qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tim Taylor (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (PROTON-1718) (Proton-J) Custom Sasl
Date Tue, 19 Dec 2017 18:04:00 GMT

    [ https://issues.apache.org/jira/browse/PROTON-1718?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16297167#comment-16297167

Tim Taylor commented on PROTON-1718:

Thanks for the response!

Okay, if this kind of change is unacceptable, maybe you can help me find a different way to
resolve a problem I'm facing. Essentially, the service I need to do Sasl auth against only
allows a custom Sasl mechanism. The flow works as follows:

1) Service advertises this custom Sasl mechanism as the only option
2) Client sends init message with a payload containing application code data to the service
(sending multiple init messages if the payload is too large for one frame)
3) Service responds with a challenge asking to send some specific data
4) Client writes a frame with that data in Sasl Response
5) Service responds with another challenge, this time with a payload that +needs+ to be exposed
to our application code for processing.
6) Client sends some challenge response using the processed data from the previous challenge.
7) Sasl authentication has succeeded

There doesn't seem to be a way for me to implement this custom sasl flow using the current
proton-j library. I can't expose the sasl challenge data exposed to my application for processing,
and I can't tell the library how to handle each iteration of the challenge-response flow.
Am I just missing how to implement a custom sasl mechanism, or is this a limitation of proton-j?

Of the two commits made in the pull request for this fix, only the first is necessary for
me to implement this. The second commit is simply to allow me to subclass SaslImpl so that
I don't need to re-write and maintain all the logic that isn't tied to Init/Challenge/Response.
Is it possible for this PR to be approved if I limit it to just the first commit?

> (Proton-J) Custom Sasl
> ----------------------
>                 Key: PROTON-1718
>                 URL: https://issues.apache.org/jira/browse/PROTON-1718
>             Project: Qpid Proton
>          Issue Type: Improvement
>          Components: proton-j
>    Affects Versions: proton-j-0.24.0
>            Reporter: Tim Taylor
>              Labels: features
> I would like to be able to provide a custom SASL implementation for Proton-j to use instead
of being forced to use the default SaslImpl.java implementation.
> Ideally, code like below would be possible
> private class CustomSasl implements org.apache.qpid.proton.engine.Sasl
> {
> ...
> }
> ...
> ...
> //transport.sasl(...) saves the provided sasl implementation and uses it internally
> Sasl sasl = transport.sasl(new CustomSasl());
> Do you currently have a workaround that would allow me to use Proton-J this way?

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org

View raw message