View Javadoc

1   /* 
2    * Copyright (c) 2007, Fraunhofer-Gesellschaft
3    * All rights reserved.
4    * 
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions are
7    * met:
8    * 
9    * (1) Redistributions of source code must retain the above copyright
10   *     notice, this list of conditions and the disclaimer at the end.
11   *     Redistributions in binary form must reproduce the above copyright
12   *     notice, this list of conditions and the following disclaimer in
13   *     the documentation and/or other materials provided with the
14   *     distribution.
15   * 
16   * (2) Neither the name of Fraunhofer nor the names of its
17   *     contributors may be used to endorse or promote products derived
18   *     from this software without specific prior written permission.
19   * 
20   * DISCLAIMER
21   * 
22   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
23   * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
24   * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
25   * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
26   * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
27   * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
28   * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
29   * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
30   * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
31   * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
32   * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
33   *  
34   */
35  package org.ogf.graap.wsag.security.core;
36  
37  import java.io.IOException;
38  
39  import javax.security.auth.callback.Callback;
40  import javax.security.auth.callback.CallbackHandler;
41  import javax.security.auth.callback.UnsupportedCallbackException;
42  
43  import org.apache.ws.security.WSPasswordCallback;
44  
45  /**
46   * PasswordCallback
47   * 
48   * @author Oliver Waeldrich
49   * 
50   */
51  public class PasswordCallback implements CallbackHandler
52  {
53  
54      /**
55       * {@inheritDoc}
56       */
57      public void handle( Callback[] callbacks ) throws IOException, UnsupportedCallbackException
58      {
59  
60          for ( int i = 0; i < callbacks.length; i++ )
61          {
62  
63              // When the server side need to authenticate the user
64              WSPasswordCallback pwcb = (WSPasswordCallback) callbacks[i];
65              if ( pwcb.getUsage() == WSPasswordCallback.USERNAME_TOKEN_UNKNOWN )
66              {
67                  if ( pwcb.getIdentifier().equals( SecurityConstants.DEFAULT_ALIAS ) )
68                  {
69                      // If authentication successful, simply return
70                      return;
71                  }
72                  else
73                  {
74                      throw new UnsupportedCallbackException( callbacks[i], "check failed" );
75                  }
76              }
77  
78              pwcb.setPassword( SecurityConstants.DEFAULT_ALIAS_PASSWORD );
79          }
80      }
81  
82  }