当前位置: 文江博客话题详情

如何使用 Java SASL API 和 CRAM-MD5

发布于 2024-08-17 17:14:10 字数 2970 浏览 6 评论 0原文

我目前正在使用 Java SASL API,并编写了一个小程序来使用 CRAM-MD5 模拟质询响应序列。但是,我不确定如何执行此操作,因为 SaslClient 和 SaslServer 仅具有方法valuateChallenge(...) 和evaluateResponse(...)。我希望 SaslServer 有一个像 issuesChallenge(...) 或类似的方法,但它没有。那么正确的方法是什么?

下面你可以找到我的(不起作用)代码。

    package mypackage;

    import java.io.IOException;

    import javax.security.auth.callback.Callback;
    import javax.security.auth.callback.CallbackHandler;
    import javax.security.auth.callback.NameCallback;
    import javax.security.auth.callback.PasswordCallback;
    import javax.security.auth.callback.UnsupportedCallbackException;
    import javax.security.sasl.AuthorizeCallback;
    import javax.security.sasl.Sasl;
    import javax.security.sasl.SaslClient;
    import javax.security.sasl.SaslException;
    import javax.security.sasl.SaslServer;

    public class Main {

    public static void main(String[] args) throws SaslException {

  new Main().start();
 }

 private static class ClientHandler implements CallbackHandler {

  @Override
  public void handle(Callback[] cbs) throws IOException, UnsupportedCallbackException {
   for (Callback cb : cbs) {
    if (cb instanceof NameCallback) {

     System.out.println("Client - NameCallback");

     NameCallback nc = (NameCallback)cb;
     nc.setName("username");
    } else if (cb instanceof PasswordCallback) {

     System.out.println("Client - PasswordCallback");

     PasswordCallback pc = (PasswordCallback)cb;
     pc.setPassword("password".toCharArray());
    }
   }
  }
 }

 private static class ServerHandler implements CallbackHandler {

  @Override
  public void handle(Callback[] cbs) throws IOException, UnsupportedCallbackException {
   for (Callback cb : cbs) {
    if (cb instanceof AuthorizeCallback) {

     System.out.println("Server - AuthorizeCallback");

     AuthorizeCallback ac = (AuthorizeCallback)cb;
     ac.setAuthorized(true);

    } else if (cb instanceof NameCallback) {

     System.out.println("Server - NameCallback");

     NameCallback nc = (NameCallback)cb;
     nc.setName("username");

    } else if (cb instanceof PasswordCallback) {

     System.out.println("Server - PasswordCallback");

     PasswordCallback pc = (PasswordCallback)cb;
     pc.setPassword("password".toCharArray());
    }
   }
  }
 }

 private void start() throws SaslException {

  byte[] challenge;
  byte[] response;

  ClientHandler clientHandler = new ClientHandler();
  ServerHandler serverHandler = new ServerHandler();

  SaslClient sc = Sasl.createSaslClient(new String[] { "CRAM-MD5" }, null, "my_server", "FQHN", null, clientHandler); 
  SaslServer ss = Sasl.createSaslServer("CRAM-MD5", "my_server", "FQHN", null, serverHandler);

  // Challenge response sequence (not working)
  challenge = ss.evaluateResponse(null);
  response = sc.evaluateChallenge(challenge);
  ss.evaluateResponse(response);

  if (ss.isComplete()) {
   System.out.println("Authentication successful.");
  }
 }
}

问候,弗雷德

原文

I'm currently playing with the Java SASL API and I wrote a little program to simulate a challenge response sequence using CRAM-MD5. However, I'm unsure about how to do this, as SaslClient and SaslServer only have methods evaluateChallenge(...) and evaluateResponse(...). I would expect SaslServer to have a method like issueChallenge(...) or something like that, but it has not. So what is the correct way to do this?

