Java Code Examples for org.apache.ws.security.WSPasswordCallback#getIdentifier()

The following examples show how to use org.apache.ws.security.WSPasswordCallback#getIdentifier() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: ClientPasswordCallback.java    From document-management-system with GNU General Public License v2.0 6 votes vote down vote up
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
	log.info("handle({})", callbacks);
	WSPasswordCallback pwdCallback = (WSPasswordCallback) callbacks[0];

	log.debug("identifier: " + pwdCallback.getIdentifier());
	log.debug("usage: " + pwdCallback.getUsage());
	int usage = pwdCallback.getUsage();

	if (usage == WSPasswordCallback.USERNAME_TOKEN) {
		String password = pwdCallback.getPassword();
		Authentication authentication = new UsernamePasswordAuthenticationToken(pwdCallback.getIdentifier(), password);
		authentication = authenticationManager.authenticate(authentication);
		SecurityContextHolder.getContext().setAuthentication(authentication);

		// Return the password to the caller
		pwdCallback.setPassword(password);
	}
}
 
Example 2
Source File: SecurityWithServiceDescriptorTest.java    From product-ei with Apache License 2.0 6 votes vote down vote up
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {

		WSPasswordCallback pwcb = (WSPasswordCallback) callbacks[0];
		String id = pwcb.getIdentifier();
		int usage = pwcb.getUsage();

		if (usage == WSPasswordCallback.USERNAME_TOKEN) {

			if ("admin".equals(id)) {
				pwcb.setPassword("admin");
			} else if ("[email protected]".equals(id)) {
				pwcb.setPassword("admin123");
			}

		} else if (usage == WSPasswordCallback.SIGNATURE || usage == WSPasswordCallback.DECRYPT) {

			if ("wso2carbon".equals(id)) {
				pwcb.setPassword("wso2carbon");
			}
		}
	}
 
Example 3
Source File: InMemoryPasswordCallbackHandler.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
public void handle(Callback[] callbacks)
        throws IOException, UnsupportedCallbackException {

    for (int i = 0; i < callbacks.length; i++) {

        if (callbacks[i] instanceof WSPasswordCallback) {
            WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
            String id = pc.getIdentifier();
            if (keystorePassword.get(id) != null) {
                pc.setPassword(keystorePassword.get(id));
            } else {
                throw new UnsupportedCallbackException(callbacks[i], "no password found for " + id);
            }
        }

    }
}
 
Example 4
Source File: WSS4JInInterceptor.java    From steady with Apache License 2.0 5 votes vote down vote up
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
    for (int i = 0; i < callbacks.length; i++) {
        WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
        
        String id = pc.getIdentifier();
        
        if (SecurityTokenReference.ENC_KEY_SHA1_URI.equals(pc.getType())
            || WSConstants.WSS_KRB_KI_VALUE_TYPE.equals(pc.getType())) {
            for (String tokenId : store.getTokenIdentifiers()) {
                SecurityToken token = store.getToken(tokenId);
                if (id.equals(token.getSHA1())) {
                    pc.setKey(token.getSecret());
                    return;
                }
            }
        } else { 
            SecurityToken tok = store.getToken(id);
            if (tok != null) {
                pc.setKey(tok.getSecret());
                pc.setCustomToken(tok.getToken());
                return;
            }
        }
    }
    if (internal != null) {
        internal.handle(callbacks);
    }
}
 
Example 5
Source File: WSS4JInInterceptor.java    From steady with Apache License 2.0 5 votes vote down vote up
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
    for (int i = 0; i < callbacks.length; i++) {
        WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
        
        String id = pc.getIdentifier();
        
        if (SecurityTokenReference.ENC_KEY_SHA1_URI.equals(pc.getType())
            || WSConstants.WSS_KRB_KI_VALUE_TYPE.equals(pc.getType())) {
            for (String tokenId : store.getTokenIdentifiers()) {
                SecurityToken token = store.getToken(tokenId);
                if (id.equals(token.getSHA1())) {
                    pc.setKey(token.getSecret());
                    return;
                }
            }
        } else { 
            SecurityToken tok = store.getToken(id);
            if (tok != null) {
                pc.setKey(tok.getSecret());
                pc.setCustomToken(tok.getToken());
                return;
            }
        }
    }
    if (internal != null) {
        internal.handle(callbacks);
    }
}
 
