WebCallbackHandler


1   /*
2    * JBoss, the OpenSource WebOS
3    *
4    * Distributable under LGPL license.
5    * See terms of license at gnu.org.
6    */
7   
8   package org.jboss.web.tomcat.security;
9   
10  import java.security.Principal  ;
11  
12  import javax.security.auth.callback.Callback  ;
13  import javax.security.auth.callback.CallbackHandler  ;
14  import javax.security.auth.callback.UnsupportedCallbackException  ;
15  import javax.servlet.http.HttpServletRequest  ;
16  
17  import org.jboss.security.auth.callback.SecurityAssociationHandler;
18  
19  /**
20   * An implementation of CallbackHandler that extends the default
21   * SecurityAssociationHandler to add Callbacks that only have sense in a Web
22   * environment.
23   * 
24   * In order to use it you need to override the default CallbackHandler used by
25   * the JaasSecurityManager.
26   * 
27   * @see javax.security.auth.callback.CallbackHandler
28   * @see #handle(Callback[])
29   * 
30   * @author Ricardo Arguello (ricardoarguello@users.sourceforge.net)
31   * @version $Revision: 1.1.2.1 $
32   */
33  public class WebCallbackHandler extends SecurityAssociationHandler implements
34        CallbackHandler  
35  {
36     public WebCallbackHandler()
37     {
38        super();
39     }
40  
41     /**
42      * Initialize the HttpServletRequestCallbackHandler with the principal and
43      * credentials to use.
44      */
45     public WebCallbackHandler(Principal   principal, Object   credential)
46     {
47        super(principal, credential);
48     }
49  
50     /**
51      * @see org.jboss.security.auth.callback.SecurityAssociationHandler#setSecurityInfo(java.security.Principal,
52      *      java.lang.Object)
53      */
54     public void setSecurityInfo(Principal   principal, Object   credential)
55     {
56        super.setSecurityInfo(principal, credential);
57     }
58  
59     /**
60      * @see javax.security.auth.callback.CallbackHandler#handle(javax.security.auth.callback.Callback[])
61      */
62     public void handle(Callback  [] callbacks) throws UnsupportedCallbackException  
63     {
64        try
65        {
66           super.handle(callbacks);
67        }
68        catch (UnsupportedCallbackException   uce)
69        {
70           Callback   c = uce.getCallback();
71  
72           if (c instanceof HttpServletRequestCallback)
73           {
74              // Get the HttpServletRequest from the Valve
75              HttpServletRequest   request = getHttpServletRequestFromValve();
76  
77              // Set it in the Callback
78              HttpServletRequestCallback hsrc = (HttpServletRequestCallback) c;
79              hsrc.setHttpServletRequest(request);
80           }
81           else
82           {
83              throw new UnsupportedCallbackException  (c, "Unrecognized Callback");
84           }
85        }
86     }
87  
88     /**
89      * Obtains the HttpServletRequest saved inside the HttpServletRequestValve.
90      * 
91      * @return an HttpServletRequest.
92      */
93     protected HttpServletRequest   getHttpServletRequestFromValve()
94     {
95        return (HttpServletRequest  ) HttpServletRequestValve.httpRequest.get();
96     }
97  }
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags