List of usage examples for javax.security.auth.callback UnsupportedCallbackException UnsupportedCallbackException
public UnsupportedCallbackException(Callback callback, String msg)
From source file:org.apache.ws.security.message.SymmetricSignatureTest.java
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { if (callbacks[i] instanceof WSPasswordCallback) { WSPasswordCallback pc = (WSPasswordCallback) callbacks[i]; /*/*from ww w . java 2s .c o m*/ * here call a function/method to lookup the password for * the given identifier (e.g. a user name or keystore alias) * e.g.: pc.setPassword(passStore.getPassword(pc.getIdentfifier)) * for Testing we supply a fixed name here. */ pc.setPassword("security"); pc.setKey(keyData); } else { throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback"); } } }
From source file:org.apache.ws.security.message.UsernameTokenTest.java
/** * A CallbackHandler for some (mostly insecure) scenarios. *//*from w w w . j ava2 s .co m*/ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { if (callbacks[i] instanceof WSPasswordCallback) { WSPasswordCallback pc = (WSPasswordCallback) callbacks[i]; if (pc.getUsage() == WSPasswordCallback.USERNAME_TOKEN) { if ("emptyuser".equals(pc.getIdentifier())) { pc.setPassword(""); } else if ("customUser".equals(pc.getIdentifier())) { return; } else if (null == pc.getIdentifier()) { // Note that this is not secure! Just doing this to test a NPE return; } } } else { throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback"); } } }
From source file:org.apache.ws.security.NamePasswordCallbackHandler.java
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { Callback callback = callbacks[i]; if (handleCallback(callback)) { continue; } else if (callback instanceof NameCallback) { ((NameCallback) callback).setName(username); } else if (callback instanceof PasswordCallback) { PasswordCallback pwCallback = (PasswordCallback) callback; pwCallback.setPassword(password.toCharArray()); } else if (!invokePasswordCallback(callback)) { log.error("Unsupported callback type " + callbacks[i].getClass().getName()); throw new UnsupportedCallbackException(callbacks[i], "Unsupported callback type " + callbacks[i].getClass().getName()); }/*from w w w. ja v a2 s . c o m*/ } }
From source file:org.hyperic.hq.plugin.weblogic.WeblogicAuth.java
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { if (callbacks[i] instanceof TextOutputCallback) { TextOutputCallback toc = (TextOutputCallback) callbacks[i]; switch (toc.getMessageType()) { case TextOutputCallback.INFORMATION: log.info(toc.getMessage()); break; case TextOutputCallback.ERROR: log.error(toc.getMessage()); break; case TextOutputCallback.WARNING: log.warn(toc.getMessage()); break; default: throw new IOException("Unsupported message type: " + toc.getMessageType()); }/* w ww.j a va 2s . c om*/ } else if (callbacks[i] instanceof NameCallback) { NameCallback nc = (NameCallback) callbacks[i]; nc.setName(this.username); } else if (callbacks[i] instanceof URLCallback) { URLCallback uc = (URLCallback) callbacks[i]; uc.setURL(this.url); } else if (callbacks[i] instanceof PasswordCallback) { PasswordCallback pc = (PasswordCallback) callbacks[i]; pc.setPassword(this.passwordArray); } else { throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback"); } } }
From source file:org.opensc.test.pkcs11.PINEntry.java
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback callback : callbacks) { if (callback instanceof PasswordCallback) { PasswordCallback pwCb = (PasswordCallback) callback; log.info("Starting PIN entry..."); char pin[] = this.getPIN(pwCb.getPrompt()); pwCb.setPassword(pin);//w w w . j ava 2s .c om log.info("PIN has successfully been entered."); } else if (callback instanceof PKCS11EventCallback) { PKCS11EventCallback evCb = (PKCS11EventCallback) callback; log.info("Received event [" + evCb + "]."); this.label.setText(evCb.toString()); } else throw new UnsupportedCallbackException(callback, "Only PasswordCallback or PKCS11EventCallback is supported."); } }
From source file:org.wso2.carbon.appmgt.keymgt.util.APIManagerOAuthCallbackHandler.java
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { if (callbacks != null && callbacks.length > 0) { OAuthCallback oauthCallback = (OAuthCallback) callbacks[0]; if (OAuthCallback.OAuthCallbackType.ACCESS_DELEGATION_AUTHZ.equals(oauthCallback.getCallbackType())) { oauthCallback.setAuthorized(true); }// ww w . j av a2 s .c o m if (OAuthCallback.OAuthCallbackType.ACCESS_DELEGATION_TOKEN.equals(oauthCallback.getCallbackType())) { oauthCallback.setAuthorized(true); } if (OAuthCallback.OAuthCallbackType.SCOPE_VALIDATION_AUTHZ.equals(oauthCallback.getCallbackType())) { oauthCallback.setValidScope(true); } if (OAuthCallback.OAuthCallbackType.SCOPE_VALIDATION_TOKEN.equals(oauthCallback.getCallbackType())) { String[] scopes = oauthCallback.getRequestedScope(); String scope = null; if (scopes != null && scopes.length > 0) { scope = scopes[0]; } else { AppMDAO dao = new AppMDAO(); try { scope = dao.getTokenScope(oauthCallback.getClient()); } catch (AppManagementException e) { String msg = "Error while looking up token scope"; log.error(msg, e); throw new UnsupportedCallbackException(oauthCallback, msg); } } oauthCallback.setApprovedScope(new String[] { scope.toUpperCase() }); oauthCallback.setValidScope(true); } } }
