JAASUsernameTokenValidator.java

coheigea Wed, 27 Feb 2013 09:26:24 -0800

Author: coheigea
Date: Wed Feb 27 17:25:58 2013
New Revision: 1450862

URL: http://svn.apache.org/r1450862
Log:
Missing files from last commit


Added:
    
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/NamePasswordCallbackHandler.java
Modified:
    
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/JAASUsernameTokenValidator.java

Added: 
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/NamePasswordCallbackHandler.java
URL: 
http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/NamePasswordCallbackHandler.java?rev=1450862&view=auto
==============================================================================
--- 
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/NamePasswordCallbackHandler.java
 (added)
+++ 
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/NamePasswordCallbackHandler.java
 Wed Feb 27 17:25:58 2013
@@ -0,0 +1,99 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.wss4j.common;
+
+import java.io.IOException;
+import java.lang.reflect.Method;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+public class NamePasswordCallbackHandler implements CallbackHandler {  
+
+    private static org.apache.commons.logging.Log log = 
+        
org.apache.commons.logging.LogFactory.getLog(NamePasswordCallbackHandler.class);
+    
+    private static final String PASSWORD_CALLBACK_NAME = "setObject";
+    private static final Class<?>[] PASSWORD_CALLBACK_TYPES = 
+        new Class<?>[]{Object.class, char[].class, String.class};
+    
+    private String username;  
+    private String password;  
+    
+    private String passwordCallbackName;
+    
+    public NamePasswordCallbackHandler(String username, String password) {  
+        this(username, password, null);  
+    }  
+     
+    public NamePasswordCallbackHandler(String username, String password, 
String passwordCallbackName) {  
+        this.username = username;  
+        this.password = password;
+        this.passwordCallbackName = passwordCallbackName;
+    }  
+
+    public void handle(Callback[] callbacks) throws IOException, 
UnsupportedCallbackException {  
+        for (int i = 0; i < callbacks.length; i++) {  
+            Callback callback = callbacks[i];
+            if (handleCallback(callback)) {
+                continue;
+            } else if (callback instanceof NameCallback) {  
+                ((NameCallback) callback).setName(username);  
+            } else if (callback instanceof PasswordCallback) {  
+                PasswordCallback pwCallback = (PasswordCallback) callback;  
+                pwCallback.setPassword(password.toCharArray());
+            } else if (!invokePasswordCallback(callback)) {
+                log.error("Unsupported callback type " + 
callbacks[i].getClass().getName());
+                throw new UnsupportedCallbackException(callbacks[i], 
"Unsupported callback type " + callbacks[i].getClass().getName());  
+            }  
+        }  
+    }      
+    
+    protected boolean handleCallback(Callback callback) {
+        return false;
+    }
+    
+    /*
+     * This method is called from the handle(Callback[]) method when the 
specified callback 
+     * did not match any of the known callback classes. It looks for the 
callback method 
+     * having the specified method name with one of the supported parameter 
types.
+     * If found, it invokes the callback method on the object and returns 
true. 
+     * If not, it returns false.
+     */
+    private boolean invokePasswordCallback(Callback callback) {
+        String cbname = passwordCallbackName == null
+                        ? PASSWORD_CALLBACK_NAME : passwordCallbackName;
+        for (Class<?> arg : PASSWORD_CALLBACK_TYPES) {
+            try {
+                Method method = callback.getClass().getMethod(cbname, arg);
+                method.invoke(callback, arg == String.class ? password : 
password.toCharArray());
+                return true;
+            } catch (Exception e) {
+                // ignore and continue
+                log.warn(e.toString());
+            }
+        }
+        return false;
+    }
+ 
+}
+

Modified: 
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/JAASUsernameTokenValidator.java
URL: 
http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/JAASUsernameTokenValidator.java?rev=1450862&r1=1450861&r2=1450862&view=diff
==============================================================================
--- 
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/JAASUsernameTokenValidator.java
 (original)
+++ 
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/JAASUsernameTokenValidator.java
 Wed Feb 27 17:25:58 2013
@@ -24,8 +24,8 @@ import javax.security.auth.callback.Call
 import javax.security.auth.login.LoginContext;
 import javax.security.auth.login.LoginException;
 
-import org.apache.wss4j.dom.NamePasswordCallbackHandler;
 import org.apache.wss4j.dom.WSConstants;
+import org.apache.wss4j.common.NamePasswordCallbackHandler;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.dom.handler.RequestData;
 import org.apache.wss4j.dom.message.token.UsernameToken;

svn commit: r1450862 - in /webservices/wss4j/trunk: ws-security-common/src/main/java/org/apache/wss4j/common/NamePasswordCallbackHandler.java ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/JAASUsernameTokenValidator.java

Reply via email to