1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.springframework.ws.soap.security.xwss.callback.acegi;
18
19 import java.io.IOException;
20 import javax.security.auth.callback.Callback;
21 import javax.security.auth.callback.UnsupportedCallbackException;
22
23 import com.sun.xml.wss.impl.callback.PasswordCallback;
24 import com.sun.xml.wss.impl.callback.UsernameCallback;
25 import org.acegisecurity.Authentication;
26 import org.acegisecurity.context.SecurityContextHolder;
27
28 import org.springframework.ws.soap.security.callback.AbstractCallbackHandler;
29
30
31
32
33
34
35
36
37
38
39
40
41 public class AcegiUsernamePasswordCallbackHandler extends AbstractCallbackHandler {
42
43 protected void handleInternal(Callback callback) throws IOException, UnsupportedCallbackException {
44 if (callback instanceof UsernameCallback) {
45 Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
46 if (authentication != null && authentication.getName() != null) {
47 UsernameCallback usernameCallback = (UsernameCallback) callback;
48 usernameCallback.setUsername(authentication.getName());
49 return;
50 }
51 else {
52 logger.warn("Cannot handle UsernameCallback: Acegi SecurityContext contains no Authentication");
53 }
54 }
55 else if (callback instanceof PasswordCallback) {
56 Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
57 if (authentication != null && authentication.getName() != null) {
58 PasswordCallback passwordCallback = (PasswordCallback) callback;
59 passwordCallback.setPassword(authentication.getCredentials().toString());
60 return;
61 }
62 else {
63 logger.warn("Canot handle PasswordCallback: Acegi SecurityContext contains no Authentication");
64 }
65 }
66 throw new UnsupportedCallbackException(callback);
67 }
68 }