thrownewIllegalStateException("Unexpected data received while negotiating SASL authentication. Name of the offending root element: "+doc.getName()+" Namespace: "+doc.getNamespaceURI());
thrownewSaslFailureException(Failure.INVALID_MECHANISM,"There is no provider that can provide a SASL server for the desired mechanism and properties.");
}
else{
Log.warn("Client wants to do a MECH we don't support: '"+
thrownewIllegalStateException("Unexpected data received while negotiating SASL authentication. Name of the offending root element: "+doc.getName()+" Namespace: "+doc.getNamespaceURI());
}
// Just accept the authentication :)
authenticationSuccessful(session,null,null);
returnStatus.authenticated;
}
else{
// anonymous login is disabled so close the connection
* Creates a <code>SaslServer</code> implementing a supported mechanism using the parameters supplied.
*
* @param mechanism The non-null IANA-registered named of a SASL mechanism.
* @param protocol The non-null string name of the protocol for which the authentication is being performed (e.g., "ldap").
* @param serverName The non-null fully qualified host name of the server to authenticate to.
* @param props The possibly null set of properties used to select the SASL mechanism and to configure the authentication exchange of the selected mechanism.
* @param cbh The possibly null callback handler to used by the SASL mechanisms to get further information from the application/library to complete the authentication.
* @return A possibly null SaslServer created using the parameters supplied. If null, this factory cannot produce a SaslServer using the parameters supplied.
* @throws SaslException If cannot create a SaslServer because of an error.
Log.debug("Unable to instantiate {} Sasl Server: Provided properties contains neither LocalClientSession nor LocalIncomingServerSession instance.",mechanism);
returnnull;
}
caseJiveSharedSecretSaslServer.NAME:
returnnewJiveSharedSecretSaslServer();
default:
thrownewIllegalStateException();// Fail fast - this should not be possible, as the first check in this method already verifies wether the mechanism is supported.