1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.springframework.ws.soap.security.xwss.callback;
18
19 import java.io.IOException;
20 import javax.security.auth.callback.Callback;
21 import javax.security.auth.callback.UnsupportedCallbackException;
22
23 import com.sun.xml.wss.impl.callback.PasswordCallback;
24 import com.sun.xml.wss.impl.callback.UsernameCallback;
25
26 import org.springframework.security.Authentication;
27 import org.springframework.security.context.SecurityContextHolder;
28 import org.springframework.ws.soap.security.callback.AbstractCallbackHandler;
29
30
31
32
33
34
35
36
37
38
39
40 public class SpringUsernamePasswordCallbackHandler extends AbstractCallbackHandler {
41
42 protected void handleInternal(Callback callback) throws IOException, UnsupportedCallbackException {
43 if (callback instanceof UsernameCallback) {
44 Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
45 if (authentication != null && authentication.getName() != null) {
46 UsernameCallback usernameCallback = (UsernameCallback) callback;
47 usernameCallback.setUsername(authentication.getName());
48 return;
49 }
50 else {
51 logger.warn(
52 "Cannot handle UsernameCallback: Spring Security SecurityContext contains no Authentication");
53 }
54 }
55 else if (callback instanceof PasswordCallback) {
56 Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
57 if (authentication != null && authentication.getName() != null) {
58 PasswordCallback passwordCallback = (PasswordCallback) callback;
59 passwordCallback.setPassword(authentication.getCredentials().toString());
60 return;
61 }
62 else {
63 logger.warn(
64 "Canot handle PasswordCallback: Spring Security SecurityContext contains no Authentication");
65 }
66 }
67 throw new UnsupportedCallbackException(callback);
68 }
69 }