[ https://issues.apache.org/jira/browse/PROTON-1718?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16297167#comment-16297167 ]
Tim Taylor edited comment on PROTON-1718 at 12/19/17 6:11 PM: -------------------------------------------------------------- Thanks for the response! Okay, if this kind of change is unacceptable, maybe you can help me find a different way to resolve a problem I'm facing. Essentially, the service I need to do Sasl auth against only allows a custom Sasl mechanism. The flow works as follows: 1) Service advertises this custom Sasl mechanism as the only option 2) Client sends init message with a payload containing application code data to the service (sending multiple init messages if the payload is too large for one frame) 3) Service responds with a challenge asking to send some specific data 4) Client writes a frame with that data in Sasl Response 5) Service responds with another challenge, this time with a payload that +needs+ to be exposed to our application code for processing. 6) Client sends some challenge response using the processed data from the previous challenge. 7) Sasl authentication has succeeded There doesn't seem to be a way for me to implement this custom sasl flow using the current proton-j library. I can't choose what payload to include in the init, I can't expose the sasl challenge data exposed to my application for processing, and I can't tell the library how to handle each iteration of the challenge-response flow. Am I just missing how to implement a custom sasl mechanism, or is this a limitation of proton-j? Of the two commits made in the pull request for this fix, only the first is necessary for me to implement this. The second commit is simply to allow me to subclass SaslImpl so that I don't need to re-write and maintain all the logic that isn't tied to Init/Challenge/Response. Is it possible for this PR to be approved if I limit it to just the first commit? was (Author: timtay): Thanks for the response! Okay, if this kind of change is unacceptable, maybe you can help me find a different way to resolve a problem I'm facing. Essentially, the service I need to do Sasl auth against only allows a custom Sasl mechanism. The flow works as follows: 1) Service advertises this custom Sasl mechanism as the only option 2) Client sends init message with a payload containing application code data to the service (sending multiple init messages if the payload is too large for one frame) 3) Service responds with a challenge asking to send some specific data 4) Client writes a frame with that data in Sasl Response 5) Service responds with another challenge, this time with a payload that +needs+ to be exposed to our application code for processing. 6) Client sends some challenge response using the processed data from the previous challenge. 7) Sasl authentication has succeeded There doesn't seem to be a way for me to implement this custom sasl flow using the current proton-j library. I can't expose the sasl challenge data exposed to my application for processing, and I can't tell the library how to handle each iteration of the challenge-response flow. Am I just missing how to implement a custom sasl mechanism, or is this a limitation of proton-j? Of the two commits made in the pull request for this fix, only the first is necessary for me to implement this. The second commit is simply to allow me to subclass SaslImpl so that I don't need to re-write and maintain all the logic that isn't tied to Init/Challenge/Response. Is it possible for this PR to be approved if I limit it to just the first commit? > (Proton-J) Custom Sasl > ---------------------- > > Key: PROTON-1718 > URL: https://issues.apache.org/jira/browse/PROTON-1718 > Project: Qpid Proton > Issue Type: Improvement > Components: proton-j > Affects Versions: proton-j-0.24.0 > Reporter: Tim Taylor > Labels: features > > I would like to be able to provide a custom SASL implementation for Proton-j > to use instead of being forced to use the default SaslImpl.java > implementation. > Ideally, code like below would be possible > private class CustomSasl implements org.apache.qpid.proton.engine.Sasl > { > ... > } > ... > ... > //transport.sasl(...) saves the provided sasl implementation and uses it > internally > Sasl sasl = transport.sasl(new CustomSasl()); > Do you currently have a workaround that would allow me to use Proton-J this > way? -- This message was sent by Atlassian JIRA (v6.4.14#64029) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org