All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.apache.ws.security.WSPasswordCallback Maven / Gradle / Ivy

Go to download

The Apache WSS4J project provides a Java implementation of the primary security standards for Web Services, namely the OASIS Web Services Security (WS-Security) specifications from the OASIS Web Services Security TC.

There is a newer version: 1.6.19
Show newest version
/*
 * Copyright  2003-2004 The Apache Software Foundation.
 *
 *  Licensed under the Apache License, Version 2.0 (the "License");
 *  you may not use this file except in compliance with the License.
 *  You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 *
 */

package org.apache.ws.security;

import org.w3c.dom.Element;

import javax.security.auth.callback.Callback;

/**
 * Simple class to provide a password callback mechanism.
 * 

* It uses the JAAS authentication mechanisms and callback methods. * In addition to the identifier (user name) this class also provides * information what type of information the callback handle * method shall provide. *

* The WSPasswordCallback class defines the following usage * codes: *

    *
  • UNKNOWN - an unknown usage. Never used by the WSS4J * implementation and shall be treated as an error by the handle * method.
  • *
  • DECRYPT - need a password to get the private key of * this identifier (username) from the keystore. WSS4J uses this private * key to decrypt the session (symmetric) key. Because the encryption * method uses the public key to encrypt the session key it needs no * password (a public key is usually not protected by a password).
  • *
  • USERNAME_TOKEN - need the password to fill in or to * verify a UsernameToken.
  • *
  • SIGNATURE - need the password to get the private key of * this identifier (username) from the keystore. WSS4J uses this private * key to produce a signature. The signature verfication uses the public * key to verfiy the signature.
  • *
  • KEY_NAME - need the key, not the password, * associated with the identifier. WSS4J uses this key to encrypt or * decrypt parts of the SOAP request. Note, the key must match the * symmetric encryption/decryption algorithm specified (refer to * {@link org.apache.ws.security.handler.WSHandlerConstants#ENC_SYM_ALGO}).
  • *
  • USERNAME_TOKEN_UNKNOWN - either an not specified * password type or a password type passwordText. In these both cases only * the password variable is set. The callback class now may check if * the username and password match. If they don't match the callback class must * throw an exception. The exception can be a UnsupportedCallbackException or * an IOException.
  • *
  • SECURITY_CONTEXT_TOKEN - need the key to to be associated * with a wsc:SecurityContextToken.
  • *
* * @author Werner Dittmann ([email protected]). */ public class WSPasswordCallback implements Callback { public static final int UNKNOWN = 0; public static final int DECRYPT = 1; public static final int USERNAME_TOKEN = 2; public static final int SIGNATURE = 3; public static final int KEY_NAME = 4; public static final int USERNAME_TOKEN_UNKNOWN = 5; public final static int SECURITY_CONTEXT_TOKEN = 6; public final static int CUSTOM_TOKEN = 7; public final static int ENCRYPTED_KEY_TOKEN = 8; private String identifier; private String password; private byte[] key; private int usage; private String passwordType; private Element customToken; /** * Constructor. * * @param id The application called back must supply the password for * this identifier. */ public WSPasswordCallback(String id, int usage) { this(id, null, null, usage); } /** * Constructor. * * @param id The application called back must supply the password for * this identifier. */ public WSPasswordCallback(String id, String pw, String type, int usage) { identifier = id; password = pw; passwordType = type; this.usage = usage; } /** * Get the identifier. *

* * @return The identifier */ public String getIdentifer() { return identifier; } /** * Extended callback interface allows for setting the username as well. * Callback functions can change the identifier, this is intended in the usernametoken scenario * where the usernametoken denotes the identity, but a fixed identity for signing is used * The initial value is that from the configuration file. If this method is not called, the * configured identity is used. * * @param ident The identity. */ public void setIdentifier(String ident) { this.identifier = ident; } /** * Set the password. *

* * @param passwd is the password associated to the identifier */ public void setPassword(String passwd) { password = passwd; } /** * Get the password. *

* * @return The password */ public String getPassword() { return password; } /** * Set the Key. *

* * @param key is the key associated to the identifier */ public void setKey(byte[] key) { this.key = key; } /** * Get the key. *

* * @return The key */ public byte[] getKey() { return this.key; } /** * Get the usage. *

* * @return The usage for this callback */ public int getUsage() { return usage; } /** * The password type is only relevant for usage USERNAME_TOKEN * and USERNAME_TOKEN_UNKNOWN. * * @return Returns the passwordType. */ public String getPasswordType() { return passwordType; } public Element getCustomToken() { return customToken; } public void setCustomToken(Element customToken) { this.customToken = customToken; } }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy