1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.springframework.ws.soap.security.wss4j.callback.acegi;
18
19 import java.io.IOException;
20 import javax.security.auth.callback.UnsupportedCallbackException;
21
22 import org.acegisecurity.Authentication;
23 import org.acegisecurity.AuthenticationException;
24 import org.acegisecurity.AuthenticationManager;
25 import org.acegisecurity.context.SecurityContextHolder;
26 import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
27 import org.apache.ws.security.WSPasswordCallback;
28 import org.apache.ws.security.WSSecurityException;
29
30 import org.springframework.beans.factory.InitializingBean;
31 import org.springframework.util.Assert;
32 import org.springframework.ws.soap.security.callback.CleanupCallback;
33 import org.springframework.ws.soap.security.wss4j.callback.AbstractWsPasswordCallbackHandler;
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49 public class AcegiPlainTextPasswordValidationCallbackHandler extends AbstractWsPasswordCallbackHandler
50 implements InitializingBean {
51
52 private AuthenticationManager authenticationManager;
53
54 private boolean ignoreFailure = false;
55
56
57 public void setAuthenticationManager(AuthenticationManager authenticationManager) {
58 this.authenticationManager = authenticationManager;
59 }
60
61 public void setIgnoreFailure(boolean ignoreFailure) {
62 this.ignoreFailure = ignoreFailure;
63 }
64
65 public void afterPropertiesSet() throws Exception {
66 Assert.notNull(authenticationManager, "authenticationManager is required");
67 }
68
69 protected void handleCleanup(CleanupCallback callback) throws IOException, UnsupportedCallbackException {
70 SecurityContextHolder.clearContext();
71 }
72
73 protected void handleUsernameTokenUnknown(WSPasswordCallback callback)
74 throws IOException, UnsupportedCallbackException {
75 String identifier = callback.getIdentifier();
76 try {
77 Authentication authResult = authenticationManager
78 .authenticate(new UsernamePasswordAuthenticationToken(identifier, callback.getPassword()));
79 if (logger.isDebugEnabled()) {
80 logger.debug("Authentication success: " + authResult.toString());
81 }
82 SecurityContextHolder.getContext().setAuthentication(authResult);
83 }
84 catch (AuthenticationException failed) {
85 if (logger.isDebugEnabled()) {
86 logger.debug("Authentication request for user '" + identifier + "' failed: " + failed.toString());
87 }
88 SecurityContextHolder.clearContext();
89 if (!ignoreFailure) {
90 throw new WSSecurityException(WSSecurityException.FAILED_AUTHENTICATION);
91 }
92 }
93 }
94 }