List of usage examples for javax.security.auth.callback CallbackHandler CallbackHandler
CallbackHandler
From source file:net.java.jaspicoil.SimpleBasicServerAuthModule.java
/** * Authenticate a received service request. * <p/>/*from w w w .j av a 2 s. c o m*/ * This method is called to transform the mechanism-specific request message * acquired by calling getRequestMessage (on messageInfo) into the validated * application message to be returned to the message processing runtime. If * the received message is a (mechanism-specific) meta-message, the method * implementation must attempt to transform the meta-message into a * corresponding mechanism-specific response message, or to the validated * application request message. The runtime will bind a validated * application message into the the corresponding service invocation. * <p> * This method conveys the outcome of its message processing either by * returning an AuthStatus value or by throwing an AuthException. * <p/> * From a performance point of view this method will be called twice for * each resource with a security constraint on it. Resources with no * security constraint do not result in a call to this method. * * @param messageInfo * A contextual object that encapsulates the client request and * server response objects, and that may be used to save state * across a sequence of calls made to the methods of this * interface for the purpose of completing a secure message * exchange. * @param clientSubject * A Subject that represents the source of the service request. * It is used by the method implementation to store Principals * and credentials validated in the request. * @param serviceSubject * A Subject that represents the recipient of the service * request, or null. It may be used by the method implementation * as the source of Principals or credentials to be used to * validate the request. If the Subject is not null, the method * implementation may add additional Principals or credentials * (pertaining to the recipient of the service request) to the * Subject. * @return An AuthStatus object representing the completion status of the * processing performed by the method. The AuthStatus values that * may be returned by this method are defined as follows: * <p/> * <ul> * <li>AuthStatus.SUCCESS when the application request message was * successfully validated. The validated request message is * available by calling getRequestMessage on messageInfo. * <p/> * <li>AuthStatus.SEND_SUCCESS to indicate that * validation/processing of the request message successfully * produced the secured application response message (in * messageInfo). The secured response message is available by * calling getResponseMessage on messageInfo. * <p/> * <li>AuthStatus.SEND_CONTINUE to indicate that message validation * is incomplete, and that a preliminary response was returned as * the response message in messageInfo. * <p/> * When this status value is returned to challenge an application * request message, the challenged request must be saved by the * authentication module such that it can be recovered when the * module's validateRequest message is called to process the request * returned for the challenge. * <p/> * <li>AuthStatus.SEND_FAILURE to indicate that message validation * failed and that an appropriate failure response message is * available by calling getResponseMessage on messageInfo. * </ul> * @throws AuthException When the message processing failed without * establishing a failure response message (in messageInfo). */ public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException { // Get the servlet context final HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage(); final HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage(); final String auth = request.getHeader(AUTHORIZATION_HEADER); // Test prefix for HTTP BASIC Auth if (auth != null && StringUtils.startsWithIgnoreCase(auth, "basic ")) { // We might have a valid header, so try to decode it final String data = new