Java Code Examples for javax.security.auth.callback.CallbackHandler#handle()

The following examples show how to use javax.security.auth.callback.CallbackHandler#handle() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: SamlTokenInterceptor.java    From steady with Apache License 2.0 6 votes vote down vote up
public String getPassword(String userName, SamlToken info, int type, SoapMessage message) {
    //Then try to get the password from the given callback handler

    CallbackHandler handler = getCallback(message);
    if (handler == null) {
        policyNotAsserted(info, "No callback handler and no password available", message);
        return null;
    }
    
    WSPasswordCallback[] cb = {new WSPasswordCallback(userName, type)};
    try {
        handler.handle(cb);
    } catch (Exception e) {
        policyNotAsserted(info, e, message);
    }
    
    //get the password
    return cb[0].getPassword();
}
 
Example 2
Source File: AbstractBindingBuilder.java    From steady with Apache License 2.0 6 votes vote down vote up
public String getPassword(String userName, Assertion info, int type) {
    //Then try to get the password from the given callback handler
    CallbackHandler handler = getCallbackHandler();
    if (handler == null) {
        policyNotAsserted(info, "No callback handler and no password available");
        return null;
    }
    
    WSPasswordCallback[] cb = {new WSPasswordCallback(userName, type)};
    try {
        handler.handle(cb);
    } catch (Exception e) {
        policyNotAsserted(info, e);
    }
    
    //get the password
    return cb[0].getPassword();
}
 
Example 3
Source File: AbstractFedizProcessor.java    From cxf-fediz with Apache License 2.0 6 votes vote down vote up
protected String resolveWTRealm(HttpServletRequest request, FedizContext config) throws IOException,
    UnsupportedCallbackException {
    Object wtRealmObj = config.getProtocol().getRealm();
    String wtRealm = null;
    if (wtRealmObj != null) {
        if (wtRealmObj instanceof String) {
            wtRealm = (String)wtRealmObj;
        } else if (wtRealmObj instanceof CallbackHandler) {
            CallbackHandler hrCB = (CallbackHandler)wtRealmObj;
            RealmCallback callback = new RealmCallback(request);
            hrCB.handle(new Callback[] {callback});
            wtRealm = callback.getRealm();
        }
    } else {
        wtRealm = extractFullContextPath(request); //default value
    }
    return wtRealm;
}
 
Example 4
Source File: SamlTokenInterceptor.java    From steady with Apache License 2.0 6 votes vote down vote up
public String getPassword(String userName, SamlToken info, int type, SoapMessage message) {
    //Then try to get the password from the given callback handler

    CallbackHandler handler = getCallback(message);
    if (handler == null) {
        policyNotAsserted(info, "No callback handler and no password available", message);
        return null;
    }
    
    WSPasswordCallback[] cb = {new WSPasswordCallback(userName, type)};
    try {
        handler.handle(cb);
    } catch (Exception e) {
        policyNotAsserted(info, e, message);
    }
    
    //get the password
    return cb[0].getPassword();
}
 
Example 5
Source File: AbstractBindingBuilder.java    From steady with Apache License 2.0 6 votes vote down vote up
public String getPassword(String userName, Assertion info, int type) {
    //Then try to get the password from the given callback handler
    CallbackHandler handler = getCallbackHandler();
    if (handler == null) {
        policyNotAsserted(info, "No callback handler and no password available");
        return null;
    }
    
    WSPasswordCallback[] cb = {new WSPasswordCallback(userName, type)};
    try {
        handler.handle(cb);
    } catch (Exception e) {
        policyNotAsserted(info, e);
    }
    
    //get the password
    return cb[0].getPassword();
}
 
Example 6
Source File: UsernameTokenInterceptor.java    From steady with Apache License 2.0 6 votes vote down vote up
public String getPassword(String userName, UsernameToken info, int type, SoapMessage message) {
    //Then try to get the password from the given callback handler

    CallbackHandler handler = getCallback(message);
    if (handler == null) {
        policyNotAsserted(info, "No callback handler and no password available", message);
        return null;
    }
    
    WSPasswordCallback[] cb = {new WSPasswordCallback(userName,
                                                      type)};
    try {
        handler.handle(cb);
    } catch (Exception e) {
        policyNotAsserted(info, e, message);
    }
    
    //get the password
    return cb[0].getPassword();
}
 
Example 7
Source File: SamlTokenInterceptor.java    From steady with Apache License 2.0 6 votes vote down vote up
public String getPassword(String userName, SamlToken info, int type, SoapMessage message) {
    //Then try to get the password from the given callback handler

