1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.springframework.ws.soap.security.xwss.callback.jaas;
18
19 import javax.security.auth.Subject;
20 import javax.security.auth.callback.Callback;
21 import javax.security.auth.callback.NameCallback;
22 import javax.security.auth.callback.PasswordCallback;
23 import javax.security.auth.callback.UnsupportedCallbackException;
24 import javax.security.auth.login.LoginContext;
25 import javax.security.auth.login.LoginException;
26
27 import com.sun.xml.wss.impl.callback.PasswordValidationCallback;
28
29 import org.springframework.ws.soap.security.callback.AbstractCallbackHandler;
30
31
32
33
34
35
36
37
38
39
40
41 public class JaasPlainTextPasswordValidationCallbackHandler extends AbstractJaasValidationCallbackHandler {
42
43
44
45
46
47
48
49 protected final void handleInternal(Callback callback) throws UnsupportedCallbackException {
50 if (callback instanceof PasswordValidationCallback) {
51 PasswordValidationCallback validationCallback = (PasswordValidationCallback) callback;
52 if (validationCallback.getRequest() instanceof PasswordValidationCallback.PlainTextPasswordRequest) {
53 validationCallback.setValidator(new JaasPlainTextPasswordValidator());
54 return;
55 }
56 }
57 throw new UnsupportedCallbackException(callback);
58 }
59
60 private class JaasPlainTextPasswordValidator implements PasswordValidationCallback.PasswordValidator {
61
62 public boolean validate(PasswordValidationCallback.Request request)
63 throws PasswordValidationCallback.PasswordValidationException {
64 PasswordValidationCallback.PlainTextPasswordRequest plainTextRequest =
65 (PasswordValidationCallback.PlainTextPasswordRequest) request;
66
67 final String username = plainTextRequest.getUsername();
68 final String password = plainTextRequest.getPassword();
69
70 LoginContext loginContext;
71 try {
72 loginContext = new LoginContext(getLoginContextName(), new AbstractCallbackHandler() {
73
74 protected void handleInternal(Callback callback) throws UnsupportedCallbackException {
75 if (callback instanceof NameCallback) {
76 ((NameCallback) callback).setName(username);
77 }
78 else if (callback instanceof PasswordCallback) {
79 ((PasswordCallback) callback).setPassword(password.toCharArray());
80 }
81 else {
82 throw new UnsupportedCallbackException(callback);
83 }
84 }
85 });
86 }
87 catch (LoginException ex) {
88 throw new PasswordValidationCallback.PasswordValidationException(ex);
89 }
90 catch (SecurityException ex) {
91 throw new PasswordValidationCallback.PasswordValidationException(ex);
92 }
93
94 try {
95 loginContext.login();
96 Subject subject = loginContext.getSubject();
97 if (!subject.getPrincipals().isEmpty()) {
98 if (logger.isDebugEnabled()) {
99 logger.debug("Authentication request for user '" + username + "' successful");
100 }
101 return true;
102 }
103 else {
104 if (logger.isDebugEnabled()) {
105 logger.debug("Authentication request for user '" + username + "' failed");
106 }
107 return false;
108 }
109 }
110 catch (LoginException ex) {
111 if (logger.isDebugEnabled()) {
112 logger.debug("Authentication request for user '" + username + "' failed");
113 }
114 return false;
115 }
116 }
117
118
119 }
120 }
121