1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.springframework.ws.soap.security.wss4j.callback.acegi;
18
19 import java.io.IOException;
20 import javax.security.auth.callback.UnsupportedCallbackException;
21
22 import org.acegisecurity.context.SecurityContextHolder;
23 import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
24 import org.acegisecurity.providers.dao.UserCache;
25 import org.acegisecurity.providers.dao.cache.NullUserCache;
26 import org.acegisecurity.userdetails.UserDetails;
27 import org.acegisecurity.userdetails.UserDetailsService;
28 import org.acegisecurity.userdetails.UsernameNotFoundException;
29 import org.apache.ws.security.WSPasswordCallback;
30 import org.apache.ws.security.WSUsernameTokenPrincipal;
31
32 import org.springframework.beans.factory.InitializingBean;
33 import org.springframework.dao.DataAccessException;
34 import org.springframework.util.Assert;
35 import org.springframework.ws.soap.security.callback.CleanupCallback;
36 import org.springframework.ws.soap.security.support.AcegiUtils;
37 import org.springframework.ws.soap.security.wss4j.callback.AbstractWsPasswordCallbackHandler;
38 import org.springframework.ws.soap.security.wss4j.callback.UsernameTokenPrincipalCallback;
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53 public class AcegiDigestPasswordValidationCallbackHandler extends AbstractWsPasswordCallbackHandler
54 implements InitializingBean {
55
56 private UserCache userCache = new NullUserCache();
57
58 private UserDetailsService userDetailsService;
59
60
61 public void setUserCache(UserCache userCache) {
62 this.userCache = userCache;
63 }
64
65
66 public void setUserDetailsService(UserDetailsService userDetailsService) {
67 this.userDetailsService = userDetailsService;
68 }
69
70 public void afterPropertiesSet() throws Exception {
71 Assert.notNull(userDetailsService, "userDetailsService is required");
72 }
73
74 protected void handleUsernameToken(WSPasswordCallback callback) throws IOException, UnsupportedCallbackException {
75 String identifier = callback.getIdentifier();
76 UserDetails user = loadUserDetails(identifier);
77 if (user != null) {
78 AcegiUtils.checkUserValidity(user);
79 callback.setPassword(user.getPassword());
80 }
81 }
82
83 protected void handleUsernameTokenPrincipal(UsernameTokenPrincipalCallback callback)
84 throws IOException, UnsupportedCallbackException {
85 UserDetails user = loadUserDetails(callback.getPrincipal().getName());
86 WSUsernameTokenPrincipal principal = callback.getPrincipal();
87 UsernamePasswordAuthenticationToken authRequest =
88 new UsernamePasswordAuthenticationToken(principal, principal.getPassword(), user.getAuthorities());
89 if (logger.isDebugEnabled()) {
90 logger.debug("Authentication success: " + authRequest.toString());
91 }
92 SecurityContextHolder.getContext().setAuthentication(authRequest);
93 }
94
95 protected void handleCleanup(CleanupCallback callback) throws IOException, UnsupportedCallbackException {
96 SecurityContextHolder.clearContext();
97 }
98
99 private UserDetails loadUserDetails(String username) throws DataAccessException {
100 UserDetails user = userCache.getUserFromCache(username);
101
102 if (user == null) {
103 try {
104 user = userDetailsService.loadUserByUsername(username);
105 }
106 catch (UsernameNotFoundException notFound) {
107 if (logger.isDebugEnabled()) {
108 logger.debug("Username '" + username + "' not found");
109 }
110 return null;
111 }
112 userCache.putUserInCache(user);
113 }
114 return user;
115 }
116 }