org.apache.thrift.transport
Class TSaslClientTransport

java.lang.Object
  extended by org.apache.thrift.transport.TTransport
      extended by org.apache.thrift.transport.TSaslClientTransport

public class TSaslClientTransport
extends TTransport

Wraps another Thrift TTransport, but performs SASL client negotiation on the call to open(). This class will wrap ensuing communication over it, if a SASL QOP is negotiated with the other party.


Nested Class Summary
protected static class TSaslTransport.NegotiationStatus
          Status bytes used during the initial Thrift SASL handshake.
protected static class TSaslTransport.SaslResponse
          Used exclusively by readSaslMessage to return both a status and data.
protected static class TSaslTransport.SaslRole
           
 
Field Summary
protected static int DEFAULT_MAX_LENGTH
           
protected static int MECHANISM_NAME_BYTES
           
protected static int PAYLOAD_LENGTH_BYTES
           
protected static int STATUS_BYTES
           
protected  TTransport underlyingTransport
          Transport underlying this one.
 
Constructor Summary
TSaslClientTransport(javax.security.sasl.SaslClient saslClient, TTransport transport)
          Uses the given SaslClient.
TSaslClientTransport(java.lang.String mechanism, java.lang.String authorizationId, java.lang.String protocol, java.lang.String serverName, java.util.Map<java.lang.String,java.lang.String> props, javax.security.auth.callback.CallbackHandler cbh, TTransport transport)
          Creates a SaslClient using the given SASL-specific parameters.
 
Method Summary
 void close()
          Closes the underlying transport and disposes of the SASL implementation underlying this transport.
 void flush()
          Flushes to the underlying transport.
protected  TSaslTransport.SaslRole getRole()
           
 javax.security.sasl.SaslClient getSaslClient()
          Get the underlying SaslClient.
 javax.security.sasl.SaslServer getSaslServer()
          Get the underlying SaslServer.
protected  void handleSaslStartMessage()
          Performs the client side of the initial portion of the Thrift SASL protocol.
 boolean isOpen()
          True if the underlying transport is open and the SASL handshake is complete.
 void open()
          Opens the underlying transport if it's not already open and then performs SASL negotiation.
 int read(byte[] buf, int off, int len)
          Read from the underlying transport.
protected  int readLength()
          Read a 4-byte word from the underlying transport and interpret it as an integer.
protected  TSaslTransport.SaslResponse receiveSaslMessage()
          Read a complete Thrift SASL message.
protected  void sendAndThrowMessage(TSaslTransport.NegotiationStatus status, java.lang.String message)
          Send a Thrift SASL message with the given status (usaully BAD or ERROR) and string message, and then throw a TTransportException with the given message.
protected  void sendSaslMessage(TSaslTransport.NegotiationStatus status, byte[] payload)
          Send a complete Thrift SASL message.
protected  void setSaslServer(javax.security.sasl.SaslServer saslServer)
           
 void write(byte[] buf, int off, int len)
          Write to the underlying transport.
protected  void writeLength(int length)
          Write the given integer as 4 bytes to the underlying transport.
 
Methods inherited from class org.apache.thrift.transport.TTransport
consumeBuffer, getBuffer, getBufferPosition, getBytesRemainingInBuffer, peek, readAll, write
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

DEFAULT_MAX_LENGTH

protected static final int DEFAULT_MAX_LENGTH
See Also:
Constant Field Values

MECHANISM_NAME_BYTES

protected static final int MECHANISM_NAME_BYTES
See Also:
Constant Field Values

STATUS_BYTES

protected static final int STATUS_BYTES
See Also:
Constant Field Values

PAYLOAD_LENGTH_BYTES

protected static final int PAYLOAD_LENGTH_BYTES
See Also:
Constant Field Values

underlyingTransport

protected TTransport underlyingTransport
Transport underlying this one.

Constructor Detail

TSaslClientTransport

public TSaslClientTransport(javax.security.sasl.SaslClient saslClient,
                            TTransport transport)
Uses the given SaslClient.

Parameters:
saslClient - The SaslClient to use for the subsequent SASL negotiation.
transport - Transport underlying this one.

TSaslClientTransport

public TSaslClientTransport(java.lang.String mechanism,
                            java.lang.String authorizationId,
                            java.lang.String protocol,
                            java.lang.String serverName,
                            java.util.Map<java.lang.String,java.lang.String> props,
                            javax.security.auth.callback.CallbackHandler cbh,
                            TTransport transport)
                     throws javax.security.sasl.SaslException
Creates a SaslClient using the given SASL-specific parameters. See the Java documentation for Sasl.createSaslClient for the details of the parameters.

Parameters:
transport - The underlying Thrift transport.
Throws:
javax.security.sasl.SaslException
Method Detail

getRole

protected TSaslTransport.SaslRole getRole()

handleSaslStartMessage

protected void handleSaslStartMessage()
                               throws TTransportException,
                                      javax.security.sasl.SaslException
Performs the client side of the initial portion of the Thrift SASL protocol. Generates and sends the initial response to the server, including which mechanism this client wants to use.

Throws:
TTransportException
javax.security.sasl.SaslException

setSaslServer

protected void setSaslServer(javax.security.sasl.SaslServer saslServer)

sendSaslMessage

protected void sendSaslMessage(TSaslTransport.NegotiationStatus status,
                               byte[] payload)
                        throws TTransportException
Send a complete Thrift SASL message.

Parameters:
status - The status to send.
payload - The data to send as the payload of this message.
Throws:
TTransportException

receiveSaslMessage

protected TSaslTransport.SaslResponse receiveSaslMessage()
                                                  throws TTransportException
Read a complete Thrift SASL message.

Returns:
The SASL status and payload from this message.
Throws:
TTransportException - Thrown if there is a failure reading from the underlying transport, or if a status code of BAD or ERROR is encountered.

sendAndThrowMessage

protected void sendAndThrowMessage(TSaslTransport.NegotiationStatus status,
                                   java.lang.String message)
                            throws TTransportException
Send a Thrift SASL message with the given status (usaully BAD or ERROR) and string message, and then throw a TTransportException with the given message.

Parameters:
status - The Thrift SASL status code to send. Usually BAD or ERROR.
message - The optional message to send to the other side.
Throws:
TTransportException - Always thrown with the message provided.

open

public void open()
          throws TTransportException
Opens the underlying transport if it's not already open and then performs SASL negotiation. If a QOP is negoiated during this SASL handshake, it used for all communication on this transport after this call is complete.

Specified by:
open in class TTransport
Throws:
TTransportException - if the transport could not be opened

getSaslClient

public javax.security.sasl.SaslClient getSaslClient()
Get the underlying SaslClient.

Returns:
The SaslClient, or null if this transport is backed by a SaslServer.

getSaslServer

public javax.security.sasl.SaslServer getSaslServer()
Get the underlying SaslServer.

Returns:
The SaslServer, or null if this transport is backed by a SaslClient.

readLength

protected int readLength()
                  throws TTransportException
Read a 4-byte word from the underlying transport and interpret it as an integer.

Returns:
The length prefix of the next SASL message to read.
Throws:
TTransportException - Thrown if reading from the underlying transport fails.

writeLength

protected void writeLength(int length)
                    throws TTransportException
Write the given integer as 4 bytes to the underlying transport.

Parameters:
length - The length prefix of the next SASL message to write.
Throws:
TTransportException - Thrown if writing to the underlying transport fails.

close

public void close()
Closes the underlying transport and disposes of the SASL implementation underlying this transport.

Specified by:
close in class TTransport

isOpen

public boolean isOpen()
True if the underlying transport is open and the SASL handshake is complete.

Specified by:
isOpen in class TTransport
Returns:
True if the transport is open.

read

public int read(byte[] buf,
                int off,
                int len)
         throws TTransportException
Read from the underlying transport. Unwraps the contents if a QOP was negotiated during the SASL handshake.

Specified by:
read in class TTransport
Parameters:
buf - Array to read into
off - Index to start reading at
len - Maximum number of bytes to read
Returns:
The number of bytes actually read
Throws:
TTransportException - if there was an error reading data

write

public void write(byte[] buf,
                  int off,
                  int len)
           throws TTransportException
Write to the underlying transport.

Specified by:
write in class TTransport
Parameters:
buf - The output data buffer
off - The offset to start writing from
len - The number of bytes to write
Throws:
TTransportException - if there was an error writing data

flush

public void flush()
           throws TTransportException
Flushes to the underlying transport. Wraps the contents if a QOP was negotiated during the SASL handshake.

Overrides:
flush in class TTransport
Throws:
TTransportException - if there was an error writing out data.