Examples with CallbackHandler javax.security.auth.callback.CallbackHandler used on opensource projects

Example 61 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project cxf by apache.

the class IssueUnitTest method processToken.

private List<WSSecurityEngineResult> processToken(SecurityToken token) throws Exception {
    RequestData requestData = new RequestData();
    requestData.setDisableBSPEnforcement(true);
    CallbackHandler callbackHandler = new org.apache.cxf.systest.sts.common.CommonCallbackHandler();
    requestData.setCallbackHandler(callbackHandler);
    Crypto crypto = CryptoFactory.getInstance("serviceKeystore.properties");
    requestData.setDecCrypto(crypto);
    requestData.setSigVerCrypto(crypto);
    requestData.setWsDocInfo(new WSDocInfo(token.getToken().getOwnerDocument()));
    Processor processor = new SAMLTokenProcessor();
    return processor.handleToken(token.getToken(), requestData);
}

Example 62 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project cxf by apache.

the class WSDLGetAuthenticatorInterceptor method doAuthenticate.

public Subject doAuthenticate(final String username, final String password) {
    try {
        Subject subject = new Subject();
        LoginContext loginContext = new LoginContext(getContextName(), subject, new CallbackHandler() {

            public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
                for (int i = 0; i < callbacks.length; i++) {
                    if (callbacks[i] instanceof NameCallback) {
                        ((NameCallback) callbacks[i]).setName(username);
                    } else if (callbacks[i] instanceof PasswordCallback) {
                        ((PasswordCallback) callbacks[i]).setPassword(password.toCharArray());
                    } else {
                        throw new UnsupportedCallbackException(callbacks[i]);
                    }
                }
            }
        });
        loginContext.login();
        return subject;
    } catch (FailedLoginException e) {
        LOG.log(Level.FINE, "Login failed ", e);
        return null;
    } catch (AccountException e) {
        LOG.log(Level.WARNING, "Account failure ", e);
        return null;
    } catch (GeneralSecurityException e) {
        LOG.log(Level.SEVERE, "General Security Exception ", e);
        return null;
    }
}

Example 63 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project cxf by apache.

the class STSUnitTest method processToken.

private List<WSSecurityEngineResult> processToken(SecurityToken token) throws Exception {
    RequestData requestData = new RequestData();
    CallbackHandler callbackHandler = new CommonCallbackHandler();
    requestData.setCallbackHandler(callbackHandler);
    Crypto crypto = CryptoFactory.getInstance("clientKeystore.properties", this.getClass().getClassLoader());
    requestData.setSigVerCrypto(crypto);
    requestData.setWsDocInfo(new WSDocInfo(token.getToken().getOwnerDocument()));
    Processor processor = new SAMLTokenProcessor();
    return processor.handleToken(token.getToken(), requestData);
}

Example 64 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project cxf by apache.

the class STSRESTTest method processToken.

private List<WSSecurityEngineResult> processToken(Element assertionElement) throws Exception {
    RequestData requestData = new RequestData();
    requestData.setDisableBSPEnforcement(true);
    CallbackHandler callbackHandler = new org.apache.cxf.systest.sts.common.CommonCallbackHandler();
    requestData.setCallbackHandler(callbackHandler);
    Crypto crypto = CryptoFactory.getInstance("serviceKeystore.properties");
    requestData.setDecCrypto(crypto);
    requestData.setSigVerCrypto(crypto);
    requestData.setWsDocInfo(new WSDocInfo(assertionElement.getOwnerDocument()));
    Processor processor = new SAMLTokenProcessor();
    return processor.handleToken(assertionElement, requestData);
}

Example 65 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project cxf by apache.

the class AbstractBindingBuilder method getPassword.

protected String getPassword(String userName, Assertion info, int usage) {
    // Then try to get the password from the given callback handler
    Object o = SecurityUtils.getSecurityPropertyValue(SecurityConstants.CALLBACK_HANDLER, message);
    CallbackHandler handler = null;
    try {
        handler = SecurityUtils.getCallbackHandler(o);
        if (handler == null) {
            // Don't unassert for signature as we might get the password from the crypto properties
            if (usage == WSPasswordCallback.SIGNATURE) {
                LOG.info("No CallbackHandler available to retrieve a password. We will now try the crypto " + "properties file for a private password");
            } else {
                unassertPolicy(info, "No callback handler and no password available");
            }
            return null;
        }
    } catch (Exception ex) {
        // Don't unassert for signature as we might get the password from the crypto properties
        if (usage == WSPasswordCallback.SIGNATURE) {
            LOG.info("No CallbackHandler available to retrieve a password. We will now try the crypto " + "properties file for a private password");
        } else {
            unassertPolicy(info, "No callback handler and no password available");
        }
        return null;
    }
    WSPasswordCallback[] cb = { new WSPasswordCallback(userName, usage) };
    try {
        handler.handle(cb);
    } catch (Exception e) {
        unassertPolicy(info, e);
    }
    // get the password
    return cb[0].getPassword();
}