1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.springframework.ws.soap.security.xwss.callback.acegi;
18
19 import java.io.IOException;
20 import javax.security.auth.callback.Callback;
21 import javax.security.auth.callback.UnsupportedCallbackException;
22
23 import com.sun.xml.wss.impl.callback.PasswordValidationCallback;
24 import org.acegisecurity.Authentication;
25 import org.acegisecurity.AuthenticationException;
26 import org.acegisecurity.AuthenticationManager;
27 import org.acegisecurity.context.SecurityContextHolder;
28 import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
29
30 import org.springframework.beans.factory.InitializingBean;
31 import org.springframework.util.Assert;
32 import org.springframework.ws.soap.security.callback.AbstractCallbackHandler;
33 import org.springframework.ws.soap.security.callback.CleanupCallback;
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54 public class AcegiPlainTextPasswordValidationCallbackHandler extends AbstractCallbackHandler
55 implements InitializingBean {
56
57 private AuthenticationManager authenticationManager;
58
59 private boolean ignoreFailure = false;
60
61
62 public void setAuthenticationManager(AuthenticationManager authenticationManager) {
63 this.authenticationManager = authenticationManager;
64 }
65
66 public void setIgnoreFailure(boolean ignoreFailure) {
67 this.ignoreFailure = ignoreFailure;
68 }
69
70 public void afterPropertiesSet() throws Exception {
71 Assert.notNull(authenticationManager, "authenticationManager is required");
72 }
73
74
75
76
77
78
79
80 protected void handleInternal(Callback callback) throws IOException, UnsupportedCallbackException {
81 if (callback instanceof PasswordValidationCallback) {
82 PasswordValidationCallback validationCallback = (PasswordValidationCallback) callback;
83 if (validationCallback.getRequest() instanceof PasswordValidationCallback.PlainTextPasswordRequest) {
84 validationCallback.setValidator(new AcegiPlainTextPasswordValidator());
85 return;
86 }
87 }
88 else if (callback instanceof CleanupCallback) {
89 SecurityContextHolder.clearContext();
90 return;
91 }
92 throw new UnsupportedCallbackException(callback);
93 }
94
95 private class AcegiPlainTextPasswordValidator implements PasswordValidationCallback.PasswordValidator {
96
97 public boolean validate(PasswordValidationCallback.Request request)
98 throws PasswordValidationCallback.PasswordValidationException {
99 PasswordValidationCallback.PlainTextPasswordRequest plainTextRequest =
100 (PasswordValidationCallback.PlainTextPasswordRequest) request;
101 try {
102 Authentication authResult = authenticationManager.authenticate(
103 new UsernamePasswordAuthenticationToken(plainTextRequest.getUsername(),
104 plainTextRequest.getPassword()));
105 if (logger.isDebugEnabled()) {
106 logger.debug("Authentication success: " + authResult.toString());
107 }
108 SecurityContextHolder.getContext().setAuthentication(authResult);
109 return true;
110 }
111 catch (AuthenticationException failed) {
112 if (logger.isDebugEnabled()) {
113 logger.debug("Authentication request for user '" + plainTextRequest.getUsername() + "' failed: " +
114 failed.toString());
115 }
116 SecurityContextHolder.clearContext();
117 return ignoreFailure;
118 }
119 }
120 }
121
122 }