Example 6
Source File: WSS4JInInterceptor.java    From steady with Apache License 2.0 5 votes vote down vote up
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
    for (int i = 0; i < callbacks.length; i++) {
        WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
        
        String id = pc.getIdentifier();
        
        if (SecurityTokenReference.ENC_KEY_SHA1_URI.equals(pc.getType())
            || WSConstants.WSS_KRB_KI_VALUE_TYPE.equals(pc.getType())) {
            for (String tokenId : store.getTokenIdentifiers()) {
                SecurityToken token = store.getToken(tokenId);
                if (id.equals(token.getSHA1())) {
                    pc.setKey(token.getSecret());
                    return;
                }
            }
        } else { 
            SecurityToken tok = store.getToken(id);
            if (tok != null) {
                pc.setKey(tok.getSecret());
                pc.setCustomToken(tok.getToken());
                return;
            }
        }
    }
    if (internal != null) {
        internal.handle(callbacks);
    }
}
 
Example 7
Source File: WSS4JInInterceptor.java    From steady with Apache License 2.0 5 votes vote down vote up
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
    for (int i = 0; i < callbacks.length; i++) {
        WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
        
        String id = pc.getIdentifier();
        
        if (SecurityTokenReference.ENC_KEY_SHA1_URI.equals(pc.getType())
            || WSConstants.WSS_KRB_KI_VALUE_TYPE.equals(pc.getType())) {
            for (String tokenId : store.getTokenIdentifiers()) {
                SecurityToken token = store.getToken(tokenId);
                if (id.equals(token.getSHA1())) {
                    pc.setKey(token.getSecret());
                    return;
                }
            }
        } else { 
            SecurityToken tok = store.getToken(id);
            if (tok != null) {
                pc.setKey(tok.getSecret());
                pc.setCustomToken(tok.getToken());
                return;
            }
        }
    }
    if (internal != null) {
        internal.handle(callbacks);
    }
}
 
Example 8
Source File: ServerPWCallback.java    From Knowage-Server with GNU Affero General Public License v3.0 4 votes vote down vote up
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
	logger.debug("IN");
	for (int i = 0; i < callbacks.length; i++) {
		if (callbacks[i] instanceof WSPasswordCallback) {
			WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
			String userId = pc.getIdentifier();
			logger.debug("UserId found from request: " + userId);
			if (pc.getUsage() == WSPasswordCallback.DECRYPT) {
				logger.debug("WSPasswordCallback.DECRYPT=" + WSPasswordCallback.DECRYPT);
				pc.setPassword("security");
				// } else if (pc.getUsage() == WSPasswordCallback.USERNAME_TOKEN) {
				// logger.debug("WSPasswordCallback.USERNAME_TOKEN = " + pc.getUsage() + " callback usage");
				// // for passwords sent in digest mode we need to provide the password,
				// // because the original one can't be un-digested from the message
				// String password = getPassword(userId);
				// // this will throw an exception if the passwords don't match
				// pc.setPassword(password);
			} else if (pc.getUsage() == WSPasswordCallback.USERNAME_TOKEN_UNKNOWN) {
				logger.debug("WSPasswordCallback.USERNAME_TOKEN_UNKNOWN = " + pc.getUsage() + " callback usage");
				// for passwords sent in clear-text mode we can compare passwords directly
				// Get the password that was sent
				String password = pc.getPassword();
				// Now pass them to your authentication mechanism
				SpagoBIUserProfile profile = authenticate(userId, password); // throws WSSecurityException.FAILED_AUTHENTICATION on failure
				logger.debug("New userId is " + profile.getUniqueIdentifier());
				userId = profile.getUniqueIdentifier();
			} else {
				logger.error("WSPasswordCallback usage [" + pc.getUsage() + "] not treated.");
				throw new UnsupportedCallbackException(callbacks[i], "WSPasswordCallback usage [" + pc.getUsage() + "] not treated.");
			}
			// Put userId into MessageContext (for services that depend on profiling)
			MessageContext mc = MessageContext.getCurrentContext();
			logger.debug("Setting userId to " + userId);
			mc.setProperty(WSHandlerConstants.USER, userId);
		} else {
			logger.error("Unrecognized Callback");
			throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback");
		}
	}
}