security.Auth.Callback.UnsupportedCallbackException"/>
/// <exception cref="Org.Apache.Hadoop.Ipc.StandbyException"/>
/// <exception cref="Org.Apache.Hadoop.Ipc.RetriableException"/>
/// <exception cref="System.IO.IOException"/>
public virtual void Handle(Javax.Security.Auth.Callback.Callback[] callbacks)
{
NameCallback nc = null;
PasswordCallback pc = null;
AuthorizeCallback ac = null;
foreach (Javax.Security.Auth.Callback.Callback callback in callbacks)
{
if (callback is AuthorizeCallback)
{
ac = (AuthorizeCallback)callback;
}
else
{
if (callback is NameCallback)
{
nc = (NameCallback)callback;
}
else
{
if (callback is PasswordCallback)
{
pc = (PasswordCallback)callback;
}
else
{
if (callback is RealmCallback)
{
continue;
}
else
{
// realm is ignored
throw new UnsupportedCallbackException(callback, "Unrecognized SASL DIGEST-MD5 Callback"
);
}
}
}
}
}
if (pc != null)
{
TokenIdentifier tokenIdentifier = GetIdentifier(nc.GetDefaultName(), secretManager
);
char[] password = GetPassword(tokenIdentifier);
UserGroupInformation user = null;
user = tokenIdentifier.GetUser();
// may throw exception
connection.attemptingUser = user;
if (Log.IsDebugEnabled())
{
Log.Debug("SASL server DIGEST-MD5 callback: setting password " + "for client: " +
tokenIdentifier.GetUser());
}
pc.SetPassword(password);
}
if (ac != null)
{
string authid = ac.GetAuthenticationID();
string authzid = ac.GetAuthorizationID();
if (authid.Equals(authzid))
{
ac.SetAuthorized(true);
}
else
{
ac.SetAuthorized(false);
}
if (ac.IsAuthorized())
{
if (Log.IsDebugEnabled())
{
string username = GetIdentifier(authzid, secretManager).GetUser().GetUserName();
Log.Debug("SASL server DIGEST-MD5 callback: setting " + "canonicalized client ID: "
+ username);
}
ac.SetAuthorizedID(authzid);
}
}
}