String(Base64.decodeBase64(auth.substring(BASIC_PREFIX_LENGTH)), UTF_8); final int splitIndex = data.indexOf(':'); if (splitIndex < 0) { return sendErrorAndAuthenticateRequest(request, response, "Wrong WWW-Authenticate header format"); } final String username = data.substring(splitIndex); final char[] password = data.substring(splitIndex + 1, data.length()).toCharArray(); // Prepare the JAAS callback to feed any LoginModule with user and password final NameCallback nameCallback = new NameCallback("username"); nameCallback.setName(username); final PasswordCallback passwordCallback = new PasswordCallback(getRealm(request), false); passwordCallback.setPassword(password); final CallbackHandler delegatedHandler = new CallbackHandler() { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { final Callback c = callbacks[i]; if (c instanceof NameCallback) { ((NameCallback) c).setName(username); } else if (c instanceof PasswordCallback) { ((PasswordCallback) c).setPassword(password); } else { throw new UnsupportedOperationException( String.format("Callback type %s (%s) is not supported yet.", c.getClass(), c)); } } } }; if (this.jaasContextName == null) { throw new UnsupportedOperationException( "No delegate JAAS context found. As per JASPIC JAAS Bridge profile, this parameter is requiered."); } try { // Create a new JAAS context with the delegated data & try to login final LoginContext context = new LoginContext(this.jaasContextName, delegatedHandler); context.login(); // Get the authenticated subject from the JAAS context Subject authenticatedSubject = context.getSubject(); final PasswordValidationCallback passwordValidationCallback = new PasswordValidationCallback( authenticatedSubject, username, password); // notify JASPIC containerr for the name, password and subject this.handler.handle(new Callback[] { passwordValidationCallback }); } catch (final LoginException ex) { // If there was any issue during the JAAS login, fail the process final AuthException aex = new AuthException( String.format("Fail to login user %s with the delegated JAAS context %s", username, this.jaasContextName)); aex.initCause(ex); } catch (final IOException e) { LOG.log(Level.WARNING, "Unable to call the handlers for name=" + nameCallback, e); } catch (final UnsupportedCallbackException e) { LOG.log(Level.WARNING, "Unable to call the handlers for name=" + nameCallback, e); } } else if (this.mandatory) { return sendErrorAndAuthenticateRequest(request, response, "AuthModule was mandatory but no valid credential was provided"); } else { LOG.info("No authentication was provided bu Basic AuthModule is not mandatory so return SUCCESS."); } return AuthStatus.SUCCESS; }
From source file:com.ettrema.ldap.LdapConnection.java
protected void _handleRequest(byte[] inbuf, int offset) throws IOException { //dumpBer(inbuf, offset); BerDecoder reqBer = new BerDecoder(inbuf, 0, offset); int currentMessageId = 0; try {//from w w w . j a v a2s .c o m reqBer.parseSeq(null); currentMessageId = reqBer.parseInt(); int requestOperation = reqBer.peekByte(); if (requestOperation == Ldap.LDAP_REQ_BIND) { reqBer.parseSeq(null); responseHandler.setVersion(reqBer.parseInt()); userName = reqBer.parseString(responseHandler.isLdapV3()); if (reqBer.peekByte() == (Ber.ASN_CONTEXT | Ber.ASN_CONSTRUCTOR | 3)) { // SASL authentication reqBer.parseSeq(null); // Get mechanism, usually DIGEST-MD5 String mechanism = reqBer.parseString(responseHandler.isLdapV3()); byte[] serverResponse; CallbackHandler callbackHandler = new CallbackHandler() { @Override public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { // look for username in callbacks for (Callback callback : callbacks) { if (callback instanceof NameCallback) { userName = ((NameCallback) callback).getDefaultName(); // get password from session pool password = userFactory.getUserPassword(userName); } } // handle other callbacks for (Callback callback : callbacks) { if (callback instanceof AuthorizeCallback) { ((AuthorizeCallback) callback).setAuthorized(true); } else if (callback