[jboss-remoting-commits] JBoss Remoting SVN: r3461 - remoting3/trunk/jrpp/src/main/java/org/jboss/cx/remoting/jrpp.
jboss-remoting-commits at lists.jboss.org
jboss-remoting-commits at lists.jboss.org
Thu Feb 21 00:25:04 EST 2008
Author: david.lloyd at jboss.com
Date: 2008-02-21 00:25:03 -0500 (Thu, 21 Feb 2008)
New Revision: 3461
Modified:
remoting3/trunk/jrpp/src/main/java/org/jboss/cx/remoting/jrpp/JrppConnection.java
Log:
Properly handle failures caused by the inability to process the server challenge; in this case, restart the auth process
Modified: remoting3/trunk/jrpp/src/main/java/org/jboss/cx/remoting/jrpp/JrppConnection.java
===================================================================
--- remoting3/trunk/jrpp/src/main/java/org/jboss/cx/remoting/jrpp/JrppConnection.java 2008-02-21 03:01:31 UTC (rev 3460)
+++ remoting3/trunk/jrpp/src/main/java/org/jboss/cx/remoting/jrpp/JrppConnection.java 2008-02-21 05:25:03 UTC (rev 3461)
@@ -241,6 +241,8 @@
((NameCallback)callback).setName("anonymous");
} else if (callback instanceof PasswordCallback) {
((PasswordCallback)callback).setPassword(new char[0]);
+ } else if (callback instanceof RealmCallback) {
+ ((RealmCallback)callback).setText("default");
} else {
throw new UnsupportedCallbackException(callback, "Default anonymous client callback handler cannot support this callback type");
}
@@ -350,7 +352,7 @@
private void close() {
state.transition(State.CLOSED);
- ioSession.close().awaitUninterruptibly();
+ ioSession.close();
protocolContext.closeSession();
}
@@ -644,6 +646,43 @@
default: break OUT;
}
}
+ case AWAITING_CLIENT_RESPONSE: {
+ switch (type) {
+ case SASL_RESPONSE: {
+ if (trace) {
+ log.trace("Recevied SASL response from client");
+ }
+ byte[] bytes = new byte[input.remaining()];
+ input.readFully(bytes);
+ SaslServerFilter saslServerFilter = getSaslServerFilter();
+ try {
+ if (saslServerFilter.handleSaslResponse(ioSession, bytes)) {
+ final IoBuffer buffer = newBuffer(60, false);
+ final MessageOutput output = protocolContext.getMessageOutput(new IoBufferByteOutput(buffer, ioSession));
+ write(output, MessageType.AUTH_SUCCESS);
+ output.commit();
+ saslServerFilter.startEncryption(ioSession);
+ state.requireTransition(State.AWAITING_CLIENT_RESPONSE, State.UP);
+ }
+ } catch (SaslException ex) {
+ final IoBuffer buffer = newBuffer(100, true);
+ final MessageOutput output = protocolContext.getMessageOutput(new IoBufferByteOutput(buffer, ioSession));
+ write(output, MessageType.AUTH_FAILED);
+ output.writeUTF("Authentication failed: " + ex.getMessage());
+ output.commit();
+ log.debug("Client authentication failed (" + ex.getMessage() + ")");
+ // todo - retry counter - JBREM-907
+ state.requireTransition(State.AWAITING_CLIENT_RESPONSE, State.AWAITING_CLIENT_AUTH_REQUEST);
+ }
+ return;
+ }
+ case AUTH_REQUEST: {
+ state.transition(State.AWAITING_CLIENT_AUTH_REQUEST);
+ break; // fall thru to AWAITING_CLIENT_AUTH_REQUEST/AUTH_REQUEST
+ }
+ default: break OUT;
+ }
+ }
case AWAITING_CLIENT_AUTH_REQUEST: {
switch (type) {
case AUTH_REQUEST: {
@@ -666,9 +705,9 @@
final MessageOutput output = protocolContext.getMessageOutput(new IoBufferByteOutput(buffer, ioSession));
write(output, MessageType.AUTH_SUCCESS);
output.commit();
- state.requireTransition(State.AWAITING_CLIENT_VERSION, State.UP);
+ state.requireTransition(State.UP);
} else {
- state.requireTransition(State.AWAITING_CLIENT_VERSION, State.AWAITING_CLIENT_RESPONSE);
+ state.requireTransition(State.AWAITING_CLIENT_RESPONSE);
}
} catch (SaslException ex) {
final IoBuffer buffer = newBuffer(100, true);
@@ -692,54 +731,27 @@
final String name = input.readUTF();
remoteName = name.length() > 0 ? name : null;
sendAuthRequest();
- state.requireTransition(State.AWAITING_SERVER_VERSION, State.AWAITING_SERVER_CHALLENGE);
+ state.requireTransition(State.AWAITING_SERVER_CHALLENGE);
return;
}
default: break OUT;
}
}
- case AWAITING_CLIENT_RESPONSE: {
+ case AWAITING_SERVER_CHALLENGE: {
switch (type) {
- case SASL_RESPONSE: {
- if (trace) {
- log.trace("Recevied SASL response from client");
- }
+ case SASL_CHALLENGE: {
byte[] bytes = new byte[input.remaining()];
input.readFully(bytes);
- SaslServerFilter saslServerFilter = getSaslServerFilter();
+ SaslClientFilter saslClientFilter = getSaslClientFilter();
try {
- if (saslServerFilter.handleSaslResponse(ioSession, bytes)) {
- final IoBuffer buffer = newBuffer(60, false);
- final MessageOutput output = protocolContext.getMessageOutput(new IoBufferByteOutput(buffer, ioSession));
- write(output, MessageType.AUTH_SUCCESS);
- output.commit();
- saslServerFilter.startEncryption(ioSession);
- state.requireTransition(State.AWAITING_CLIENT_RESPONSE, State.UP);
- }
+ saslClientFilter.handleSaslChallenge(ioSession, bytes);
} catch (SaslException ex) {
- final IoBuffer buffer = newBuffer(100, true);
- final MessageOutput output = protocolContext.getMessageOutput(new IoBufferByteOutput(buffer, ioSession));
- write(output, MessageType.AUTH_FAILED);
- output.writeUTF("Authentication failed: " + ex.getMessage());
- output.commit();
- log.info("Client authentication failed (" + ex.getMessage() + ")");
+ log.debug("Failed to handle challenge from server; reset and try again");
// todo - retry counter - JBREM-907
- state.requireTransition(State.AWAITING_CLIENT_RESPONSE, State.AWAITING_CLIENT_AUTH_REQUEST);
+ sendAuthRequest();
}
return;
}
- default: break OUT;
- }
- }
- case AWAITING_SERVER_CHALLENGE: {
- switch (type) {
- case SASL_CHALLENGE: {
- byte[] bytes = new byte[input.remaining()];
- input.readFully(bytes);
- SaslClientFilter saslClientFilter = getSaslClientFilter();
- saslClientFilter.handleSaslChallenge(ioSession, bytes);
- return;
- }
case AUTH_SUCCESS: {
SaslClientFilter saslClientFilter = getSaslClientFilter();
saslClientFilter.startEncryption(ioSession);
@@ -748,7 +760,7 @@
}
case AUTH_FAILED: {
String reason = input.readUTF();
- log.info("JRPP client failed to authenticate: %s", reason);
+ log.debug("JRPP client failed to authenticate: %s", reason);
final SaslClientFilter oldClientFilter = getSaslClientFilter();
oldClientFilter.destroy();
final CallbackHandler callbackHandler = getClientCallbackHandler(attributeMap);
More information about the jboss-remoting-commits
mailing list