Poco::RemotingNG::TCP

class SCRAMClientAuthenticator

Library: RemotingNG/TCP
Package: TCP
Header: Poco/RemotingNG/TCP/SCRAMClientAuthenticator.h

Description

This ClientAuthenticator implementation provides the SCRAM-SHA-1 (Salted Challenge Response Authentication Mechanism with SHA-1) authentication mechanism.

SCRAM specifies the authentication message exchange between the client and the server. It uses the PBKDF2 algorithm from the Public-Key Cryptography Standards (PKCS) and has the following features:

  • The password is never transmitted in plain text, only a hash of the password is transmitted.
  • The server does not need to store the passwords in plain text (or encrypted); salted hashes of the passwords are sufficient.
  • The protocol allows for authenticating the client against the server and also authentication the server against the client.

Inheritance

Direct Base Classes: ClientAuthenticator

All Base Classes: Poco::RefCountedObject, ClientAuthenticator

Member Summary

Member Functions: continueAuthentication, hashCredentials, startAuthentication

Inherited Functions: continueAuthentication, duplicate, referenceCount, release, startAuthentication

Types

Ptr

typedef Poco::AutoPtr < SCRAMClientAuthenticator > Ptr;

Enumerations

State protected

STATE_INIT

STATE_START

STATE_CLIENT_AUTH

Constructors

SCRAMClientAuthenticator

SCRAMClientAuthenticator();

Destructor

~SCRAMClientAuthenticator virtual

~SCRAMClientAuthenticator();

Destroys the SCRAMClientAuthenticator.

Member Functions

continueAuthentication virtual

bool continueAuthentication(
    const Credentials & serverCredentials,
    Credentials & clientCredentials
);

startAuthentication virtual

std::string startAuthentication(
    Credentials & clientCredentials
);

hashCredentials protected

std::string hashCredentials(
    const Credentials & creds
);

Variables

SCRAM_SHA1 static

static const std::string SCRAM_SHA1;

The name of the mechanism is "SCRAM-SHA-1".

DEFAULT_CRED_MD5_SALT protected static

static const std::string DEFAULT_CRED_MD5_SALT;