instanceof PasswordCallback) { if (password != null) { ((PasswordCallback) callback).setPassword(password.toCharArray()); } } } } }; int status; if (reqBer.bytesLeft() > 0 && saslServer != null) { byte[] clientResponse = reqBer.parseOctetString(Ber.ASN_OCTET_STR, null); serverResponse = saslServer.evaluateResponse(clientResponse); status = Ldap.LDAP_SUCCESS; LogUtils.debug(log, "LOG_LDAP_REQ_BIND_USER", currentMessageId, userName); user = userFactory.getUser(userName, password); LogUtils.debug(log, "LOG_LDAP_REQ_BIND_SUCCESS"); } else { Map<String, String> properties = new HashMap<String, String>(); properties.put("javax.security.sasl.qop", "auth,auth-int"); saslServer = Sasl.createSaslServer(mechanism, "ldap", client.getLocalAddress().getHostAddress(), properties, callbackHandler); serverResponse = saslServer.evaluateResponse(EMPTY_BYTE_ARRAY); status = Ldap.LDAP_SASL_BIND_IN_PROGRESS; } responseHandler.sendBindResponse(currentMessageId, status, serverResponse); } else { password = reqBer.parseStringWithTag(Ber.ASN_CONTEXT, responseHandler.isLdapV3(), null); if (userName.length() > 0 && password.length() > 0) { log.debug("LOG_LDAP_REQ_BIND_USER", currentMessageId, userName); try { user = userFactory.getUser(userName, password); LogUtils.debug(log, "LOG_LDAP_REQ_BIND_SUCCESS"); responseHandler.sendClient(currentMessageId, Ldap.LDAP_REP_BIND, Ldap.LDAP_SUCCESS, ""); } catch (IOException e) { LogUtils.debug(log, "LOG_LDAP_REQ_BIND_INVALID_CREDENTIALS"); responseHandler.sendClient(currentMessageId, Ldap.LDAP_REP_BIND, Ldap.LDAP_INVALID_CREDENTIALS, ""); } } else { LogUtils.debug(log, "LOG_LDAP_REQ_BIND_ANONYMOUS", currentMessageId); // anonymous bind responseHandler.sendClient(currentMessageId, Ldap.LDAP_REP_BIND, Ldap.LDAP_SUCCESS, ""); } } } else if (requestOperation == Ldap.LDAP_REQ_UNBIND) { log.debug("LOG_LDAP_REQ_UNBIND", currentMessageId); if (user != null) { user = null; } } else if (requestOperation == Ldap.LDAP_REQ_SEARCH) { reqBer.parseSeq(null); String dn = reqBer.parseString(responseHandler.isLdapV3()); int scope = reqBer.parseEnumeration(); /* * int derefAliases = */ reqBer.parseEnumeration(); int sizeLimit = reqBer.parseInt(); if (sizeLimit > 100 || sizeLimit == 0) { sizeLimit = 100; } int timelimit = reqBer.parseInt(); /* * boolean typesOnly = */ reqBer.parseBoolean(); LdapFilter ldapFilter = ldapParser.parseFilter(reqBer, user, userName); Set<String> returningAttributes = ldapParser.parseReturningAttributes(reqBer); SearchRunnable searchRunnable = new SearchRunnable(userFactory, propertyMapper, currentMessageId, dn, scope, sizeLimit, timelimit, ldapFilter, returningAttributes, responseHandler, user, searchManager); if (Ldap.BASE_CONTEXT.equalsIgnoreCase(dn) || Ldap.OD_USER_CONTEXT.equalsIgnoreCase(dn) || Ldap.OD_USER_CONTEXT_LION.equalsIgnoreCase(dn)) { // launch search in a separate thread searchManager.beginAsyncSearch(this, currentMessageId, searchRunnable); } else { // no need to create a separate thread, just run searchManager.search(this, searchRunnable); } } else if (requestOperation == Ldap.LDAP_REQ_ABANDON) { searchManager.abandonSearch(this, currentMessageId, reqBer); } else { LogUtils.debug(log, "LOG_LDAP_UNSUPPORTED_OPERATION", requestOperation); responseHandler.sendClient(currentMessageId, Ldap.LDAP_REP_RESULT, Ldap.LDAP_OTHER, "Unsupported operation"); } } catch (IOException e) { responseHandler.dumpBer(inbuf, offset); try { responseHandler.sendErr(currentMessageId, Ldap.LDAP_REP_RESULT, e); } catch (IOException e2) { log.debug("LOG_EXCEPTION_SENDING_ERROR_TO_CLIENT", e2); } throw e; } }
From source file:io.milton.ldap.LdapConnection.java
