Examples with CallbackHandler javax.security.auth.callback.CallbackHandler used on opensource projects

Example 66 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project cxf by apache.

the class AbstractSTSClient method getDelegationSecurityToken.

protected Element getDelegationSecurityToken(Object delegationObject) throws Exception {
    if (delegationObject != null) {
        final boolean isString = delegationObject instanceof String;
        final boolean isElement = delegationObject instanceof Element;
        final boolean isCallbackHandler = delegationObject instanceof CallbackHandler;
        if (isString) {
            final Document doc = StaxUtils.read(new StringReader((String) delegationObject));
            return doc.getDocumentElement();
        } else if (isElement) {
            return (Element) delegationObject;
        } else if (isCallbackHandler) {
            DelegationCallback callback = new DelegationCallback(message);
            ((CallbackHandler) delegationObject).handle(new Callback[] { callback });
            return callback.getToken();
        }
    }
    return null;
}

Example 67 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project cxf by apache.

the class AbstractTokenInterceptor method getPassword.

protected String getPassword(String userName, AbstractToken info, int usage, SoapMessage message) {
    // Then try to get the password from the given callback handler
    CallbackHandler handler = null;
    try {
        Object o = SecurityUtils.getSecurityPropertyValue(SecurityConstants.CALLBACK_HANDLER, message);
        handler = SecurityUtils.getCallbackHandler(o);
        if (handler == null) {
            policyNotAsserted(info, "No callback handler and no password available", message);
            return null;
        }
    } catch (Exception ex) {
        policyNotAsserted(info, "No callback handler and no password available", message);
        return null;
    }
    WSPasswordCallback[] cb = { new WSPasswordCallback(userName, usage) };
    try {
        handler.handle(cb);
    } catch (Exception e) {
        policyNotAsserted(info, e, message);
    }
    // get the password
    return cb[0].getPassword();
}

Example 68 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project cxf by apache.

the class AbstractWSS4JStaxInterceptor method getPasswordEncryptor.

protected PasswordEncryptor getPasswordEncryptor(SoapMessage soapMessage, WSSSecurityProperties securityProperties) {
    PasswordEncryptor passwordEncryptor = (PasswordEncryptor) soapMessage.getContextualProperty(SecurityConstants.PASSWORD_ENCRYPTOR_INSTANCE);
    if (passwordEncryptor != null) {
        return passwordEncryptor;
    }
    CallbackHandler callbackHandler = securityProperties.getCallbackHandler();
    if (callbackHandler == null) {
        callbackHandler = (CallbackHandler) getProperties().get(ConfigurationConstants.PW_CALLBACK_REF);
    }
    if (callbackHandler != null) {
        return new JasyptPasswordEncryptor(callbackHandler);
    }
    return null;
}

Example 69 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project cxf by apache.

the class KerberosUtils method getClient.

public static KerberosClient getClient(Message message, String type) throws WSSecurityException {
    KerberosClient client = (KerberosClient) message.getContextualProperty(SecurityConstants.KERBEROS_CLIENT);
    if (client == null) {
        client = new KerberosClient();
        String jaasContext = (String) message.getContextualProperty(SecurityConstants.KERBEROS_JAAS_CONTEXT_NAME);
        String kerberosSpn = (String) message.getContextualProperty(SecurityConstants.KERBEROS_SPN);
        try {
            CallbackHandler callbackHandler = SecurityUtils.getCallbackHandler(SecurityUtils.getSecurityPropertyValue(SecurityConstants.CALLBACK_HANDLER, message));
            client.setCallbackHandler(callbackHandler);
        } catch (Exception ex) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
        }
        boolean useCredentialDelegation = MessageUtils.getContextualBoolean(message, SecurityConstants.KERBEROS_USE_CREDENTIAL_DELEGATION, false);
        boolean isInServiceNameForm = MessageUtils.getContextualBoolean(message, SecurityConstants.KERBEROS_IS_USERNAME_IN_SERVICENAME_FORM, false);
        boolean requestCredentialDelegation = MessageUtils.getContextualBoolean(message, SecurityConstants.KERBEROS_REQUEST_CREDENTIAL_DELEGATION, false);
        client.setContextName(jaasContext);
        client.setServiceName(kerberosSpn);
        client.setUseDelegatedCredential(useCredentialDelegation);
        client.setUsernameServiceNameForm(isInServiceNameForm);
        client.setRequestCredentialDelegation(requestCredentialDelegation);
    }
    return client;
}

Example 70 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project Payara by payara.

the class AppClientContainerSecurityHelper method newCallbackHandlerInstance.

private CallbackHandler newCallbackHandlerInstance(final Class<? extends CallbackHandler> callbackHandlerClass, final ApplicationClientDescriptor acDesc) throws InstantiationException, IllegalAccessException, InjectionException {
    CallbackHandler userHandler = callbackHandlerClass.newInstance();
    injectionManager.injectInstance(userHandler, acDesc);
    return userHandler;
}