Search in sources :

Example 66 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project cxf by apache.

the class AbstractSTSClient method getDelegationSecurityToken.

protected Element getDelegationSecurityToken(Object delegationObject) throws Exception {
    if (delegationObject != null) {
        final boolean isString = delegationObject instanceof String;
        final boolean isElement = delegationObject instanceof Element;
        final boolean isCallbackHandler = delegationObject instanceof CallbackHandler;
        if (isString) {
            final Document doc = StaxUtils.read(new StringReader((String) delegationObject));
            return doc.getDocumentElement();
        } else if (isElement) {
            return (Element) delegationObject;
        } else if (isCallbackHandler) {
            DelegationCallback callback = new DelegationCallback(message);
            ((CallbackHandler) delegationObject).handle(new Callback[] { callback });
            return callback.getToken();
        }
    }
    return null;
}
Also used : CallbackHandler(javax.security.auth.callback.CallbackHandler) ExtensibilityElement(javax.wsdl.extensions.ExtensibilityElement) Element(org.w3c.dom.Element) StringReader(java.io.StringReader) Document(org.w3c.dom.Document) DelegationCallback(org.apache.cxf.ws.security.trust.delegation.DelegationCallback)

Example 67 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project cxf by apache.

the class AbstractTokenInterceptor method getPassword.

protected String getPassword(String userName, AbstractToken info, int usage, SoapMessage message) {
    // Then try to get the password from the given callback handler
    CallbackHandler handler = null;
    try {
        Object o = SecurityUtils.getSecurityPropertyValue(SecurityConstants.CALLBACK_HANDLER, message);
        handler = SecurityUtils.getCallbackHandler(o);
        if (handler == null) {
            policyNotAsserted(info, "No callback handler and no password available", message);
            return null;
        }
    } catch (Exception ex) {
        policyNotAsserted(info, "No callback handler and no password available", message);
        return null;
    }
    WSPasswordCallback[] cb = { new WSPasswordCallback(userName, usage) };
    try {
        handler.handle(cb);
    } catch (Exception e) {
        policyNotAsserted(info, e, message);
    }
    // get the password
    return cb[0].getPassword();
}
Also used : CallbackHandler(javax.security.auth.callback.CallbackHandler) WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback) PolicyException(org.apache.cxf.ws.policy.PolicyException)

Example 68 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project cxf by apache.

the class AbstractWSS4JStaxInterceptor method getPasswordEncryptor.

protected PasswordEncryptor getPasswordEncryptor(SoapMessage soapMessage, WSSSecurityProperties securityProperties) {
    PasswordEncryptor passwordEncryptor = (PasswordEncryptor) soapMessage.getContextualProperty(SecurityConstants.PASSWORD_ENCRYPTOR_INSTANCE);
    if (passwordEncryptor != null) {
        return passwordEncryptor;
    }
    CallbackHandler callbackHandler = securityProperties.getCallbackHandler();
    if (callbackHandler == null) {
        callbackHandler = (CallbackHandler) getProperties().get(ConfigurationConstants.PW_CALLBACK_REF);
    }
    if (callbackHandler != null) {
        return new JasyptPasswordEncryptor(callbackHandler);
    }
    return null;
}
Also used : CallbackHandler(javax.security.auth.callback.CallbackHandler) JasyptPasswordEncryptor(org.apache.wss4j.common.crypto.JasyptPasswordEncryptor) PasswordEncryptor(org.apache.wss4j.common.crypto.PasswordEncryptor) JasyptPasswordEncryptor(org.apache.wss4j.common.crypto.JasyptPasswordEncryptor)

Example 69 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project cxf by apache.

the class KerberosUtils method getClient.

public static KerberosClient getClient(Message message, String type) throws WSSecurityException {
    KerberosClient client = (KerberosClient) message.getContextualProperty(SecurityConstants.KERBEROS_CLIENT);
    if (client == null) {
        client = new KerberosClient();
        String jaasContext = (String) message.getContextualProperty(SecurityConstants.KERBEROS_JAAS_CONTEXT_NAME);
        String kerberosSpn = (String) message.getContextualProperty(SecurityConstants.KERBEROS_SPN);
        try {
            CallbackHandler callbackHandler = SecurityUtils.getCallbackHandler(SecurityUtils.getSecurityPropertyValue(SecurityConstants.CALLBACK_HANDLER, message));
            client.setCallbackHandler(callbackHandler);
        } catch (Exception ex) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
        }
        boolean useCredentialDelegation = MessageUtils.getContextualBoolean(message, SecurityConstants.KERBEROS_USE_CREDENTIAL_DELEGATION, false);
        boolean isInServiceNameForm = MessageUtils.getContextualBoolean(message, SecurityConstants.KERBEROS_IS_USERNAME_IN_SERVICENAME_FORM, false);
        boolean requestCredentialDelegation = MessageUtils.getContextualBoolean(message, SecurityConstants.KERBEROS_REQUEST_CREDENTIAL_DELEGATION, false);
        client.setContextName(jaasContext);
        client.setServiceName(kerberosSpn);
        client.setUseDelegatedCredential(useCredentialDelegation);
        client.setUsernameServiceNameForm(isInServiceNameForm);
        client.setRequestCredentialDelegation(requestCredentialDelegation);
    }
    return client;
}
Also used : CallbackHandler(javax.security.auth.callback.CallbackHandler) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)

Example 70 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project Payara by payara.

the class AppClientContainerSecurityHelper method newCallbackHandlerInstance.

private CallbackHandler newCallbackHandlerInstance(final Class<? extends CallbackHandler> callbackHandlerClass, final ApplicationClientDescriptor acDesc) throws InstantiationException, IllegalAccessException, InjectionException {
    CallbackHandler userHandler = callbackHandlerClass.newInstance();
    injectionManager.injectInstance(userHandler, acDesc);
    return userHandler;
}
Also used : CallbackHandler(javax.security.auth.callback.CallbackHandler)

Aggregations

CallbackHandler (javax.security.auth.callback.CallbackHandler)274 Crypto (org.apache.wss4j.common.crypto.Crypto)82 IOException (java.io.IOException)75 Callback (javax.security.auth.callback.Callback)73 Element (org.w3c.dom.Element)70 Subject (javax.security.auth.Subject)68 PasswordCallback (javax.security.auth.callback.PasswordCallback)63 UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)61 PasswordCallbackHandler (org.apache.cxf.sts.common.PasswordCallbackHandler)60 Document (org.w3c.dom.Document)60 LoginContext (javax.security.auth.login.LoginContext)55 NameCallback (javax.security.auth.callback.NameCallback)51 LoginException (javax.security.auth.login.LoginException)44 Principal (java.security.Principal)42 ReceivedToken (org.apache.cxf.sts.request.ReceivedToken)42 TokenValidator (org.apache.cxf.sts.token.validator.TokenValidator)38 SAMLTokenValidator (org.apache.cxf.sts.token.validator.SAMLTokenValidator)36 STSPropertiesMBean (org.apache.cxf.sts.STSPropertiesMBean)34 Test (org.junit.Test)34 ArrayList (java.util.ArrayList)32