protected void _handleRequest(byte[] inbuf, int offset) throws IOException { //dumpBer(inbuf, offset); BerDecoder reqBer = new BerDecoder(inbuf, 0, offset); int currentMessageId = 0; try {// w w w . j av a2 s . c o m reqBer.parseSeq(null); currentMessageId = reqBer.parseInt(); int requestOperation = reqBer.peekByte(); if (requestOperation == Ldap.LDAP_REQ_BIND) { reqBer.parseSeq(null); responseHandler.setVersion(reqBer.parseInt()); userName = reqBer.parseString(responseHandler.isLdapV3()); log.info("Bind user name: " + userName); if (reqBer.peekByte() == (Ber.ASN_CONTEXT | Ber.ASN_CONSTRUCTOR | 3)) { // SASL authentication reqBer.parseSeq(null); // Get mechanism, usually DIGEST-MD5 String mechanism = reqBer.parseString(responseHandler.isLdapV3()); byte[] serverResponse; CallbackHandler callbackHandler = new CallbackHandler() { @Override public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { // look for username in callbacks for (Callback callback : callbacks) { if (callback instanceof NameCallback) { userName = ((NameCallback) callback).getDefaultName(); // get password from session pool password = userFactory.getUserPassword(userName); } } // handle other callbacks for (Callback callback : callbacks) { if (callback instanceof AuthorizeCallback) { ((AuthorizeCallback) callback).setAuthorized(true); } else if (callback instanceof PasswordCallback) { if (password != null) { ((PasswordCallback) callback).setPassword(password.toCharArray()); } } } } }; int status; if (reqBer.bytesLeft() > 0 && saslServer != null) { byte[] clientResponse = reqBer.parseOctetString(Ber.ASN_OCTET_STR, null); serverResponse = saslServer.evaluateResponse(clientResponse); status = Ldap.LDAP_SUCCESS; LogUtils.debug(log, "LOG_LDAP_REQ_BIND_USER", currentMessageId, userName); user = userFactory.getUser(userName, password); if (user != null) { LogUtils.debug(log, "LOG_LDAP_REQ_BIND_SUCCESS"); } else { LogUtils.debug(log, "LOG_LDAP_REQ_BIND", "No user! " + userName); } } else { Map<String, String> properties = new HashMap<String, String>(); properties.put("javax.security.sasl.qop", "auth,auth-int"); saslServer = Sasl.createSaslServer(mechanism, "ldap", client.getLocalAddress().getHostAddress(), properties, callbackHandler); serverResponse = saslServer.evaluateResponse(EMPTY_BYTE_ARRAY); status = Ldap.LDAP_SASL_BIND_IN_PROGRESS; } responseHandler.sendBindResponse(currentMessageId, status, serverResponse); } else { password = reqBer.parseStringWithTag(Ber.ASN_CONTEXT, responseHandler.isLdapV3(), null); if (userName.length() > 0 && password.length() > 0) { log.debug("LOG_LDAP_REQ_BIND_USER", currentMessageId, userName); try { user = userFactory.getUser(userName, password); LogUtils.debug(log, "LOG_LDAP_REQ_BIND_SUCCESS"); responseHandler.sendClient(currentMessageId, Ldap.LDAP_REP_BIND, Ldap.LDAP_SUCCESS, ""); } catch (IOException e) { LogUtils.debug(log, "LOG_LDAP_REQ_BIND_INVALID_CREDENTIALS"); responseHandler.sendClient(currentMessageId, Ldap.LDAP_REP_BIND, Ldap.LDAP_INVALID_CREDENTIALS, ""); } } else { LogUtils.debug(log, "LOG_LDAP_REQ_BIND_ANONYMOUS", currentMessageId); // anonymous bind responseHandler.sendClient(currentMessageId, Ldap.LDAP_REP_BIND, Ldap.LDAP_SUCCESS, ""); } } } else if (requestOperation == Ldap.LDAP_REQ_UNBIND) { log.debug("LOG_LDAP_REQ_UNBIND", currentMessageId); if (user != null) { user = null; } } else if (requestOperation == Ldap.LDAP_REQ_SEARCH) { reqBer.parseSeq(null); String dn = reqBer.parseString(responseHandler.isLdapV3()); log.info("Parsed DN: " + dn); int scope = reqBer.parseEnumeration(); /* * int derefAliases = */ reqBer.parseEnumeration(); int sizeLimit = reqBer.parseInt(); if (sizeLimit > 100 || sizeLimit == 0) { sizeLimit = 100; } int timelimit = reqBer.parseInt(); /* * boolean typesOnly = */ reqBer.parseBoolean(); LdapFilter ldapFilter = ldapParser.parseFilter(reqBer, user, userName); Set<String> returningAttributes = ldapParser.parseReturningAttributes(reqBer); SearchRunnable searchRunnable = new SearchRunnable(userFactory, propertyMapper, currentMessageId, dn, scope, sizeLimit, timelimit, ldapFilter, returningAttributes, responseHandler, user, searchManager); if (Ldap.BASE_CONTEXT.equalsIgnoreCase(dn) || Ldap.OD_USER_CONTEXT.equalsIgnoreCase(dn) || Ldap.OD_USER_CONTEXT_LION.equalsIgnoreCase(dn)) { // launch search in a separate thread searchManager.beginAsyncSearch(this, currentMessageId, searchRunnable); } else { // no need to create a separate thread, just run searchManager.search(this, searchRunnable); } } else if (requestOperation == Ldap.LDAP_REQ_ABANDON) { searchManager.abandonSearch(this, currentMessageId, reqBer); } else { LogUtils.debug(log, "LOG_LDAP_UNSUPPORTED_OPERATION", requestOperation); responseHandler.sendClient(currentMessageId, Ldap.LDAP_REP_RESULT, Ldap.LDAP_OTHER, "Unsupported operation"); } } catch (IOException e) { responseHandler.dumpBer(inbuf, offset); try { responseHandler.sendErr(currentMessageId, Ldap.LDAP_REP_RESULT, e); } catch (IOException e2) { log.debug("LOG_EXCEPTION_SENDING_ERROR_TO_CLIENT", e2); } throw e; } }
From source file:davmail.util.ClientCertificateTest.java
protected KeyStore.ProtectionParameter getProtectionParameter(String password) { if (password != null && password.length() > 0) { // password provided: create a PasswordProtection return new KeyStore.PasswordProtection(password.toCharArray()); } else {//from www . j a va2s.co m // request password at runtime through a callback return new KeyStore.CallbackHandlerProtection(new CallbackHandler() { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { if (callbacks.length > 0 && callbacks[0] instanceof PasswordCallback) { PasswordPromptDialog passwordPromptDialog = new PasswordPromptDialog( ((PasswordCallback) callbacks[0]).getPrompt()); ((PasswordCallback) callbacks[0]).setPassword(passwordPromptDialog.getPassword()); } } }); } }
From source file:com.fluffypeople.managesieve.ManageSieveClient.java
/** * Authenticate against the remote server using SAS, using the given * username and password./*from ww w .j a v a2 s. c o m*/ * * @param username String username to authenticate with. * @param password String password to authenticate with. * @return OK on success, NO otherwise. */ public synchronized ManageSieveResponse authenticate(final String username, final String password) throws SaslException, IOException, ParseException { CallbackHandler cbh = new CallbackHandler() { @Override public void handle(Callback[] clbcks) throws IOException, UnsupportedCallbackException { for (Callback cb : clbcks) { if (cb instanceof NameCallback) { NameCallback name = (NameCallback) cb; name.setName(username); } else if (cb instanceof PasswordCallback) { PasswordCallback passwd = (PasswordCallback) cb; passwd.setPassword(password.toCharArray()); } } } }; return authenticate(cbh); }
From source file:org.wso2.carbon.mediator.kerberos.KerberosMediator.java
/** * Create call back handler using given username and password. * * @param username username./* w ww . ja v a 2s.c o m*/ * @param password password. * @return CallbackHandler. */ private CallbackHandler getUserNamePasswordCallbackHandler(final String username, final char[] password) { return new CallbackHandler() { public void handle(final Callback[] callback) { for (Callback currentCallBack : callback) { if (currentCallBack instanceof NameCallback) { final NameCallback nameCallback = (NameCallback) currentCallBack; nameCallback.setName(username); } else if (currentCallBack instanceof PasswordCallback) { final PasswordCallback passCallback = (PasswordCallback) currentCallBack; passCallback.setPassword(password); } else { log.error("Unsupported Callback class = " + currentCallBack.getClass().getName()); } } } }; }
From source file:net.java.sip.communicator.impl.certificate.CertificateServiceImpl.java
private Builder loadKeyStore(final CertificateConfigEntry entry) throws KeyStoreException { final File f = new File(entry.getKeyStore()); final KeyStoreType kt = entry.getKeyStoreType(); if ("PKCS11".equals(kt.getName())) { String config = "name=" + f.getName() + "\nlibrary=" + f.getAbsoluteFile(); try {//from w w w .j a v a 2 s .c o m Class<?> pkcs11c = Class.forName("sun.security.pkcs11.SunPKCS11"); Constructor<?