Author: coheigea
Date: Wed Dec 8 16:32:42 2010
New Revision: 1043501
URL: http://svn.apache.org/viewvc?rev=1043501&view=rev
Log:
[WSS-250] - ...and the missing handlers from the last commit.
Added:
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/KeystoreCallbackHandler.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/PublicKeyCallbackHandler.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/SecretKeyCallbackHandler.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/UsernamePasswordCallbackHandler.java
Added:
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/KeystoreCallbackHandler.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/KeystoreCallbackHandler.java?rev=1043501&view=auto
==============================================================================
---
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/KeystoreCallbackHandler.java
(added)
+++
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/KeystoreCallbackHandler.java
Wed Dec 8 16:32:42 2010
@@ -0,0 +1,64 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ws.security.common;
+
+import org.apache.ws.security.WSPasswordCallback;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * A Callback Handler implementation for the case of finding a password to
access a
+ * cert/private key in a keystore.
+ */
+public class KeystoreCallbackHandler implements CallbackHandler {
+
+ private Map<String, String> users = new HashMap<String, String>();
+
+ public KeystoreCallbackHandler() {
+ users.put("wss86", "security");
+ users.put("wss40", "security");
+ users.put("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
+ }
+
+ public void handle(Callback[] callbacks)
+ throws IOException, UnsupportedCallbackException {
+ for (int i = 0; i < callbacks.length; i++) {
+ if (callbacks[i] instanceof WSPasswordCallback) {
+ WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
+ switch (pc.getUsage()) {
+ case WSPasswordCallback.CUSTOM_TOKEN:
+ case WSPasswordCallback.DECRYPT: {
+ pc.setPassword(users.get(pc.getIdentifier()));
+ break;
+ }
+ default:
+ throw new IOException("Authentication failed");
+ }
+ } else {
+ throw new UnsupportedCallbackException(callbacks[i],
"Unrecognized Callback");
+ }
+ }
+ }
+}
Added:
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/PublicKeyCallbackHandler.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/PublicKeyCallbackHandler.java?rev=1043501&view=auto
==============================================================================
---
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/PublicKeyCallbackHandler.java
(added)
+++
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/PublicKeyCallbackHandler.java
Wed Dec 8 16:32:42 2010
@@ -0,0 +1,55 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ws.security.common;
+
+import org.apache.ws.security.PublicKeyCallback;
+
+import java.security.KeyStore;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import java.io.IOException;
+
+/**
+ * A Callback Handler implementation for the case of a PublicKeyCallback
+ */
+public class PublicKeyCallbackHandler implements CallbackHandler {
+
+ private KeyStore keyStore;
+
+ public void handle(Callback[] callbacks)
+ throws IOException, UnsupportedCallbackException {
+ for (int i = 0; i < callbacks.length; i++) {
+ if (callbacks[i] instanceof PublicKeyCallback) {
+ PublicKeyCallback pc = (PublicKeyCallback) callbacks[i];
+ java.security.PublicKey publicKey = pc.getPublicKey();
+ if (publicKey == null || !pc.verifyTrust(keyStore)) {
+ throw new IOException("Authentication of public key
failed");
+ }
+ } else {
+ throw new UnsupportedCallbackException(callbacks[i],
"Unrecognized Callback");
+ }
+ }
+ }
+
+ public void setKeyStore(KeyStore newKeyStore) {
+ keyStore = newKeyStore;
+ }
+}
Added:
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/SecretKeyCallbackHandler.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/SecretKeyCallbackHandler.java?rev=1043501&view=auto
==============================================================================
---
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/SecretKeyCallbackHandler.java
(added)
+++
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/SecretKeyCallbackHandler.java
Wed Dec 8 16:32:42 2010
@@ -0,0 +1,77 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ws.security.common;
+
+import org.apache.ws.security.WSPasswordCallback;
+import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.util.Base64;
+import org.apache.ws.security.util.WSSecurityUtil;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * A Callback Handler implementation for the case of storing a secret key.
+ */
+public class SecretKeyCallbackHandler implements CallbackHandler {
+
+ private Map<String, byte[]> secrets = new HashMap<String, byte[]>();
+ private byte[] outboundSecret = null;
+
+ public void handle(Callback[] callbacks)
+ throws IOException, UnsupportedCallbackException {
+ for (int i = 0; i < callbacks.length; i++) {
+ if (callbacks[i] instanceof WSPasswordCallback) {
+ WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
+ switch (pc.getUsage()) {
+ case WSPasswordCallback.ENCRYPTED_KEY_TOKEN:
+ case WSPasswordCallback.SECURITY_CONTEXT_TOKEN: {
+ byte[] secret = (byte[])
this.secrets.get(pc.getIdentifier());
+ pc.setKey(secret);
+ break;
+ }
+ case WSPasswordCallback.KEY_NAME: {
+ pc.setKey(outboundSecret);
+ break;
+ }
+ default:
+ throw new IOException("Authentication failed");
+ }
+ } else {
+ throw new UnsupportedCallbackException(callbacks[i],
"Unrecognized Callback");
+ }
+ }
+ }
+
+ public void addSecretKey(String identifier, byte[] secretKey) {
+ secrets.put(identifier, secretKey);
+ }
+
+ public void setOutboundSecret(byte[] secret) throws WSSecurityException {
+ outboundSecret = secret;
+ byte[] encodedBytes = WSSecurityUtil.generateDigest(outboundSecret);
+ String identifier = Base64.encode(encodedBytes);
+ addSecretKey(identifier, outboundSecret);
+ }
+}
Added:
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/UsernamePasswordCallbackHandler.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/UsernamePasswordCallbackHandler.java?rev=1043501&view=auto
==============================================================================
---
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/UsernamePasswordCallbackHandler.java
(added)
+++
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/UsernamePasswordCallbackHandler.java
Wed Dec 8 16:32:42 2010
@@ -0,0 +1,71 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ws.security.common;
+
+import org.apache.ws.security.WSPasswordCallback;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * A Callback Handler implementation for the case of processing a Username
Token.
+ */
+public class UsernamePasswordCallbackHandler implements CallbackHandler {
+
+ private Map<String, String> users = new HashMap<String, String>();
+
+ public UsernamePasswordCallbackHandler() {
+ users.put("wernerd", "verySecret");
+ users.put("bob", "security");
+ users.put("alice", "securityPassword");
+ }
+
+ public void handle(Callback[] callbacks)
+ throws IOException, UnsupportedCallbackException {
+ for (int i = 0; i < callbacks.length; i++) {
+ if (callbacks[i] instanceof WSPasswordCallback) {
+ WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
+ switch (pc.getUsage()) {
+ case WSPasswordCallback.USERNAME_TOKEN: {
+ pc.setPassword(users.get(pc.getIdentifier()));
+ break;
+ }
+ case WSPasswordCallback.USERNAME_TOKEN_UNKNOWN: {
+ String password = users.get(pc.getIdentifier());
+ if (password != null) {
+ pc.setPassword(password);
+ } else {
+ throw new IOException("Authentication failed");
+ }
+ break;
+ }
+ default:
+ throw new IOException("Authentication failed");
+ }
+ } else {
+ throw new UnsupportedCallbackException(callbacks[i],
"Unrecognized Callback");
+ }
+ }
+ }
+}
