public interface SaslClientFactoryAn interface for creating instances of
SaslClient. A class that implements this interface must be thread-safe and handle multiple simultaneous requests. It must also have a public constructor that accepts no argument.
This interface is not normally accessed directly by a client, which will use the
Saslstatic methods instead. However, a particular environment may provide and install a new or different
Modifier and Type Method Description
createSaslClient(String mechanisms, String authorizationId, String protocol, String serverName, Map<String,?> props, CallbackHandler cbh)Creates a SaslClient using the parameters supplied.
getMechanismNames(Map<String,?> props)Returns an array of names of mechanisms that match the specified mechanism selection policies.
SaslClient createSaslClient(String mechanisms, String authorizationId, String protocol, String serverName, Map<String,?> props, CallbackHandler cbh) throws SaslExceptionCreates a SaslClient using the parameters supplied.
mechanisms- The non-null list of mechanism names to try. Each is the IANA-registered name of a SASL mechanism. (e.g. "GSSAPI", "CRAM-MD5").
authorizationId- The possibly null protocol-dependent identification to be used for authorization. If null or empty, the server derives an authorization ID from the client's authentication credentials. When the SASL authentication completes successfully, the specified entity is granted access.
protocol- The non-null string name of the protocol for which the authentication is being performed (e.g., "ldap").
serverName- The non-null fully qualified host name of the server to authenticate to.
props- The possibly null set of properties used to select the SASL mechanism and to configure the authentication exchange of the selected mechanism. See the
Saslclass for a list of standard properties. Other, possibly mechanism-specific, properties can be included. Properties not relevant to the selected mechanism are ignored, including any map entries with non-String keys.
cbh- The possibly null callback handler to used by the SASL mechanisms to get further information from the application/library to complete the authentication. For example, a SASL mechanism might require the authentication ID, password and realm from the caller. The authentication ID is requested by using a
NameCallback. The password is requested by using a
PasswordCallback. The realm is requested by using a
RealmChoiceCallbackif there is a list of realms to choose from, and by using a
RealmCallbackif the realm must be entered.
- A possibly null
SaslClientcreated using the parameters supplied. If null, this factory cannot produce a
SaslClientusing the parameters supplied.
SaslException- If cannot create a
SaslClientbecause of an error.
getMechanismNamesReturns an array of names of mechanisms that match the specified mechanism selection policies.
props- The possibly null set of properties used to specify the security policy of the SASL mechanisms. For example, if
Sasl.POLICY_NOPLAINTEXTproperty with the value
"true", then the factory must not return any SASL mechanisms that are susceptible to simple plain passive attacks. See the
Saslclass for a complete list of policy properties. Non-policy related properties, if present in
props, are ignored, including any map entries with non-String keys.
- A non-null array containing a IANA-registered SASL mechanism names.