--- JAASCallbackHandler.java.old Sat Aug 28 20:14:06 2004 +++ JAASCallbackHandler.java Fri Sep 10 01:01:14 2004 @@ -25,25 +25,38 @@ import javax.security.auth.callback.PasswordCallback; import javax.security.auth.callback.UnsupportedCallbackException; +import org.apache.catalina.util.StringManager; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; /** - *

Implementation of the JAAS CallbackHandler interface, + *

Implementation of the JAAS CallbackHandler interface, * used to negotiate delivery of the username and credentials that were * specified to our constructor. No interaction with the user is required * (or possible).

+ *

This CallbackHandler will pre-digest the supplied + * password, if required by the <Realm> element in + * server.xml.

+ *

At present, JAASCallbackHandler knows how to handle callbacks of + * type javax.security.auth.callback.NameCallback and + * javax.security.auth.callback.PasswordCallback.

* * @author Craig R. McClanahan + * @author Andrew R. Jaquith * @version $Revision: 1.3 $ $Date: 2004/02/29 12:38:47 $ */ public class JAASCallbackHandler implements CallbackHandler { + private static Log log = LogFactory.getLog(JAASCallbackHandler.class); // ------------------------------------------------------------ Constructor /** * Construct a callback handler configured with the specified values. + * Note that if the JAASRealm instance specifies digested passwords, + * the password parameter will be pre-digested here. * * @param realm Our associated JAASRealm instance * @param username Username to be authenticated with @@ -55,13 +68,25 @@ super(); this.realm = realm; this.username = username; - this.password = password; - + if (realm.hasMessageDigest()) { + this.password = realm.digest(password); + if (log.isDebugEnabled()) { + log.debug(sm.getString("jaasCallback.digestpassword", password, this.password)); + } + } + else { + this.password = password; + } } // ----------------------------------------------------- Instance Variables + /** + * The string manager for this package. + */ + protected static final StringManager sm = + StringManager.getManager(Constants.Package); /** * The password to be authenticated with. @@ -85,11 +110,11 @@ /** - * Retrieve the information requested in the provided Callbacks. This - * implementation only recognizes NameCallback and + * Retrieve the information requested in the provided Callbacks. + * This implementation only recognizes NameCallback and * PasswordCallback instances. * - * @param callbacks The set of callbacks to be processed + * @param callbacks The set of Callbacks to be processed * * @exception IOException if an input/output error occurs * @exception UnsupportedCallbackException if the login method requests @@ -101,16 +126,19 @@ for (int i = 0; i < callbacks.length; i++) { if (callbacks[i] instanceof NameCallback) { - if (realm.getDebug() >= 3) - realm.log("Returning username " + username); + if (log.isDebugEnabled()) { + log.debug(sm.getString("jaasCallback.username", username)); + } ((NameCallback) callbacks[i]).setName(username); } else if (callbacks[i] instanceof PasswordCallback) { - if (realm.getDebug() >= 3) - realm.log("Returning password " + password); + if (log.isDebugEnabled()) { + log.debug(sm.getString("jaasCallback.password", password)); + } final char[] passwordcontents; if (password != null) { passwordcontents = password.toCharArray(); - } else { + } + else { passwordcontents = new char[0]; } ((PasswordCallback) callbacks[i]).setPassword