Lines 1-5
Link Here
|
1 |
/* |
1 |
/* |
2 |
* Copyright 1999,2004 The Apache Software Foundation. |
2 |
* Copyright 2001-2002,2004 The Apache Software Foundation. |
3 |
* |
3 |
* |
4 |
* Licensed under the Apache License, Version 2.0 (the "License"); |
4 |
* Licensed under the Apache License, Version 2.0 (the "License"); |
5 |
* you may not use this file except in compliance with the License. |
5 |
* you may not use this file except in compliance with the License. |
Lines 14-20
Link Here
|
14 |
* limitations under the License. |
14 |
* limitations under the License. |
15 |
*/ |
15 |
*/ |
16 |
|
16 |
|
17 |
|
|
|
18 |
package org.apache.catalina.realm; |
17 |
package org.apache.catalina.realm; |
19 |
|
18 |
|
20 |
|
19 |
|
Lines 25-49
Link Here
|
25 |
import javax.security.auth.callback.PasswordCallback; |
24 |
import javax.security.auth.callback.PasswordCallback; |
26 |
import javax.security.auth.callback.UnsupportedCallbackException; |
25 |
import javax.security.auth.callback.UnsupportedCallbackException; |
27 |
|
26 |
|
|
|
27 |
import org.apache.catalina.util.StringManager; |
28 |
import org.apache.commons.logging.Log; |
29 |
import org.apache.commons.logging.LogFactory; |
28 |
|
30 |
|
29 |
/** |
31 |
/** |
30 |
* <p>Implementation of the JAAS <strong>CallbackHandler</code> interface, |
32 |
* <p>Implementation of the JAAS <code>CallbackHandler</code> interface, |
31 |
* used to negotiate delivery of the username and credentials that were |
33 |
* used to negotiate delivery of the username and credentials that were |
32 |
* specified to our constructor. No interaction with the user is required |
34 |
* specified to our constructor. No interaction with the user is required |
33 |
* (or possible).</p> |
35 |
* (or possible).</p> |
|
|
36 |
* <p>This <code>CallbackHandler</code> will pre-digest the supplied |
37 |
* password, if required by the <code><Realm></code> element in |
38 |
* <code>server.xml</code>.</p> |
39 |
* <p>At present, <code>JAASCallbackHandler</code> knows how to handle callbacks of |
40 |
* type <code>javax.security.auth.callback.NameCallback</code> and |
41 |
* <code>javax.security.auth.callback.PasswordCallback</code>.</p> |
34 |
* |
42 |
* |
35 |
* @author Craig R. McClanahan |
43 |
* @author Craig R. McClanahan |
36 |
* @version $Revision: 1.3 $ $Date: 2004/02/29 12:38:47 $ |
44 |
* @author Andrew R. Jaquith |
|
|
45 |
* @version $Revision: 1.1.1.1 $ $Date: 2002/07/18 16:47:54 $ |
37 |
*/ |
46 |
*/ |
38 |
|
47 |
|
39 |
public class JAASCallbackHandler implements CallbackHandler { |
48 |
public class JAASCallbackHandler implements CallbackHandler { |
40 |
|
49 |
|
|
|
50 |
private static Log log = LogFactory.getLog(JAASCallbackHandler.class); |
41 |
|
51 |
|
42 |
// ------------------------------------------------------------ Constructor |
52 |
// ------------------------------------------------------------ Constructor |
43 |
|
53 |
|
44 |
|
54 |
|
45 |
/** |
55 |
/** |
46 |
* Construct a callback handler configured with the specified values. |
56 |
* Construct a callback handler configured with the specified values. |
|
|
57 |
* Note that if the <code>JAASRealm</code> instance specifies digested passwords, |
58 |
* the <code>password</code> parameter will be pre-digested here. |
47 |
* |
59 |
* |
48 |
* @param realm Our associated JAASRealm instance |
60 |
* @param realm Our associated JAASRealm instance |
49 |
* @param username Username to be authenticated with |
