1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.springframework.ws.soap.security.xwss.callback;
18
19 import java.io.IOException;
20 import java.util.Iterator;
21 import java.util.Map;
22 import java.util.Properties;
23 import javax.security.auth.callback.Callback;
24 import javax.security.auth.callback.UnsupportedCallbackException;
25
26 import com.sun.xml.wss.impl.callback.PasswordValidationCallback;
27 import com.sun.xml.wss.impl.callback.TimestampValidationCallback;
28
29 import org.springframework.beans.factory.InitializingBean;
30 import org.springframework.util.Assert;
31 import org.springframework.ws.soap.security.callback.AbstractCallbackHandler;
32
33
34
35
36
37
38
39
40
41
42
43
44 public class SimplePasswordValidationCallbackHandler extends AbstractCallbackHandler implements InitializingBean {
45
46 private Properties users = new Properties();
47
48
49 public void setUsers(Properties users) {
50 this.users = users;
51 }
52
53 public void afterPropertiesSet() throws Exception {
54 Assert.notNull(users, "users is required");
55 }
56
57 protected void handleInternal(Callback callback) throws IOException, UnsupportedCallbackException {
58 if (callback instanceof PasswordValidationCallback) {
59 PasswordValidationCallback passwordCallback = (PasswordValidationCallback) callback;
60 if (passwordCallback.getRequest() instanceof PasswordValidationCallback.PlainTextPasswordRequest) {
61 passwordCallback.setValidator(new SimplePlainTextPasswordValidator());
62 }
63 else if (passwordCallback.getRequest() instanceof PasswordValidationCallback.DigestPasswordRequest) {
64 PasswordValidationCallback.DigestPasswordRequest digestPasswordRequest =
65 (PasswordValidationCallback.DigestPasswordRequest) passwordCallback.getRequest();
66 String password = users.getProperty(digestPasswordRequest.getUsername());
67 digestPasswordRequest.setPassword(password);
68 passwordCallback.setValidator(new PasswordValidationCallback.DigestPasswordValidator());
69 }
70 }
71 else if (callback instanceof TimestampValidationCallback) {
72 TimestampValidationCallback timestampCallback = (TimestampValidationCallback) callback;
73 timestampCallback.setValidator(new DefaultTimestampValidator());
74 }
75 else {
76 throw new UnsupportedCallbackException(callback);
77 }
78 }
79
80 public void setUsersMap(Map users) {
81 for (Iterator iterator = users.keySet().iterator(); iterator.hasNext();) {
82 String username = (String) iterator.next();
83 String password = (String) users.get(username);
84 this.users.setProperty(username, password);
85 }
86 }
87
88 private class SimplePlainTextPasswordValidator implements PasswordValidationCallback.PasswordValidator {
89
90 public boolean validate(PasswordValidationCallback.Request request)
91 throws PasswordValidationCallback.PasswordValidationException {
92 PasswordValidationCallback.PlainTextPasswordRequest plainTextPasswordRequest =
93 (PasswordValidationCallback.PlainTextPasswordRequest) request;
94 String password = users.getProperty(plainTextPasswordRequest.getUsername());
95 return password != null && password.equals(plainTextPasswordRequest.getPassword());
96 }
97 }
98 }