--- JAASCallbackHandler.java.old Sat Aug 28 20:14:06 2004 +++ JAASCallbackHandler.java.old Fri Sep 10 01:01:14 2004 @@ -25,25 +25,38 @@ import javax.security.auth.callback.PasswordCallback; import javax.security.auth.callback.UnsupportedCallbackException; +import org.apache.catalina.util.StringManager; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; /** - *
Implementation of the JAAS CallbackHandler interface,
+ * Implementation of the JAAS This At present, CallbackHandler
interface,
* used to negotiate delivery of the username and credentials that were
* specified to our constructor. No interaction with the user is required
* (or possible).CallbackHandler
will pre-digest the supplied
+ * password, if required by the <Realm>
element in
+ * server.xml
.JAASCallbackHandler
knows how to handle callbacks of
+ * type javax.security.auth.callback.NameCallback
and
+ * javax.security.auth.callback.PasswordCallback
.JAASRealm
instance specifies digested passwords,
+ * the password
parameter will be pre-digested here.
*
* @param realm Our associated JAASRealm instance
* @param username Username to be authenticated with
@@ -55,13 +68,25 @@
super();
this.realm = realm;
this.username = username;
- this.password = password;
-
+ if (realm.hasMessageDigest()) {
+ this.password = realm.digest(password);
+ if (log.isDebugEnabled()) {
+ log.debug(sm.getString("jaasCallback.digestpassword", password, this.password));
+ }
+ }
+ else {
+ this.password = password;
+ }
}
// ----------------------------------------------------- Instance Variables
+ /**
+ * The string manager for this package.
+ */
+ protected static final StringManager sm =
+ StringManager.getManager(Constants.Package);
/**
* The password to be authenticated with.
@@ -85,11 +110,11 @@
/**
- * Retrieve the information requested in the provided Callbacks. This
- * implementation only recognizes NameCallback
and
+ * Retrieve the information requested in the provided Callbacks
.
+ * This implementation only recognizes NameCallback
and
* PasswordCallback
instances.
*
- * @param callbacks The set of callbacks to be processed
+ * @param callbacks The set of Callback
s to be processed
*
* @exception IOException if an input/output error occurs
* @exception UnsupportedCallbackException if the login method requests
@@ -101,16 +126,19 @@
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof NameCallback) {
- if (realm.getDebug() >= 3)
- realm.log("Returning username " + username);
+ if (log.isDebugEnabled()) {
+ log.debug(sm.getString("jaasCallback.username", username));
+ }
((NameCallback) callbacks[i]).setName(username);
} else if (callbacks[i] instanceof PasswordCallback) {
- if (realm.getDebug() >= 3)
- realm.log("Returning password " + password);
+ if (log.isDebugEnabled()) {
+ log.debug(sm.getString("jaasCallback.password", password));
+ }
final char[] passwordcontents;
if (password != null) {
passwordcontents = password.toCharArray();
- } else {
+ }
+ else {
passwordcontents = new char[0];
}
((PasswordCallback) callbacks[i]).setPassword