Below you find my (not working) code.

    package mypackage;

    import java.io.IOException;

    import javax.security.auth.callback.Callback;
    import javax.security.auth.callback.CallbackHandler;
    import javax.security.auth.callback.NameCallback;
    import javax.security.auth.callback.PasswordCallback;
    import javax.security.auth.callback.UnsupportedCallbackException;
    import javax.security.sasl.AuthorizeCallback;
    import javax.security.sasl.Sasl;
    import javax.security.sasl.SaslClient;
    import javax.security.sasl.SaslException;
    import javax.security.sasl.SaslServer;

    public class Main {

    public static void main(String[] args) throws SaslException {

  new Main().start();
 }

 private static class ClientHandler implements CallbackHandler {

  @Override
  public void handle(Callback[] cbs) throws IOException, UnsupportedCallbackException {
   for (Callback cb : cbs) {
    if (cb instanceof NameCallback) {

     System.out.println("Client - NameCallback");

     NameCallback nc = (NameCallback)cb;
     nc.setName("username");
    } else if (cb instanceof PasswordCallback) {

     System.out.println("Client - PasswordCallback");

     PasswordCallback pc = (PasswordCallback)cb;
     pc.setPassword("password".toCharArray());
    }
   }
  }
 }

 private static class ServerHandler implements CallbackHandler {

  @Override
  public void handle(Callback[] cbs) throws IOException, UnsupportedCallbackException {
   for (Callback cb : cbs) {
    if (cb instanceof AuthorizeCallback) {

     System.out.println("Server - AuthorizeCallback");

     AuthorizeCallback ac = (AuthorizeCallback)cb;
     ac.setAuthorized(true);

    } else if (cb instanceof NameCallback) {

     System.out.println("Server - NameCallback");

     NameCallback nc = (NameCallback)cb;
     nc.setName("username");

    } else if (cb instanceof PasswordCallback) {

     System.out.println("Server - PasswordCallback");

     PasswordCallback pc = (PasswordCallback)cb;
     pc.setPassword("password".toCharArray());
    }
   }
  }
 }

 private void start() throws SaslException {

  byte[] challenge;
  byte[] response;

  ClientHandler clientHandler = new ClientHandler();
  ServerHandler serverHandler = new ServerHandler();

  SaslClient sc = Sasl.createSaslClient(new String[] { "CRAM-MD5" }, null, "my_server", "FQHN", null, clientHandler); 
  SaslServer ss = Sasl.createSaslServer("CRAM-MD5", "my_server", "FQHN", null, serverHandler);

  // Challenge response sequence (not working)
  challenge = ss.evaluateResponse(null);
  response = sc.evaluateChallenge(challenge);
  ss.evaluateResponse(response);

  if (ss.isComplete()) {
   System.out.println("Authentication successful.");
  }
 }
}

Greetings, Fred

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

怀中猫帐中妖 2024-08-24 17:14:10

我能够通过将一行从 改为 The javadoc forvaluateResponse() 来使上述

代码

challenge = ss.evaluateResponse(null);

正常

challenge = ss.evaluateResponse(new byte[0]);

工作

调用此方法是为了准备适当的下一个挑战以提交给客户端

所以我从上面猜测,不需要 issueChallange() 方法,evaluateResponse()负责发布响应。

I was able to get the above code working by changing one line

from

challenge = ss.evaluateResponse(null);

to

challenge = ss.evaluateResponse(new byte[0]);

The javadoc for evaluateResponse() says

this method is called to prepare an appropriate next challenge to submit to the client

So I guess from the above, there is no need for a issueChallange() method, evaluateResponse() takes care of issuing the response.

回复 原文
~没有更多了~

关于作者

幸福丶如此

暂无简介

文章
评论
26 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

知足的幸福

文章 0 评论 0

我一向站在原地

文章 0 评论 0

慕烟庭风

文章 0 评论 0

秉忠贞之诚 守退让之实

文章 0 评论 0

小兔几

文章 0 评论 0

mb_3y7WUgWY

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文