SecurityAssociationHandler


1   /*
2    * JBoss, the OpenSource WebOS
3    *
4    * Distributable under LGPL license.
5    * See terms of license at gnu.org.
6    */
7   package org.jboss.security.auth.callback;
8   
9   import java.lang.reflect.Method  ;
10  import java.security.Principal  ;
11  import javax.security.auth.callback.Callback  ;
12  import javax.security.auth.callback.CallbackHandler  ;
13  import javax.security.auth.callback.NameCallback  ;
14  import javax.security.auth.callback.PasswordCallback  ;
15  import javax.security.auth.callback.UnsupportedCallbackException  ;
16  
17  /** An implementation of CallbackHandler is assigned a Principal, and
18   opaque Object credential as values passed to the constructor. This is suitable
19   for environments that need non-interactive JAAS logins and is used by the
20   JaasSecurityManager as its default CallbackHandler.
21  
22   @see javax.security.auth.callback.CallbackHandler
23   @see #handle(Callback[])
24  
25   @author  Scott.Stark@jboss.org
26   @version $Revision: 1.8 $
27   */
28  public class SecurityAssociationHandler implements CallbackHandler  
29  {
30     private transient Principal   principal;
31     private transient Object   credential;
32  
33     public SecurityAssociationHandler()
34     {
35     }
36  
37     /** Initialize the UsernamePasswordHandler with the principal
38      and credentials to use.
39      */
40     public SecurityAssociationHandler(Principal   principal, Object   credential)
41     {
42        this.principal = principal;
43        this.credential = credential;
44     }
45  
46     public void setSecurityInfo(Principal   principal, Object   credential)
47     {
48        this.principal = principal;
49        this.credential = credential;
50     }
51  
52     /** Handles SecurityAssociationCallback, ObjectCallback, NameCallback and
53      PasswordCallback types. A NameCallback name property is set to
54      the Prinicpal.getName() value. A PasswordCallback password property is
55      set to the getPassword() value. The preferred SecurityAssociationCallback
56      has its principal and credential properties set to the instance principal
57      and credential. An ObjectCallback has its credential set to the credential
58      value.
59  
60      @see #getPassword()
61      @exception UnsupportedCallbackException, thrown if any callback of
62      type other than SecurityAssociationCallback, ObjectCallback, NameCallback
63      or PasswordCallback are seen.
64      */
65     public void handle(Callback  [] callbacks) throws
66        UnsupportedCallbackException  
67     {
68        for (int i = 0; i < callbacks.length; i++)
69        {
70           Callback   c = callbacks[i];
71           if (c instanceof SecurityAssociationCallback)
72           {
73              SecurityAssociationCallback sac = (SecurityAssociationCallback) c;
74              sac.setPrincipal(principal);
75              sac.setCredential(credential);
76           }
77           else if (c instanceof ObjectCallback)
78           {
79              ObjectCallback oc = (ObjectCallback) c;
80              oc.setCredential(credential);
81           }
82           else if (c instanceof NameCallback  )
83           {
84              NameCallback   nc = (NameCallback  ) c;
85              if (principal != null)
86                 nc.setName(principal.getName());
87           }
88           else if (c instanceof PasswordCallback  )
89           {
90              PasswordCallback   pc = (PasswordCallback  ) c;
91              char[] password = getPassword();
92              if (password != null)
93                 pc.setPassword(password);
94           }
95           else
96           {
97              throw new UnsupportedCallbackException  (c, "Unrecognized Callback");
98           }
99        }
100    }
101 
102    /** Try to convert the credential value into a char[] using the
103     first of the following attempts which succeeds:
104 
105     1. Check for instanceof char[]
106     2. Check for instanceof String and then use toCharArray()
107     3. See if credential has a toCharArray() method and use it
108     4. Use toString() followed by toCharArray().
109     @return a char[] representation of the credential.
110     */
111    private char[] getPassword()
112    {
113       char[] password = null;
114       if (credential instanceof char[])
115       {
116          password = (char[]) credential;
117       }
118       else if (credential instanceof String  )
119       {
120          String   s = (String  ) credential;
121          password = s.toCharArray();
122       }
123       else
124       {
125          try
126          {
127             Class  [] types = {};
128             Method   m = credential.getClass().getMethod("toCharArray", types);
129             Object  [] args = {};
130             password = (char[]) m.invoke(credential, args);
131          }
132          catch (Exception   e)
133          {
134             if (credential != null)
135             {
136                String   s = credential.toString();
137                password = s.toCharArray();
138             }
139          }
140       }
141       return password;
142    }
143 }
144
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags