1 /*
2 * Copyright (c) 2007, Fraunhofer-Gesellschaft
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are
7 * met:
8 *
9 * (1) Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the disclaimer at the end.
11 * Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * (2) Neither the name of Fraunhofer nor the names of its
17 * contributors may be used to endorse or promote products derived
18 * from this software without specific prior written permission.
19 *
20 * DISCLAIMER
21 *
22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
23 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
24 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
25 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
26 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
27 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
28 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
29 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
30 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
31 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
32 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
33 *
34 */
35 package org.ogf.graap.wsag.security.core;
36
37 import java.io.IOException;
38
39 import javax.security.auth.callback.Callback;
40 import javax.security.auth.callback.CallbackHandler;
41 import javax.security.auth.callback.UnsupportedCallbackException;
42
43 import org.apache.ws.security.WSPasswordCallback;
44
45 /**
46 * PasswordCallback
47 *
48 * @author Oliver Waeldrich
49 *
50 */
51 public class PasswordCallback implements CallbackHandler
52 {
53
54 /**
55 * {@inheritDoc}
56 */
57 public void handle( Callback[] callbacks ) throws IOException, UnsupportedCallbackException
58 {
59
60 for ( int i = 0; i < callbacks.length; i++ )
61 {
62
63 // When the server side need to authenticate the user
64 WSPasswordCallback pwcb = (WSPasswordCallback) callbacks[i];
65 if ( pwcb.getUsage() == WSPasswordCallback.USERNAME_TOKEN_UNKNOWN )
66 {
67 if ( pwcb.getIdentifier().equals( SecurityConstants.DEFAULT_ALIAS ) )
68 {
69 // If authentication successful, simply return
70 return;
71 }
72 else
73 {
74 throw new UnsupportedCallbackException( callbacks[i], "check failed" );
75 }
76 }
77
78 pwcb.setPassword( SecurityConstants.DEFAULT_ALIAS_PASSWORD );
79 }
80 }
81
82 }