1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.springframework.ws.soap.security.xwss.callback.jaas;
18
19 import javax.security.auth.Subject;
20 import javax.security.auth.callback.Callback;
21 import javax.security.auth.callback.NameCallback;
22 import javax.security.auth.callback.PasswordCallback;
23 import javax.security.auth.callback.UnsupportedCallbackException;
24 import javax.security.auth.login.LoginContext;
25 import javax.security.auth.login.LoginException;
26
27 import com.sun.xml.wss.impl.callback.PasswordValidationCallback;
28
29 import org.springframework.ws.soap.security.callback.AbstractCallbackHandler;
30
31
32
33
34
35
36
37
38
39
40
41 public class JaasPlainTextPasswordValidationCallbackHandler extends AbstractJaasValidationCallbackHandler {
42
43
44
45
46
47
48
49 @Override
50 protected final void handleInternal(Callback callback) throws UnsupportedCallbackException {
51 if (callback instanceof PasswordValidationCallback) {
52 PasswordValidationCallback validationCallback = (PasswordValidationCallback) callback;
53 if (validationCallback.getRequest() instanceof PasswordValidationCallback.PlainTextPasswordRequest) {
54 validationCallback.setValidator(new JaasPlainTextPasswordValidator());
55 return;
56 }
57 }
58 throw new UnsupportedCallbackException(callback);
59 }
60
61 private class JaasPlainTextPasswordValidator implements PasswordValidationCallback.PasswordValidator {
62
63 public boolean validate(PasswordValidationCallback.Request request)
64 throws PasswordValidationCallback.PasswordValidationException {
65 PasswordValidationCallback.PlainTextPasswordRequest plainTextRequest =
66 (PasswordValidationCallback.PlainTextPasswordRequest) request;
67
68 final String username = plainTextRequest.getUsername();
69 final String password = plainTextRequest.getPassword();
70
71 LoginContext loginContext;
72 try {
73 loginContext = new LoginContext(getLoginContextName(), new AbstractCallbackHandler() {
74
75 @Override
76 protected void handleInternal(Callback callback) throws UnsupportedCallbackException {
77 if (callback instanceof NameCallback) {
78 ((NameCallback) callback).setName(username);
79 }
80 else if (callback instanceof PasswordCallback) {
81 ((PasswordCallback) callback).setPassword(password.toCharArray());
82 }
83 else {
84 throw new UnsupportedCallbackException(callback);
85 }
86 }
87 });
88 }
89 catch (LoginException ex) {
90 throw new PasswordValidationCallback.PasswordValidationException(ex);
91 }
92 catch (SecurityException ex) {
93 throw new PasswordValidationCallback.PasswordValidationException(ex);
94 }
95
96 try {
97 loginContext.login();
98 Subject subject = loginContext.getSubject();
99 if (!subject.getPrincipals().isEmpty()) {
100 if (logger.isDebugEnabled()) {
101 logger.debug("Authentication request for user '" + username + "' successful");
102 }
103 return true;
104 }
105 else {
106 if (logger.isDebugEnabled()) {
107 logger.debug("Authentication request for user '" + username + "' failed");
108 }
109 return false;
110 }
111 }
112 catch (LoginException ex) {
113 if (logger.isDebugEnabled()) {
114 logger.debug("Authentication request for user '" + username + "' failed");
115 }
116 return false;
117 }
118 }
119
120
121 }
122 }
123