From source file:org.wso2.carbon.identity.sts.IPPasswordCallbackHandler.java
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { try {/*w ww . j ava 2s.c o m*/ RealmService realmService = IdentitySTSServiceComponent.getRealmService(); for (int i = 0; i < callbacks.length; i++) { if (callbacks[i] instanceof WSPasswordCallback) { WSPasswordCallback pwcb = (WSPasswordCallback) callbacks[i]; String username = pwcb.getIdentifer(); int value = pwcb.getUsage(); String receivedPasswd = pwcb.getPassword(); if (WSPasswordCallback.USERNAME_TOKEN_UNKNOWN == value) { if (receivedPasswd != null && this.authenticateUser(username, receivedPasswd)) { // do nothing things are fine } else { throw new UnsupportedCallbackException(callbacks[i], "check failed"); } } } } } catch (UnsupportedCallbackException e) { throw e; } catch (Exception e) { log.error("User not authenticated : " + e.getMessage(), e); throw new IOException("User not authenticated"); } }
From source file:org.wso2.carbon.identity.sts.mgt.IPPasswordCallbackHandler.java
@Override public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { try {/*from ww w. j av a2s . c o m*/ for (int i = 0; i < callbacks.length; i++) { if (callbacks[i] instanceof WSPasswordCallback) { WSPasswordCallback pwcb = (WSPasswordCallback) callbacks[i]; String username = pwcb.getIdentifer(); int value = pwcb.getUsage(); String receivedPasswd = pwcb.getPassword(); if (WSPasswordCallback.USERNAME_TOKEN_UNKNOWN == value) { if (receivedPasswd == null || !this.authenticateUser(username, receivedPasswd)) { throw new UnsupportedCallbackException(callbacks[i], "check failed"); } } } } } catch (UnsupportedCallbackException e) { throw e; } catch (Exception e) { log.error("User not authenticated : " + e.getMessage(), e); throw new IOException("User not authenticated"); } }
From source file:org.wso2.carbon.micro.integrator.security.callback.AbstractPasswordCallback.java
@Override public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { try {/*from w ww . j av a 2 s .c om*/ boolean isAuthenticated = false; if (realmConfig == null) { realmConfig = dataHolder.getRealmConfig(); if (realmConfig == null) { realmConfig = getRealmConfig(); } } if (userStoreManager == null) { userStoreManager = dataHolder.getUserStoreManager(); if (userStoreManager == null) { userStoreManager = (UserStoreManager) MicroIntegratorSecurityUtils .createObjectWithOptions(realmConfig.getUserStoreClass(), realmConfig); } } for (Callback callback : callbacks) { if (callback instanceof WSPasswordCallback) { WSPasswordCallback passwordCallback = (WSPasswordCallback) callback; String username = passwordCallback.getIdentifer(); String receivedPasswd = null; switch (passwordCallback.getUsage()) { // TODO - Handle SIGNATURE, DECRYPT AND KERBEROS_TOKEN password callback usages case WSPasswordCallback.USERNAME_TOKEN_UNKNOWN: receivedPasswd = passwordCallback.getPassword(); try { if (receivedPasswd != null && this.authenticateUser(username, receivedPasswd)) { isAuthenticated = true; } else { throw new UnsupportedCallbackException(callback, "check failed"); } } catch (Exception e) { /* * As the UnsupportedCallbackException does not accept the exception as a parameter, * the stack trace is added to the error message. * */ throw new UnsupportedCallbackException(callback, "Check failed : System error\n" + MicroIntegratorSecurityUtils.stackTraceToString(e.getStackTrace())); } break; case WSPasswordCallback.USERNAME_TOKEN: /* * In username token scenario, if user sends the digested password, callback handler needs * to provide plain text password. We get plain text password through * UserCredentialRetriever interface, which is implemented by custom user store managers. */ UserCredentialRetriever userCredentialRetriever; String storedPassword = null; if (userStoreManager instanceof UserCredentialRetriever) { userCredentialRetriever = (UserCredentialRetriever) userStoreManager; storedPassword = userCredentialRetriever.getPassword(username); } else { log.error("Can not set user password in callback because primary userstore class" + " has not implemented UserCredentialRetriever interface."); } if (storedPassword != null) { try { if (!this.authenticateUser(username, storedPassword)) { log.error("User is not authorized!"); throw new UnsupportedCallbackException(callback, "check failed"); } } catch (Exception e) { /* * As the UnsupportedCallbackException does not accept the exception as a parameter, * the stack trace is added to the error message. * */ throw new UnsupportedCallbackException(callback, "Check failed : System error\n" + MicroIntegratorSecurityUtils.stackTraceToString(e.getStackTrace())); } passwordCallback.setPassword(storedPassword); break; } default: /* * When the password is null WS4J reports an error saying no password available for the * user. But its better if we simply report authentication failure. Therefore setting the * password to be the empty string in this situation. */ passwordCallback.setPassword(receivedPasswd); break; } if (isAuthenticated) { return; } } else { throw new UnsupportedCallbackException(callback, "Unrecognized Callback"); } } } catch (UnsupportedCallbackException | IOException e) { if (log.isDebugEnabled()) { //logging invlaid attempts log.debug("Error in handling PasswordCallbackHandler", e); throw e; } throw e; } catch (Exception e) { log.error("Error in handling PasswordCallbackHandler", e); throw new UnsupportedCallbackException(null, e.getMessage()); } }
