1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.springframework.ws.soap.security.xwss.callback;
18
19 import java.io.IOException;
20 import javax.security.auth.callback.Callback;
21 import javax.security.auth.callback.UnsupportedCallbackException;
22
23 import com.sun.xml.wss.impl.callback.PasswordCallback;
24 import com.sun.xml.wss.impl.callback.UsernameCallback;
25
26 import org.springframework.security.core.Authentication;
27 import org.springframework.security.core.context.SecurityContextHolder;
28 import org.springframework.ws.soap.security.callback.AbstractCallbackHandler;
29
30
31
32
33
34
35
36
37
38
39
40 public class SpringUsernamePasswordCallbackHandler extends AbstractCallbackHandler {
41
42 @Override
43 protected void handleInternal(Callback callback) throws IOException, UnsupportedCallbackException {
44 if (callback instanceof UsernameCallback) {
45 Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
46 if (authentication != null && authentication.getName() != null) {
47 UsernameCallback usernameCallback = (UsernameCallback) callback;
48 usernameCallback.setUsername(authentication.getName());
49 return;
50 }
51 else {
52 logger.warn(
53 "Cannot handle UsernameCallback: Spring Security SecurityContext contains no Authentication");
54 }
55 }
56 else if (callback instanceof PasswordCallback) {
57 Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
58 if (authentication != null && authentication.getName() != null) {
59 PasswordCallback passwordCallback = (PasswordCallback) callback;
60 passwordCallback.setPassword(authentication.getCredentials().toString());
61 return;
62 }
63 else {
64 logger.warn(
65 "Canot handle PasswordCallback: Spring Security SecurityContext contains no Authentication");
66 }
67 }
68 throw new UnsupportedCallbackException(callback);
69 }
70 }