Open Exchange
Global Masters
Home / Class Reference / %SYS namespace / %Net.Authenticator
Private  Storage   


class %Net.Authenticator extends

Implement the Simple Authentication and Security Layer (SASL) as defined by RFC 2222. This class will pick a security mechanism (e.g. CRAM-MD5) from a list defined by the user of this class based on server options. The selected security mechanism will use its challenge-response mechanism to authenticate this client with the selected server. Currently no negotiation or support for a security layer is implemented.

	#include %occOptions
	#include %occStatus


Parameters Properties Methods Queries Indices ForeignKeys Triggers
5 3


Mechanism MechanismList Password ServiceName UserName

%%OIDGet %AddToSaveSet %BindExport %BuildObjectGraph
%ClassIsLatestVersion %ClassName %Close %ConstructClone
%DispatchClassMethod %DispatchGetModified %DispatchGetProperty %DispatchMethod
%DispatchSetModified %DispatchSetMultidimProperty %DispatchSetProperty %Extends
%GetParameter %IncrementCount %IsA %IsModified
%New %NormalizeObject %ObjectModified %OriginalNamespace
%PackageName %RemoveFromSaveSet %SerializeObject %SetModified
%ValidateObject Next Start


• property Mechanism as %Net.SASL.Base;
The SASL mechanism selected for this authentication sequence.
• property MechanismList as %String [ InitialExpression = "CRAM-MD5,LOGIN,PLAIN" ];
An ordered, comma separated list of security mechanism names to be used for SASL authentication. Security mechanisms that are added to this list must inherit from %Net.SASL.Base. The default class name for these mechanisms is %Net.SASL.<mechanism name> where <mechanism name> is the name of a SASL mechanism with all characters except alphanumerics removed. The class name may be supplied explicitely in the format "<mechanism name>:<class name>". InterSystems IRIS-supplied mechanisms are in the package %Net.SASL.
• property Password as %String;
The password for the user name being authenticated.
• property ServiceName as %String;
The service name for the service being authenticated. For example, SMTP authentication uses the service name "smtp".
• property UserName as %String;
The user name being authenticated. No authentication will be attempted unless UserName and Password are supplied.


• private method GetMechanisms(ByRef mechanismArray, ByRef classArray)
Convert SASL mechanism list to an array where mechanismArray is the number of mechanisms, mechanismArray(i) is the mechanism name and classArray(i) is the associated class name.
• method Next(challenge As %String, ByRef response As %String) as %Boolean
Return next response based on challenge using the selected mechanism.
• method Start(authlist As %String, ByRef mechanismName As %String, ByRef response As %String) as %Boolean
Find matching SASL mechanism from blank separated authlist and return mechanism name and optional initial response for this mechanism.