From source file:org.wso2.carbon.security.util.ServicePasswordCallbackHandler.java
@Override public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { try {/*w w w . ja v a2 s . c o m*/ for (int i = 0; i < callbacks.length; i++) { if (callbacks[i] instanceof WSPasswordCallback) { WSPasswordCallback passwordCallback = (WSPasswordCallback) callbacks[i]; String username = passwordCallback.getIdentifer(); String receivedPasswd = null; switch (passwordCallback.getUsage()) { case WSPasswordCallback.SIGNATURE: case WSPasswordCallback.DECRYPT: String password = getPrivateKeyPassword(username); if (password == null) { throw new UnsupportedCallbackException(callbacks[i], "User not available " + "in a trusted store"); } passwordCallback.setPassword(password); break; case WSPasswordCallback.KERBEROS_TOKEN: passwordCallback.setPassword(getServicePrincipalPassword()); break; case WSPasswordCallback.USERNAME_TOKEN_UNKNOWN: receivedPasswd = passwordCallback.getPassword(); try { if (receivedPasswd != null && this.authenticateUser(username, receivedPasswd)) { // do nothing things are fine } else { throw new UnsupportedCallbackException(callbacks[i], "check failed"); } } catch (Exception e) { throw new UnsupportedCallbackException(callbacks[i], "Check failed : System error"); } break; case WSPasswordCallback.USERNAME_TOKEN: // In username token scenario, if user sends the digested password, callback handler needs to provide plain text password. // We get plain text password through UserCredentialRetriever interface, which is implemented by custom user store managers. // we expect username with domain name if user resides in a secondary user store, eg, WSO2.Test/fooUser. // Additionally, secondary user stores needs to implement UserCredentialRetriever interface too UserCredentialRetriever userCredentialRetriever; String storedPassword = null; String domainName = UserCoreUtil.extractDomainFromName(username); if (UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME.equals(domainName)) { if (realm.getUserStoreManager() instanceof UserCredentialRetriever) { userCredentialRetriever = (UserCredentialRetriever) realm.getUserStoreManager(); storedPassword = userCredentialRetriever.getPassword(username); } else { if (log.isDebugEnabled()) { log.debug( "Can not set user password in callback because primary userstore class" + " has not implemented UserCredentialRetriever interface."); } } } else { if (realm.getUserStoreManager() .getSecondaryUserStoreManager(domainName) instanceof UserCredentialRetriever) { userCredentialRetriever = (UserCredentialRetriever) realm.getUserStoreManager() .getSecondaryUserStoreManager(domainName); storedPassword = userCredentialRetriever .getPassword(UserCoreUtil.removeDomainFromName(username)); } else { if (log.isDebugEnabled()) { log.debug("Can not set user password in callback because secondary userstore " + "for domain:" + domainName + " has not implemented UserCredentialRetriever interface."); } } } if (storedPassword != null) { try { if (this.authenticateUser(username, storedPassword)) { // do nothing things are fine } else { if (log.isDebugEnabled()) { log.debug("User is not authorized!"); } throw new UnsupportedCallbackException(callbacks[i], "check failed"); } } catch (Exception e) { throw new UnsupportedCallbackException(callbacks[i], "Check failed : System error"); } passwordCallback.setPassword(storedPassword); break; } default: /* * When the password is null WS4J reports an error * saying no password available for the user. But its * better if we simply report authentication failure * Therefore setting the password to be the empty string * in this situation. */ passwordCallback.setPassword(receivedPasswd); break; } } else { throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback"); } } } catch (UnsupportedCallbackException | IOException e) { if (log.isDebugEnabled()) { log.debug("Error in handling ServicePasswordCallbackHandler", e); //logging invlaid passwords and attempts throw e; } throw e; } catch (UserStoreException | SecurityConfigException e) { log.error("Error in handling ServicePasswordCallbackHandler", e); throw new UnsupportedCallbackException(null, e.getMessage()); } catch (Exception e) { log.error("Error in handling ServicePasswordCallbackHandler", e); //can't build an unsupported exception. throw new UnsupportedCallbackException(null, e.getMessage()); } }