    CallbackHandler handler = getCallback(message);
    if (handler == null) {
        policyNotAsserted(info, "No callback handler and no password available", message);
        return null;
    }
    
    WSPasswordCallback[] cb = {new WSPasswordCallback(userName, type)};
    try {
        handler.handle(cb);
    } catch (Exception e) {
        policyNotAsserted(info, e, message);
    }
    
    //get the password
    return cb[0].getPassword();
}
 
Example 8
Source File: AbstractBindingBuilder.java    From steady with Apache License 2.0 6 votes vote down vote up
public String getPassword(String userName, Assertion info, int type) {
    //Then try to get the password from the given callback handler
    CallbackHandler handler = getCallbackHandler();
    if (handler == null) {
        policyNotAsserted(info, "No callback handler and no password available");
        return null;
    }
    
    WSPasswordCallback[] cb = {new WSPasswordCallback(userName, type)};
    try {
        handler.handle(cb);
    } catch (Exception e) {
        policyNotAsserted(info, e);
    }
    
    //get the password
    return cb[0].getPassword();
}
 
Example 9
Source File: UsernameTokenInterceptor.java    From steady with Apache License 2.0 6 votes vote down vote up
public String getPassword(String userName, UsernameToken info, int type, SoapMessage message) {
    //Then try to get the password from the given callback handler

    CallbackHandler handler = getCallback(message);
    if (handler == null) {
        policyNotAsserted(info, "No callback handler and no password available", message);
        return null;
    }
    
    WSPasswordCallback[] cb = {new WSPasswordCallback(userName,
                                                      type)};
    try {
        handler.handle(cb);
    } catch (Exception e) {
        policyNotAsserted(info, e, message);
    }
    
    //get the password
    return cb[0].getPassword();
}
 
Example 10
Source File: CryptoProviderUtils.java    From cxf with Apache License 2.0 6 votes vote down vote up
public static String getCallbackPwd(String userName, int usage, CallbackHandler handler) {
    if (handler == null) {
        return null;
    }
    WSPasswordCallback[] cb = {
        new WSPasswordCallback(userName, usage)
    };
    try {
        handler.handle(cb);
    } catch (Exception e) {
        throw new CryptoProviderException("Cannot get password from callback: " + e, e);
    }

    // get the password
    return cb[0].getPassword();
}
 
Example 11
Source File: LogoutHandler.java    From cxf-fediz with Apache License 2.0 5 votes vote down vote up
private Pattern resolveLogoutRedirectToConstraint(HttpServletRequest request, FedizContext config)
    throws IOException, UnsupportedCallbackException {
    Object logoutConstraintObj = config.getLogoutRedirectToConstraint();
    if (logoutConstraintObj instanceof Pattern) {
        return (Pattern)logoutConstraintObj;
    } else if (logoutConstraintObj instanceof CallbackHandler) {
        CallbackHandler frCB = (CallbackHandler)logoutConstraintObj;
        ReplyConstraintCallback callback = new ReplyConstraintCallback(request);
        frCB.handle(new Callback[] {callback});
        return callback.getReplyConstraint();
    }
    return null;
}
 
Example 12
Source File: DomainManagedServerCallbackHandler.java    From wildfly-core with GNU Lesser General Public License v2.1 5 votes vote down vote up
private char[] fetchCredential(final String serverName) throws UnsupportedCallbackException, IOException {
    final CallbackHandler serverCallbackHandler = this.serverCallbackHandler;
    if (serverCallbackHandler == null) {
        throw DomainManagementLogger.ROOT_LOGGER.callbackHandlerNotInitialized(serverName);
    }
    final List<Callback> callbacks = new ArrayList<>();
    final NameCallback nc = new NameCallback("None", serverName);
    callbacks.add(nc);
    final PasswordCallback pc = new PasswordCallback("Password: ", false);
    callbacks.add(pc);
    serverCallbackHandler.handle(callbacks.toArray(new Callback[callbacks.size()]));
    return pc.getPassword();
}
 
Example 13
Source File: DomainManagedServerCallbackHandler.java    From wildfly-core with GNU Lesser General Public License v2.1 5 votes vote down vote up
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
    final CallbackHandler serverCallbackHandler = this.serverCallbackHandler;
    if (serverCallbackHandler != null) {
        serverCallbackHandler.handle((callbacks));
    }
}
 
