View | Details | Raw Unified | Return to bug 28631
Collapse All | Expand All

(-)JAASCallbackHandler.java.old (-11 / +39 lines)
Lines 25-49 Link Here
25
import javax.security.auth.callback.PasswordCallback;
25
import javax.security.auth.callback.PasswordCallback;
26
import javax.security.auth.callback.UnsupportedCallbackException;
26
import javax.security.auth.callback.UnsupportedCallbackException;
27
27
28
import org.apache.catalina.util.StringManager;
29
import org.apache.commons.logging.Log;
30
import org.apache.commons.logging.LogFactory;
28
31
29
/**
32
/**
30
 * <p>Implementation of the JAAS <strong>CallbackHandler</code> interface,
33
 * <p>Implementation of the JAAS <code>CallbackHandler</code> interface,
31
 * used to negotiate delivery of the username and credentials that were
34
 * used to negotiate delivery of the username and credentials that were
32
 * specified to our constructor.  No interaction with the user is required
35
 * specified to our constructor.  No interaction with the user is required
33
 * (or possible).</p>
36
 * (or possible).</p>
37
 * <p>This <code>CallbackHandler</code> will pre-digest the supplied
38
 * password, if required by the <code>&lt;Realm&gt;</code> element in 
39
 * <code>server.xml</code>.</p>
40
 * <p>At present, <code>JAASCallbackHandler</code> knows how to handle callbacks of
41
 * type <code>javax.security.auth.callback.NameCallback</code> and
42
 * <code>javax.security.auth.callback.PasswordCallback</code>.</p>
34
 *
43
 *
35
 * @author Craig R. McClanahan
44
 * @author Craig R. McClanahan
45
 * @author Andrew R. Jaquith
36
 * @version $Revision: 1.3 $ $Date: 2004/02/29 12:38:47 $
46
 * @version $Revision: 1.3 $ $Date: 2004/02/29 12:38:47 $
37
 */
47
 */
38
48
39
public class JAASCallbackHandler implements CallbackHandler {
49
public class JAASCallbackHandler implements CallbackHandler {
40
50
51
    private static Log log = LogFactory.getLog(JAASCallbackHandler.class);
41
52
42
    // ------------------------------------------------------------ Constructor
53
    // ------------------------------------------------------------ Constructor
43
54
44
55
45
    /**
56
    /**
46
     * Construct a callback handler configured with the specified values.
57
     * Construct a callback handler configured with the specified values.
58
     * Note that if the <code>JAASRealm</code> instance specifies digested passwords,
59
     * the <code>password</code> parameter will be pre-digested here.
47
     *
60
     *
48
     * @param realm Our associated JAASRealm instance
61
     * @param realm Our associated JAASRealm instance
49
     * @param username Username to be authenticated with
62
     * @param username Username to be authenticated with
Lines 55-67 Link Here
55
        super();
68
        super();
56
        this.realm = realm;
69
        this.realm = realm;
57
        this.username = username;
70
        this.username = username;
58
        this.password = password;
71
        if (realm.hasMessageDigest()) {
59
72
          this.password = realm.digest(password);
73
          if (log.isDebugEnabled()) {
74
            log.debug(sm.getString("jaasCallback.digestpassword", password, this.password));
75
          }
76
        }
77
        else {
78
          this.password = password;
79
        }
60
    }
80
    }
61
81
62
82
63
    // ----------------------------------------------------- Instance Variables
83
    // ----------------------------------------------------- Instance Variables
64
84
85
    /**
86
     * The string manager for this package.
87
     */
88
    protected static final StringManager sm =
89
        StringManager.getManager(Constants.Package);
65
90
66
    /**
91
    /**
67
     * The password to be authenticated with.
92
     * The password to be authenticated with.
Lines 85-95 Link Here
85
110
86
111
87
    /**
112
    /**
88
     * Retrieve the information requested in the provided Callbacks.  This
113
     * Retrieve the information requested in the provided <code>Callbacks</code>.
89
     * implementation only recognizes <code>NameCallback</code> and
114
     * This implementation only recognizes <code>NameCallback</code> and
90
     * <code>PasswordCallback</code> instances.
115
     * <code>PasswordCallback</code> instances.
91
     *
116
     *
92
     * @param callbacks The set of callbacks to be processed
117
     * @param callbacks The set of <code>Callback</code>s to be processed
93
     *
118
     *
94
     * @exception IOException if an input/output error occurs
119
     * @exception IOException if an input/output error occurs
95
     * @exception UnsupportedCallbackException if the login method requests
120
     * @exception UnsupportedCallbackException if the login method requests
Lines 101-116 Link Here
101
        for (int i = 0; i < callbacks.length; i++) {
126
        for (int i = 0; i < callbacks.length; i++) {
102
127
103
            if (callbacks[i] instanceof NameCallback) {
128
            if (callbacks[i] instanceof NameCallback) {
104
                if (realm.getDebug() >= 3)
129
                if (log.isDebugEnabled()) {
105
                    realm.log("Returning username " + username);
130
                    log.debug(sm.getString("jaasCallback.username", username));
131
                }
106
                ((NameCallback) callbacks[i]).setName(username);
132
                ((NameCallback) callbacks[i]).setName(username);
107
            } else if (callbacks[i] instanceof PasswordCallback) {
133
            } else if (callbacks[i] instanceof PasswordCallback) {
108
                if (realm.getDebug() >= 3)
134
                if (log.isDebugEnabled()) {
109
                    realm.log("Returning password " + password);
135
                    log.debug(sm.getString("jaasCallback.password", password));
136
                }
110
                final char[] passwordcontents;
137
                final char[] passwordcontents;
111
                if (password != null) {
138
                if (password != null) {
112
                    passwordcontents = password.toCharArray();
139
                    passwordcontents = password.toCharArray();
113
                } else {
140
                }
141
                else {
114
                    passwordcontents = new char[0];
142
                    passwordcontents = new char[0];
115
                }
143
                }
116
                ((PasswordCallback) callbacks[i]).setPassword
144
                ((PasswordCallback) callbacks[i]).setPassword

Return to bug 28631