> c = pkcs11c.getConstructor(InputStream.class); Provider p = (Provider) c.newInstance(new ByteArrayInputStream(config.getBytes())); Security.insertProviderAt(p, 0); } catch (Exception e) { logger.error( "Tried to access the PKCS11 provider on an " + "unsupported platform or the load failed", e); } } KeyStore.Builder ksBuilder = KeyStore.Builder.newInstance(kt.getName(), null, f, new KeyStore.CallbackHandlerProtection(new CallbackHandler() { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback cb : callbacks) { if (!(cb instanceof PasswordCallback)) throw new UnsupportedCallbackException(cb); PasswordCallback pwcb = (PasswordCallback) cb; if (entry.isSavePassword()) { pwcb.setPassword(entry.getKeyStorePassword().toCharArray()); return; } else { AuthenticationWindowService authenticationWindowService = CertificateVerificationActivator .getAuthenticationWindowService(); if (authenticationWindowService == null) { logger.error("No AuthenticationWindowService " + "implementation"); throw new IOException("User cancel"); } AuthenticationWindowService.AuthenticationWindow aw = authenticationWindowService .create(f.getName(), null, kt.getName(), false, false, null, null, null, null, null, null, null); aw.setAllowSavePassword(false); aw.setVisible(true); if (!aw.isCanceled()) pwcb.setPassword(aw.getPassword()); else throw new IOException("User cancel"); } } } })); return ksBuilder; }
From source file:org.hawkular.wildfly.agent.itest.util.AbstractITest.java
protected static ModelControllerClient newModelControllerClient(final String host, final int managementPort) { final CallbackHandler callbackHandler = new CallbackHandler() { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback current : callbacks) { if (current instanceof NameCallback) { NameCallback ncb = (NameCallback) current; log.fine("ModelControllerClient is sending a username [" + managementUser + "]"); ncb.setName(managementUser); } else if (current instanceof PasswordCallback) { PasswordCallback pcb = (PasswordCallback) current; log.fine("ModelControllerClient is sending a password [" + managementPasword + "]"); pcb.setPassword(managementPasword.toCharArray()); } else if (current instanceof RealmCallback) { RealmCallback rcb = (RealmCallback) current; log.fine("ModelControllerClient is sending a realm [" + rcb.getDefaultText() + "]"); rcb.setText(rcb.getDefaultText()); } else { throw new UnsupportedCallbackException(current); }//ww w. j a va 2 s. c o m } } }; try { InetAddress inetAddr = InetAddress.getByName(host); log.fine("Connecting a ModelControllerClient to [" + host + ":" + managementPort + "]"); return ModelControllerClient.Factory.create(inetAddr, managementPort, callbackHandler); } catch (Exception e) { throw new RuntimeException("Failed to create management client", e); } }
From source file:org.apache.atlas.web.filters.AtlasAuthenticationKerberosFilterTest.java
protected Subject loginTestUser() throws LoginException, IOException { LoginContext lc = new LoginContext(TEST_USER_JAAS_SECTION, new CallbackHandler() { @Override// w w w .ja v a2 s .co m public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback callback : callbacks) { if (callback instanceof PasswordCallback) { PasswordCallback passwordCallback = (PasswordCallback) callback; passwordCallback.setPassword(TESTPASS.toCharArray()); } if (callback instanceof NameCallback) { NameCallback nameCallback = (NameCallback) callback; nameCallback.setName(TESTUSER); } } } }); // attempt authentication lc.login(); return lc.getSubject(); }
From source file:org.apache.atlas.web.filters.MetadataAuthenticationKerberosFilterIT.java
protected Subject loginTestUser() throws LoginException, IOException { LoginContext lc = new LoginContext(TEST_USER_JAAS_SECTION, new CallbackHandler() { @Override/*from w ww .ja va2 s.c o m*/ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { if (callbacks[i] instanceof PasswordCallback) { PasswordCallback passwordCallback = (PasswordCallback) callbacks[i]; passwordCallback.setPassword(TESTPASS.toCharArray()); } if (callbacks[i] instanceof NameCallback) { NameCallback nameCallback = (NameCallback) callbacks[i]; nameCallback.setName(TESTUSER); } } } }); // attempt authentication lc.login(); return lc.getSubject(); }