Example 14
Source File: XmlSecInInterceptor.java    From cxf with Apache License 2.0 5 votes vote down vote up
private void configureDecryptionKeys(Message message, XMLSecurityProperties properties)
    throws IOException,
    UnsupportedCallbackException, WSSecurityException {
    String cryptoKey = null;
    String propKey = null;
    if (RSSecurityUtils.isSignedAndEncryptedTwoWay(message)) {
        cryptoKey = SecurityConstants.SIGNATURE_CRYPTO;
        propKey = SecurityConstants.SIGNATURE_PROPERTIES;
    } else {
        cryptoKey = SecurityConstants.ENCRYPT_CRYPTO;
        propKey = SecurityConstants.ENCRYPT_PROPERTIES;
    }

    Crypto crypto = null;
    try {
        crypto = new CryptoLoader().getCrypto(message, cryptoKey, propKey);
    } catch (Exception ex) {
        throwFault("Crypto can not be loaded", ex);
    }

    if (crypto != null) {
        String alias = decryptionAlias;
        if (alias == null) {
            alias = crypto.getDefaultX509Identifier();
        }
        if (alias != null) {
            CallbackHandler callback = RSSecurityUtils.getCallbackHandler(message, this.getClass());
            WSPasswordCallback passwordCallback =
                new WSPasswordCallback(alias, WSPasswordCallback.DECRYPT);
            callback.handle(new Callback[] {passwordCallback});

            Key privateKey = crypto.getPrivateKey(alias, passwordCallback.getPassword());
            properties.setDecryptionKey(privateKey);
        }
    }
}
 
Example 15
Source File: FederationProcessorImpl.java    From cxf-fediz with Apache License 2.0 5 votes vote down vote up
private String resolveSignOutQuery(HttpServletRequest request, FedizContext config) throws IOException,
    UnsupportedCallbackException {
    Object signOutQueryObj = ((FederationProtocol)config.getProtocol()).getSignOutQuery();
    String signOutQuery = null;
    if (signOutQueryObj != null) {
        if (signOutQueryObj instanceof String) {
            signOutQuery = (String)signOutQueryObj;
        } else if (signOutQueryObj instanceof CallbackHandler) {
            CallbackHandler frCB = (CallbackHandler)signOutQueryObj;
            SignOutQueryCallback callback = new SignOutQueryCallback(request);
            frCB.handle(new Callback[] {
                callback
            });
            Map<String, String> signOutQueryMap = callback.getSignOutQueryParamMap();
            if (signOutQueryMap != null) {
                StringBuilder sbQuery = new StringBuilder();
                for (Entry<String, String> entry : signOutQueryMap.entrySet()) {
                    if (sbQuery.length() > 0) {
                        sbQuery.append('&');
                    }
                    sbQuery.append(entry.getKey()).append('=').append(encode(entry.getValue(), UTF_8.name()));
                }
                signOutQuery = sbQuery.toString();
            }
        }
    }
    return signOutQuery;
}
 
Example 16
Source File: ScramSaslClientTest.java    From mongodb-async-driver with Apache License 2.0 5 votes vote down vote up
/**
 * Test method for {@link ScramSaslClient#createInitialMessage()}.
 *
 * @throws UnsupportedCallbackException
 *             On a test failure.
 * @throws IOException
 *             On a test failure.
 */
@Test
public void testCreateInitialMessageOnCallbackThrowingAnUnsupportedCallbackException()
        throws IOException, UnsupportedCallbackException {
    final CallbackHandler mockHandler = createMock(CallbackHandler.class);

    final UnsupportedCallbackException thrown = new UnsupportedCallbackException(
            null);
    final Capture<Callback[]> callbackCapture = new Capture<Callback[]>();
    mockHandler.handle(capture(callbackCapture));
    expectLastCall().andThrow(thrown);

    replay(mockHandler);

    final ScramSaslClient client = new ScramSaslClient(mockHandler);
    try {
        client.evaluateChallenge(null);
    }
    catch (final SaslException expected) {
        assertThat(expected.getCause(), sameInstance((Throwable) thrown));
    }

    verify(mockHandler);

    assertThat(callbackCapture.getValue().length, is(1));
    assertThat(callbackCapture.getValue()[0],
            instanceOf(NameCallback.class));
}
 
