/
AuthenticationConfigurationBuilder.java
157 lines (138 loc) · 4.73 KB
/
AuthenticationConfigurationBuilder.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
package org.infinispan.client.hotrod.configuration;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.sasl.Sasl;
import org.infinispan.client.hotrod.logging.Log;
import org.infinispan.client.hotrod.logging.LogFactory;
import org.infinispan.commons.configuration.Builder;
/**
* AuthenticationConfigurationBuilder.
*
* @author Tristan Tarrant
* @since 7.0
*/
public class AuthenticationConfigurationBuilder extends AbstractSecurityConfigurationChildBuilder implements Builder<AuthenticationConfiguration> {
private static final Log log = LogFactory.getLog(AuthenticationConfigurationBuilder.class);
private CallbackHandler callbackHandler;
private boolean enabled = false;
private String serverName;
private Map<String, String> saslProperties = new HashMap<String, String>();
private String saslMechanism;
private Subject clientSubject;
public AuthenticationConfigurationBuilder(SecurityConfigurationBuilder builder) {
super(builder);
}
/**
* Specifies a {@link CallbackHandler} to be used during the authentication handshake.
* The {@link Callback}s that need to be handled are specific to the chosen SASL mechanism.
*/
public AuthenticationConfigurationBuilder callbackHandler(CallbackHandler callbackHandler) {
this.callbackHandler = callbackHandler;
return this;
}
/**
* Configures whether authentication should be enabled or not
*/
public AuthenticationConfigurationBuilder enabled(boolean enabled) {
this.enabled = enabled;
return this;
}
/**
* Enables authentication
*/
public AuthenticationConfigurationBuilder enable() {
this.enabled = true;
return this;
}
/**
* Disables authentication
*/
public AuthenticationConfigurationBuilder disable() {
this.enabled = false;
return this;
}
/**
* Selects the SASL mechanism to use for the connection to the server
*/
public AuthenticationConfigurationBuilder saslMechanism(String saslMechanism) {
this.saslMechanism = saslMechanism;
return this;
}
/**
* Sets the SASL properties
*/
public AuthenticationConfigurationBuilder saslProperties(Map<String, String> saslProperties) {
this.saslProperties = saslProperties;
return this;
}
/**
* Sets the SASL QOP property. If multiple values are specified they will determine preference order
*/
public AuthenticationConfigurationBuilder saslQop(SaslQop... qop) {
StringBuilder s = new StringBuilder();
for(int i=0; i < qop.length; i++) {
if (i > 0) {
s.append(",");
}
s.append(qop[i].toString());
}
this.saslProperties.put(Sasl.QOP, s.toString());
return this;
}
/**
* Sets the SASL strength property. If multiple values are specified they will determine preference order
*/
public AuthenticationConfigurationBuilder saslStrength(SaslStrength... strength) {
StringBuilder s = new StringBuilder();
for(int i=0; i < strength.length; i++) {
if (i > 0) {
s.append(",");
}
s.append(strength[i].toString());
}
this.saslProperties.put(Sasl.STRENGTH, s.toString());
return this;
}
/**
* Sets the name of the server as expected by the SASL protocol
*/
public AuthenticationConfigurationBuilder serverName(String serverName) {
this.serverName = serverName;
return this;
}
/**
* Sets the client subject, necessary for those SASL mechanisms which require it to access client credentials (i.e. GSSAPI)
*/
public AuthenticationConfigurationBuilder clientSubject(Subject clientSubject) {
this.clientSubject = clientSubject;
return this;
}
@Override
public AuthenticationConfiguration create() {
return new AuthenticationConfiguration(callbackHandler, clientSubject, enabled, saslMechanism, saslProperties, serverName);
}
@Override
public Builder<?> read(AuthenticationConfiguration template) {
this.callbackHandler = template.callbackHandler();
this.clientSubject = template.clientSubject();
this.enabled = template.enabled();
this.saslMechanism = template.saslMechanism();
this.saslProperties = template.saslProperties();
this.serverName = template.serverName();
return this;
}
@Override
public void validate() {
if (enabled) {
if (callbackHandler == null && clientSubject == null) {
throw log.invalidCallbackHandler();
}
if (saslMechanism == null) {
throw log.invalidSaslMechanism(saslMechanism);
}
}
}
}