class %Net.Authenticator extends %RegisteredObject

Implement the Simple Authentication and Security Layer (SASL) as defined by RFC 2222. This class will pick a security mechanism (e.g. CRAM-MD5) from a list defined by the user of this class based on server options. The selected security mechanism will use its challenge-response mechanism to authenticate this client with the selected server. Currently no negotiation or support for a security layer is implemented.

	#include %occOptions
	#include %occStatus


Parameters Properties Methods Queries Indices ForeignKeys Triggers
5 3


Mechanism MechanismList Password ServiceName UserName

%AddToSaveSet %ClassIsLatestVersion %ClassName %ConstructClone
%DispatchClassMethod %DispatchGetModified %DispatchGetProperty %DispatchMethod
%DispatchSetModified %DispatchSetMultidimProperty %DispatchSetProperty %Extends
%GetParameter %IsA %IsModified %New
%NormalizeObject %ObjectModified %OriginalNamespace %PackageName
%RemoveFromSaveSet %SerializeObject %SetModified %ValidateObject
Next Start


• property Mechanism as %Net.SASL.Base;
The SASL mechanism selected for this authentication sequence.
• property MechanismList as %String [ InitialExpression = "CRAM-MD5,LOGIN,PLAIN" ];
An ordered, comma separated list of security mechanism names to be used for SASL authentication. Security mechanisms that are added to this list must inherit from %Net.SASL.Base. The default class name for these mechanisms is %Net.SASL.<mechanism name> where <mechanism name> is the name of a SASL mechanism with all characters except alphanumerics removed. The class name may be supplied explicitely in the format "<mechanism name>:<class name>". Cache supplied mechanisms are in the package %Net.SASL.
• property Password as %String;
The password for the user name being authenticated.
• property ServiceName as %String;
The service name for the service being authenticated. For example, SMTP authentication uses the service name "smtp".
• property UserName as %String;
The user name being authenticated. No authentication will be attempted unless UserName and Password are supplied.


• method Next(challenge As %String, ByRef response As %String) as %Boolean
Return next response based on challenge using the selected mechanism.
• method Start(authlist As %String, ByRef mechanismName As %String, ByRef response As %String) as %Boolean
Find matching SASL mechanism from blank separated authlist and return mechanism name and optional initial response for this mechanism.
Copyright © 1997-2020 InterSystems Corporation, Cambridge, MA