Example 17
Source File: QuarkusDirContextFactory.java    From quarkus with Apache License 2.0 5 votes vote down vote up
@Override
public DirContext obtainDirContext(CallbackHandler handler, ReferralMode mode) throws NamingException {
    NameCallback nameCallback = new NameCallback("Principal Name");
    PasswordCallback passwordCallback = new PasswordCallback("Password", false);

    try {
        handler.handle(new Callback[] { nameCallback, passwordCallback });
    } catch (Exception e) {
        throw new RuntimeException("Could not obtain credential", e);
        //            throw log.couldNotObtainCredentialWithCause(e);
    }

    String securityPrincipal = nameCallback.getName();

    if (securityPrincipal == null) {
        throw new RuntimeException("Could not obtain principal");
        //            throw log.couldNotObtainPrincipal();
    }

    char[] securityCredential = passwordCallback.getPassword();

    if (securityCredential == null) {
        throw new RuntimeException("Could not obtain credential");
        //            throw log.couldNotObtainCredential();
    }

    return createDirContext(securityPrincipal, securityCredential, mode);
}
 
Example 18
Source File: JBossCallbackHandler.java    From lams with GNU General Public License v2.0 4 votes vote down vote up
/**
 * Handle a {@code Callback}
 * @param c callback
 * @throws UnsupportedCallbackException If the callback is not supported by this handler
 */
protected void handleCallBack( Callback c ) throws UnsupportedCallbackException
{
   if (c instanceof SecurityAssociationCallback)
   {
      SecurityAssociationCallback sac = (SecurityAssociationCallback) c;
      sac.setPrincipal(principal);
      sac.setCredential(credential);
   }
   else if (c instanceof ObjectCallback)
   {
      ObjectCallback oc = (ObjectCallback) c;
      oc.setCredential(credential);
   }
   else if (c instanceof NameCallback)
   {
      NameCallback nc = (NameCallback) c;
      if (principal != null)
         nc.setName(principal.getName());
   }
   else if (c instanceof PasswordCallback)
   {
      PasswordCallback pc = (PasswordCallback) c;
      char[] password = getPassword();
      if (password != null)
         pc.setPassword(password);
   }
   else
   {
      try
      {
         CallbackHandler handler = SecurityActions.getContextCallbackHandler();
         if( handler != null )
         {
            Callback[] unknown = {c};
            handler.handle(unknown);
            return;
         }
      }
      catch (Exception e)
      {
      } 

      throw PicketBoxMessages.MESSAGES.unableToHandleCallback(c, this.getClass().getName(), c.getClass().getCanonicalName());
   }
   
}
 
Example 19
Source File: SecurityAssociationHandler.java    From lams with GNU General Public License v2.0 4 votes vote down vote up
/** Handles SecurityAssociationCallback, ObjectCallback, NameCallback and
 PasswordCallback types. A NameCallback name property is set to
 the Prinicpal.getName() value. A PasswordCallback password property is
 set to the getPassword() value. The preferred SecurityAssociationCallback
 has its principal and credential properties set to the instance principal
 and credential. An ObjectCallback has its credential set to the credential
 value.

 @see #getPassword()
 @exception UnsupportedCallbackException - thrown if any callback of
 type other than SecurityAssociationCallback, ObjectCallback, NameCallback
 or PasswordCallback are seen.
 */
public void handle(Callback[] callbacks) throws
   UnsupportedCallbackException, IOException
{
   for (int i = 0; i < callbacks.length; i++)
   {
      Callback c = callbacks[i];
      if (c instanceof SecurityAssociationCallback)
      {
         SecurityAssociationCallback sac = (SecurityAssociationCallback) c;
         sac.setPrincipal(principal);
         sac.setCredential(credential);
      }
      else if (c instanceof ObjectCallback)
      {
         ObjectCallback oc = (ObjectCallback) c;
         oc.setCredential(credential);
      }
      else if (c instanceof NameCallback)
      {
         NameCallback nc = (NameCallback) c;
         if (principal != null)
            nc.setName(principal.getName());
      }
      else if (c instanceof PasswordCallback)
      {
         PasswordCallback pc = (PasswordCallback) c;
         char[] password = getPassword();
         if (password != null)
            pc.setPassword(password);
      }
      else
      {
         // Try the JACC context CallbackHandler 
         try
         {
            CallbackHandler handler = SecurityActions.getContextCallbackHandler();
            if( handler != null )
            {
               Callback[] unknown = {c};
               handler.handle(unknown);
               return;
            }
         }
         catch (Exception e)
         {
         }
         throw PicketBoxMessages.MESSAGES.unableToHandleCallback(c, this.getClass().getName(), c.getClass().getCanonicalName());
      }
   }
}
 