61 |
* @param username Username to be authenticated with |
Lines 55-67
Link Here
|
55 |
super(); |
67 |
super(); |
56 |
this.realm = realm; |
68 |
this.realm = realm; |
57 |
this.username = username; |
69 |
this.username = username; |
58 |
this.password = password; |
70 |
if (realm.hasMessageDigest()) { |
59 |
|
71 |
this.password = realm.digest(password); |
|
|
72 |
if (log.isDebugEnabled()) { |
73 |
log.debug(sm.getString("jaasCallback.digestpassword", password, this.password)); |
74 |
} |
75 |
} |
76 |
else { |
77 |
this.password = password; |
78 |
} |
60 |
} |
79 |
} |
61 |
|
80 |
|
62 |
|
81 |
|
63 |
// ----------------------------------------------------- Instance Variables |
82 |
// ----------------------------------------------------- Instance Variables |
64 |
|
83 |
|
|
|
84 |
/** |
85 |
* The string manager for this package. |
86 |
*/ |
87 |
protected static final StringManager sm = |
88 |
StringManager.getManager(Constants.Package); |
65 |
|
89 |
|
66 |
/** |
90 |
/** |
67 |
* The password to be authenticated with. |
91 |
* The password to be authenticated with. |
Lines 85-95
Link Here
|
85 |
|
109 |
|
86 |
|
110 |
|
87 |
/** |
111 |
/** |
88 |
* Retrieve the information requested in the provided Callbacks. This |
112 |
* Retrieve the information requested in the provided <code>Callbacks</code>. |
89 |
* implementation only recognizes <code>NameCallback</code> and |
113 |
* This implementation only recognizes <code>NameCallback</code> and |
90 |
* <code>PasswordCallback</code> instances. |
114 |
* <code>PasswordCallback</code> instances. |
91 |
* |
115 |
* |
92 |
* @param callbacks The set of callbacks to be processed |
116 |
* @param callbacks The set of <code>Callback</code>s to be processed |
93 |
* |
117 |
* |
94 |
* @exception IOException if an input/output error occurs |
118 |
* @exception IOException if an input/output error occurs |
95 |
* @exception UnsupportedCallbackException if the login method requests |
119 |
* @exception UnsupportedCallbackException if the login method requests |
Lines 101-116
Link Here
|
101 |
for (int i = 0; i < callbacks.length; i++) { |
125 |
for (int i = 0; i < callbacks.length; i++) { |
102 |
|
126 |
|
103 |
if (callbacks[i] instanceof NameCallback) { |
127 |
if (callbacks[i] instanceof NameCallback) { |
104 |
if (realm.getDebug() >= 3) |
128 |
if (log.isDebugEnabled()) { |
105 |
realm.log("Returning username " + username); |
129 |
log.debug(sm.getString("jaasCallback.username", username)); |
|
|
130 |
} |
106 |
((NameCallback) callbacks[i]).setName(username); |
131 |
((NameCallback) callbacks[i]).setName(username); |
107 |
} else if (callbacks[i] instanceof PasswordCallback) { |
132 |
} else if (callbacks[i] instanceof PasswordCallback) { |
108 |
if (realm.getDebug() >= 3) |
133 |
if (log.isDebugEnabled()) { |
109 |
realm.log("Returning password " + password); |
134 |
log.debug(sm.getString("jaasCallback.password", password)); |
|
|
135 |
} |
110 |
final char[] passwordcontents; |
136 |
final char[] passwordcontents; |
111 |
if (password != null) { |
137 |
if (password != null) { |
112 |
passwordcontents = password.toCharArray(); |
138 |
passwordcontents = password.toCharArray(); |
113 |
} else { |
139 |
} |
|
|
140 |
else { |
114 |
passwordcontents = new char[0]; |
141 |
passwordcontents = new char[0]; |
115 |
} |
142 |
} |
116 |
((PasswordCallback) callbacks[i]).setPassword |
143 |
((PasswordCallback) callbacks[i]).setPassword |