JaasPlainTextPasswordValidationCallbackHandler xref

View Javadoc

1   /*
2    * Copyright 2006 the original author or authors.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.springframework.ws.soap.security.xwss.callback.jaas;
18  
19  import javax.security.auth.Subject;
20  import javax.security.auth.callback.Callback;
21  import javax.security.auth.callback.NameCallback;
22  import javax.security.auth.callback.PasswordCallback;
23  import javax.security.auth.callback.UnsupportedCallbackException;
24  import javax.security.auth.login.LoginContext;
25  import javax.security.auth.login.LoginException;
26  
27  import com.sun.xml.wss.impl.callback.PasswordValidationCallback;
28  
29  import org.springframework.ws.soap.security.callback.AbstractCallbackHandler;
30  
31  /**
32   * Provides basic support for integrating with JAAS and plain text passwords.
33   * <p/>
34   * This class only handles <code>PasswordValidationCallback</code>s that contain a
35   * <code>PlainTextPasswordRequest</code>, and throws an <code>UnsupportedCallbackException</code> for others.
36   *
37   * @author Arjen Poutsma
38   * @see #getLoginContextName()
39   * @since 1.0.0
40   */
41  public class JaasPlainTextPasswordValidationCallbackHandler extends AbstractJaasValidationCallbackHandler {
42  
43      /**
44       * Handles <code>PasswordValidationCallback</code>s that contain a <code>PlainTextPasswordRequest</code>, and throws
45       * an <code>UnsupportedCallbackException</code> for others.
46       *
47       * @throws UnsupportedCallbackException when the callback is not supported
48       */
49      protected final void handleInternal(Callback callback) throws UnsupportedCallbackException {
50          if (callback instanceof PasswordValidationCallback) {
51              PasswordValidationCallback validationCallback = (PasswordValidationCallback) callback;
52              if (validationCallback.getRequest() instanceof PasswordValidationCallback.PlainTextPasswordRequest) {
53                  validationCallback.setValidator(new JaasPlainTextPasswordValidator());
54                  return;
55              }
56          }
57          throw new UnsupportedCallbackException(callback);
58      }
59  
60      private class JaasPlainTextPasswordValidator implements PasswordValidationCallback.PasswordValidator {
61  
62          public boolean validate(PasswordValidationCallback.Request request)
63                  throws PasswordValidationCallback.PasswordValidationException {
64              PasswordValidationCallback.PlainTextPasswordRequest plainTextRequest =
65                      (PasswordValidationCallback.PlainTextPasswordRequest) request;
66  
67              final String username = plainTextRequest.getUsername();
68              final String password = plainTextRequest.getPassword();
69  
70              LoginContext loginContext;
71              try {
72                  loginContext = new LoginContext(getLoginContextName(), new AbstractCallbackHandler() {
73  
74                      protected void handleInternal(Callback callback) throws UnsupportedCallbackException {
75                          if (callback instanceof NameCallback) {
76                              ((NameCallback) callback).setName(username);
77                          }
78                          else if (callback instanceof PasswordCallback) {
79                              ((PasswordCallback) callback).setPassword(password.toCharArray());
80                          }
81                          else {
82                              throw new UnsupportedCallbackException(callback);
83                          }
84                      }
85                  });
86              }
87              catch (LoginException ex) {
88                  throw new PasswordValidationCallback.PasswordValidationException(ex);
89              }
90              catch (SecurityException ex) {
91                  throw new PasswordValidationCallback.PasswordValidationException(ex);
92              }
93  
94              try {
95                  loginContext.login();
96                  Subject subject = loginContext.getSubject();
97                  if (!subject.getPrincipals().isEmpty()) {
98                      if (logger.isDebugEnabled()) {
99                          logger.debug("Authentication request for user '" + username + "' successful");
100                     }
101                     return true;
102                 }
103                 else {
104                     if (logger.isDebugEnabled()) {
105                         logger.debug("Authentication request for user '" + username + "' failed");
106                     }
107                     return false;
108                 }
109             }
110             catch (LoginException ex) {
111                 if (logger.isDebugEnabled()) {
112                     logger.debug("Authentication request for user '" + username + "' failed");
113                 }
114                 return false;
115             }
116         }
117 
118 
119     }
120 }
121