Example 20
Source File: CallbackHandlerTest.java    From cxf-fediz with Apache License 2.0 4 votes vote down vote up
@org.junit.Test
public void testParamsWithCallbackHandlerFederation() throws Exception {

    final JAXBContext jaxbContext = JAXBContext.newInstance(FedizConfig.class);
    FedizConfig configOut = createConfigCB(true);
    StringWriter writer = new StringWriter();
    jaxbContext.createMarshaller().marshal(configOut, writer);
    StringReader reader = new StringReader(writer.toString());

    FedizConfigurator configurator = new FedizConfigurator();
    configurator.loadConfig(reader);

    FedizContext ctx = configurator.getFedizContext(CONFIG_NAME);

    FederationProtocol fp = (FederationProtocol)ctx.getProtocol();

    Object issuerObj = fp.getIssuer();
    Assert.assertTrue(issuerObj instanceof CallbackHandler);
    CallbackHandler issuerCB = (CallbackHandler)issuerObj;
    IDPCallback callbackIDP = new IDPCallback(null);
    issuerCB.handle(new Callback[] {callbackIDP});
    String issuerURL = callbackIDP.getIssuerUrl().toString();
    Assert.assertEquals(TestCallbackHandler.TEST_IDP, issuerURL);

    Object wAuthObj = fp.getAuthenticationType();
    Assert.assertTrue(wAuthObj instanceof CallbackHandler);
    CallbackHandler wauthCB = (CallbackHandler)wAuthObj;
    WAuthCallback callbackWA = new WAuthCallback(null);
    wauthCB.handle(new Callback[] {callbackWA});
    String wAuth = callbackWA.getWauth();
    Assert.assertEquals(TestCallbackHandler.TEST_WAUTH, wAuth);

    Object wReqObj = fp.getRequest();
    Assert.assertTrue(wReqObj instanceof CallbackHandler);
    CallbackHandler wreqCB = (CallbackHandler)wReqObj;
    WReqCallback callbackReq = new WReqCallback(null);
    wreqCB.handle(new Callback[] {callbackReq});
    String wReq = callbackReq.getWreq();
    Assert.assertEquals(TestCallbackHandler.TEST_WREQ, wReq);

    Object homeRealmObj = fp.getHomeRealm();
    Assert.assertTrue(homeRealmObj instanceof CallbackHandler);
    CallbackHandler hrCB = (CallbackHandler)homeRealmObj;
    HomeRealmCallback callbackHR = new HomeRealmCallback(null);
    hrCB.handle(new Callback[] {callbackHR});
    String hr = callbackHR.getHomeRealm();
    Assert.assertEquals(TestCallbackHandler.TEST_HOME_REALM, hr);

    Object wtRealmObj = fp.getRealm();
    Assert.assertTrue(wtRealmObj instanceof CallbackHandler);
    CallbackHandler wtrCB = (CallbackHandler)wtRealmObj;
    RealmCallback callbackWTR = new RealmCallback(null);
    wtrCB.handle(new Callback[]{callbackWTR});
    String wtr = callbackWTR.getRealm();
    Assert.assertEquals(TestCallbackHandler.TEST_WTREALM, wtr);

    Object signInQueryObj = fp.getSignInQuery();
    Assert.assertTrue(signInQueryObj instanceof CallbackHandler);
    CallbackHandler siqCB = (CallbackHandler)signInQueryObj;
    SignInQueryCallback callbackSIQ = new SignInQueryCallback(null);
    siqCB.handle(new Callback[] {callbackSIQ});
    Map<String, String> signinQueryMap = callbackSIQ.getSignInQueryParamMap();
    Assert.assertEquals(2, signinQueryMap.size());
    Assert.assertEquals("myid", signinQueryMap.get("pubid"));
    Assert.assertEquals("<=>", signinQueryMap.get("testenc"));

    Object replyObj = fp.getReply();
    Assert.assertTrue(replyObj instanceof CallbackHandler);
    CallbackHandler replyCB = (CallbackHandler)replyObj;
    ReplyCallback callbackReply = new ReplyCallback(null);
    replyCB.handle(new Callback[] {callbackReply});
    String reply = callbackReply.getReply();
    Assert.assertEquals(TestCallbackHandler.TEST_REPLY, reply);

}