The documentation states :
The password should be an encoded sequence of UTF-8 bytes
Thus the SaslAuthenticationHandler expects to receive a byte type var.
However, using gremlin-server with GraphSonMessageSerializer, if I send the payload with the sasl argument (say \x00stephen\x00password) in response to a gremlin-server 407 authentication challenge, I will get the following error:
java.lang.ClassCastException: java.lang.String cannot be cast to [B at org.apache.tinkerpop.gremlin.server.handler.SaslAuthenticationHandler.channelRead(SaslAuthenticationHandler.java:74)
This seems "normal" in that Json does not support any binary dataType and the sasl argument will automatically be converted to String.
I quickly tested a correction locally by changing this line to :
final String saslString = (String) requestMessage.getArgs().get(Tokens.ARGS_SASL); final byte saslResponse = saslString.getBytes(Charset.forName("UTF-8"));
This is clearly a breaking change, but it solved the Json issue.
If you have any ideas on the way you want to go with this (or If I'm totally doing something wrong) let me know. I could probably make a PR for this.