JAASCallbackHandler


1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one or more
3    * contributor license agreements.  See the NOTICE file distributed with
4    * this work for additional information regarding copyright ownership.
5    * The ASF licenses this file to You under the Apache License, Version 2.0
6    * (the "License"); you may not use this file except in compliance with
7    * the License.  You may obtain a copy of the License at
8    * 
9    *      http://www.apache.org/licenses/LICENSE-2.0
10   * 
11   * Unless required by applicable law or agreed to in writing, software
12   * distributed under the License is distributed on an "AS IS" BASIS,
13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   * See the License for the specific language governing permissions and
15   * limitations under the License.
16   */
17  
18  
19  package org.apache.catalina.realm;
20  
21  
22  import java.io.IOException  ;
23  import javax.security.auth.callback.Callback  ;
24  import javax.security.auth.callback.CallbackHandler  ;
25  import javax.security.auth.callback.NameCallback  ;
26  import javax.security.auth.callback.PasswordCallback  ;
27  import javax.security.auth.callback.UnsupportedCallbackException  ;
28  
29  import org.apache.catalina.util.StringManager;
30  import org.apache.commons.logging.Log;
31  import org.apache.commons.logging.LogFactory;
32  
33  /**
34   * <p>Implementation of the JAAS <code>CallbackHandler</code> interface,
35   * used to negotiate delivery of the username and credentials that were
36   * specified to our constructor.  No interaction with the user is required
37   * (or possible).</p>
38   *
39   * <p>This <code>CallbackHandler</code> will pre-digest the supplied
40   * password, if required by the <code>&lt;Realm&gt;</code> element in 
41   * <code>server.xml</code>.</p>
42   * <p>At present, <code>JAASCallbackHandler</code> knows how to handle callbacks of
43   * type <code>javax.security.auth.callback.NameCallback</code> and
44   * <code>javax.security.auth.callback.PasswordCallback</code>.</p>
45   *
46   * @author Craig R. McClanahan
47   * @author Andrew R. Jaquith
48   * @version $Revision: 467222 $ $Date: 2006-10-24 05:17:11 +0200 (mar., 24 oct. 2006) $
49   */
50  
51  public class JAASCallbackHandler implements CallbackHandler   {
52      private static Log log = LogFactory.getLog(JAASCallbackHandler.class);
53  
54      // ------------------------------------------------------------ Constructor
55  
56  
57      /**
58       * Construct a callback handler configured with the specified values.
59       * Note that if the <code>JAASRealm</code> instance specifies digested passwords,
60       * the <code>password</code> parameter will be pre-digested here.
61       *
62       * @param realm Our associated JAASRealm instance
63       * @param username Username to be authenticated with
64       * @param password Password to be authenticated with
65       */
66      public JAASCallbackHandler(JAASRealm realm, String   username,
67                                 String   password) {
68  
69          super();
70          this.realm = realm;
71          this.username = username;
72  
73          if (realm.hasMessageDigest()) {
74              this.password = realm.digest(password);
75          }
76          else {
77              this.password = password;
78          }
79      }
80  
81  
82      // ----------------------------------------------------- Instance Variables
83  
84      /**
85       * The string manager for this package.
86       */
87      protected static final StringManager sm =
88          StringManager.getManager(Constants.Package);
89  
90      /**
91       * The password to be authenticated with.
92       */
93      protected String   password = null;
94  
95  
96      /**
97       * The associated <code>JAASRealm</code> instance.
98       */
99      protected JAASRealm realm = null;
100 
101 
102     /**
103      * The username to be authenticated with.
104      */
105     protected String   username = null;
106 
107 
108     // --------------------------------------------------------- Public Methods
109 
110 
111     /**
112      * Retrieve the information requested in the provided <code>Callbacks</code>.
113      * This implementation only recognizes <code>NameCallback</code> and
114      * <code>PasswordCallback</code> instances.
115      *
116      * @param callbacks The set of <code>Callback</code>s to be processed
117      *
118      * @exception IOException if an input/output error occurs
119      * @exception UnsupportedCallbackException if the login method requests
120      *  an unsupported callback type
121      */
122     public void handle(Callback   callbacks[])
123         throws IOException  , UnsupportedCallbackException   {
124 
125         for (int i = 0; i < callbacks.length; i++) {
126 
127             if (callbacks[i] instanceof NameCallback  ) {
128                 if (realm.getContainer().getLogger().isTraceEnabled())
129                     realm.getContainer().getLogger().trace(sm.getString("jaasCallback.username", username));
130                 ((NameCallback  ) callbacks[i]).setName(username);
131             } else if (callbacks[i] instanceof PasswordCallback  ) {
132                 final char[] passwordcontents;
133                 if (password != null) {
134                     passwordcontents = password.toCharArray();
135                 } else {
136                     passwordcontents = new char[0];
137                 }
138                 ((PasswordCallback  ) callbacks[i]).setPassword
139                     (passwordcontents);
140             } else {
141                 throw new UnsupportedCallbackException  (callbacks[i]);
142             }
143         }
144     }
145 }
146
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags