void Authenticate()
{
if (transport != null)
{
transport.WriteCred();
}
SaslClient auth = new SaslClient();
auth.Identity = transport.AuthString();
auth.stream = transport.Stream;
auth.Peer = new SaslPeer();
auth.Peer.Peer = auth;
auth.Peer.stream = transport.Stream;
if (!auth.Authenticate())
{
throw new Exception("Authentication failure");
}
if (Id != UUID.Zero)
{
if (auth.ActualId != Id)
{
throw new Exception("Authentication failure: Unexpected GUID");
}
}
if (Id == UUID.Zero)
{
Id = auth.ActualId;
}
isAuthenticated = true;
}
/// <summary>Release resources used by wrapped saslClient</summary>
/// <exception cref="Javax.Security.Sasl.SaslException"/>
public virtual void Dispose()
{
if (saslClient != null)
{
saslClient.Dispose();
saslClient = null;
}
}
/// <summary>
/// Constructs a SASLInputStream from an InputStream and a SaslClient <br />
/// Note: if the specified InputStream or SaslClient is null, a
/// NullPointerException may be thrown later when they are used.
/// </summary>
/// <param name="inStream">the InputStream to be processed</param>
/// <param name="saslClient">an initialized SaslClient object</param>
public SaslInputStream(InputStream inStream, SaslClient saslClient)
{
this.inStream = new DataInputStream(inStream);
this.saslServer = null;
this.saslClient = saslClient;
string qop = (string)saslClient.GetNegotiatedProperty(Javax.Security.Sasl.Sasl.Qop
);
this.useWrap = qop != null && !Runtime.EqualsIgnoreCase("auth", qop);
}
void Authenticate()
{
if (transport != null)
{
transport.WriteCred();
}
SaslClient auth = new SaslClient(this);
auth.Run();
isAuthenticated = true;
}
public void AuthSelf ()
{
SaslServer server = new SaslServer ();
SaslClient client = new SaslClient ();
server.Peer = client;
client.Peer = server;
client.Identity = "1000";
server.Guid = UUID.Generate ();
Assert.IsTrue (client.AuthenticateSelf ());
Assert.AreEqual (server.Guid, client.ActualId);
}
public void AuthSelf()
{
SaslServer server = new SaslServer();
SaslClient client = new SaslClient();
server.Peer = client;
client.Peer = server;
client.Identity = "1000";
server.Guid = UUID.Generate();
Assert.IsTrue(client.AuthenticateSelf());
Assert.AreEqual(server.Guid, client.ActualId);
}
/// <summary>
/// Instantiate a sasl client for the first supported auth type in the
/// given list.
/// </summary>
/// <remarks>
/// Instantiate a sasl client for the first supported auth type in the
/// given list. The auth type must be defined, enabled, and the user
/// must possess the required credentials, else the next auth is tried.
/// </remarks>
/// <param name="authTypes">to attempt in the given order</param>
/// <returns>SaslAuth of instantiated client</returns>
/// <exception cref="AccessControlException">- client doesn't support any of the auths
/// </exception>
/// <exception cref="System.IO.IOException">- misc errors</exception>
/// <exception cref="Javax.Security.Sasl.SaslException"/>
/// <exception cref="Org.Apache.Hadoop.Security.AccessControlException"/>
private RpcHeaderProtos.RpcSaslProto.SaslAuth SelectSaslClient(IList <RpcHeaderProtos.RpcSaslProto.SaslAuth
> authTypes)
{
RpcHeaderProtos.RpcSaslProto.SaslAuth selectedAuthType = null;
bool switchToSimple = false;
foreach (RpcHeaderProtos.RpcSaslProto.SaslAuth authType in authTypes)
{
if (!IsValidAuthType(authType))
{
continue;
}
// don't know what it is, try next
SaslRpcServer.AuthMethod authMethod = SaslRpcServer.AuthMethod.ValueOf(authType.GetMethod
());
if (authMethod == SaslRpcServer.AuthMethod.Simple)
{
switchToSimple = true;
}
else
{
saslClient = CreateSaslClient(authType);
if (saslClient == null)
{
// client lacks credentials, try next
continue;
}
}
selectedAuthType = authType;
break;
}
if (saslClient == null && !switchToSimple)
{
IList <string> serverAuthMethods = new AList <string>();
foreach (RpcHeaderProtos.RpcSaslProto.SaslAuth authType_1 in authTypes)
{
serverAuthMethods.AddItem(authType_1.GetMethod());
}
throw new AccessControlException("Client cannot authenticate via:" + serverAuthMethods
);
}
if (Log.IsDebugEnabled())
{
Log.Debug("Use " + selectedAuthType.GetMethod() + " authentication for protocol "
+ protocol.Name);
}
return(selectedAuthType);
}
/// <summary>
/// Constructs a SASLOutputStream from an OutputStream and a SaslClient <br />
/// Note: if the specified OutputStream or SaslClient is null, a
/// NullPointerException may be thrown later when they are used.
/// </summary>
/// <param name="outStream">the OutputStream to be processed</param>
/// <param name="saslClient">an initialized SaslClient object</param>
public SaslOutputStream(OutputStream outStream, SaslClient saslClient)
{
this.saslServer = null;
this.saslClient = saslClient;
string qop = (string)saslClient.GetNegotiatedProperty(Javax.Security.Sasl.Sasl.Qop
);
this.useWrap = qop != null && !Runtime.EqualsIgnoreCase("auth", qop);
if (useWrap)
{
this.outStream = new BufferedOutputStream(outStream, 64 * 1024);
}
else
{
this.outStream = outStream;
}
}
/// <summary>
/// Constructs a SASLOutputStream from an OutputStream and a SaslServer <br />
/// Note: if the specified OutputStream or SaslServer is null, a
/// NullPointerException may be thrown later when they are used.
/// </summary>
/// <param name="outStream">the OutputStream to be processed</param>
/// <param name="saslServer">an initialized SaslServer object</param>
public SaslOutputStream(OutputStream outStream, SaslServer saslServer)
{
// processed data ready to be written out
// buffer holding one byte of incoming data
this.saslServer = saslServer;
this.saslClient = null;
string qop = (string)saslServer.GetNegotiatedProperty(Javax.Security.Sasl.Sasl.Qop
);
this.useWrap = qop != null && !Runtime.EqualsIgnoreCase("auth", qop);
if (useWrap)
{
this.outStream = new BufferedOutputStream(outStream, 64 * 1024);
}
else
{
this.outStream = outStream;
}
}
/// <summary>Private constructor wrapping a SaslClient.</summary>
/// <param name="saslClient">to wrap</param>
private SaslParticipant(SaslClient saslClient)
{
this.saslServer = null;
this.saslClient = saslClient;
}
/// <summary>Private constructor wrapping a SaslServer.</summary>
/// <param name="saslServer">to wrap</param>
private SaslParticipant(SaslServer saslServer)
{
this.saslServer = saslServer;
this.saslClient = null;
}
