SASL协议java实现

sasl在很多场景中都有用到,如xmpp,pop3等等。详细协议可参见:

ietf(SASL)

在j2se中,大家如果平时做网络方面的工作时如果要用到身份认证这一块的可以使用sasl协议。 大概使用比较简单:

public class AuthMain {

 

    /**

     * @param args

     * @throws SaslException

     */

    public static void main(String[] args) throws SaslException {

       Map<String, String> props = new TreeMap<String, String>();

       props.put(Sasl.QOP, "auth");

       SaslServer ss = Sasl.createSaslServer("DIGEST-MD5", "xmpp", "java.com",

              props, new ServerCallbackHandler());

       byte[] token = new byte[0];

       byte[] challenge = ss.evaluateResponse(token);

 

       SaslClient sc = Sasl.createSaslClient(new String[] { "DIGEST-MD5" },

              "tony", "xmpp", "java.com", null, new ClientCallbackHandler());

       byte response[];

       if (challenge != null) {

           response = sc.evaluateChallenge(challenge);

       } else {

           response = sc.evaluateChallenge(null);

       }

 

       ss.evaluateResponse(response);

       if (ss.isComplete()) {

           System.out.println("auth success");

       }

    }

 

}

 

class ClientCallbackHandler implements CallbackHandler {

    public void handle(Callback[] callbacks) throws IOException,

           UnsupportedCallbackException {

       for (int i = 0; i < callbacks.length; i++) {

           if (callbacks[i] instanceof NameCallback) {

              NameCallback ncb = (NameCallback) callbacks[i];

              ncb.setName("tony");

           } else if (callbacks[i] instanceof PasswordCallback) {

              PasswordCallback pcb = (PasswordCallback) callbacks[i];

              pcb.setPassword("admin1".toCharArray());

           } else if (callbacks[i] instanceof RealmCallback) {

              RealmCallback rcb = (RealmCallback) callbacks[i];

              rcb.setText("java.com");

           } else {

              throw new UnsupportedCallbackException(callbacks[i]);

           }

       }

    }

}

 

class ServerCallbackHandler implements CallbackHandler {

 

    public ServerCallbackHandler() {

    }

 

    public void handle(final Callback[] callbacks) throws IOException,

           UnsupportedCallbackException {

 

       for (Callback callback : callbacks) {

           if (callback instanceof RealmCallback) {

              //do your business

           } else if (callback instanceof NameCallback) {

              //do your business

           } else if (callback instanceof PasswordCallback) {

              ((PasswordCallback) callback).setPassword("admin1"

                     .toCharArray());

           } else if (callback instanceof AuthorizeCallback) {

              AuthorizeCallback authCallback = ((AuthorizeCallback) callback);

              authCallback.setAuthorized(true);

           } else {

              System.out.println(callback.getClass().getName());

              throw new UnsupportedCallbackException(callback,

                     "Unrecognized Callback");

           }

       }

    }

}

注意这里只是基本的api如何使用,具体使用(根据自己系统的业务)要自己重新实现两个callbackhandler两个类,里面的用户名,密码,以及realm信息则要根据具体逻辑来写,比如是从数据库系统来,还是文件系统来,或者是SSO认证。

posted @ 2011-08-09 13:54  海鸟  阅读(1973)  评论(0编辑  收藏  举报