001 /*
002 * Copyright 1999-2005 Sun Microsystems, Inc. All Rights Reserved.
003 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
004 *
005 * This code is free software; you can redistribute it and/or modify it
006 * under the terms of the GNU General Public License version 2 only, as
007 * published by the Free Software Foundation. Sun designates this
008 * particular file as subject to the "Classpath" exception as provided
009 * by Sun in the LICENSE file that accompanied this code.
010 *
011 * This code is distributed in the hope that it will be useful, but WITHOUT
012 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
013 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
014 * version 2 for more details (a copy is included in the LICENSE file that
015 * accompanied this code).
016 *
017 * You should have received a copy of the GNU General Public License version
018 * 2 along with this work; if not, write to the Free Software Foundation,
019 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
020 *
021 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
022 * CA 95054 USA or visit www.sun.com if you need additional information or
023 * have any questions.
024 */
025
026 package javax.security.auth.callback;
027
028 /**
029 * <p> An application implements a <code>CallbackHandler</code> and passes
030 * it to underlying security services so that they may interact with
031 * the application to retrieve specific authentication data,
032 * such as usernames and passwords, or to display certain information,
033 * such as error and warning messages.
034 *
035 * <p> CallbackHandlers are implemented in an application-dependent fashion.
036 * For example, implementations for an application with a graphical user
037 * interface (GUI) may pop up windows to prompt for requested information
038 * or to display error messages. An implementation may also choose to obtain
039 * requested information from an alternate source without asking the end user.
040 *
041 * <p> Underlying security services make requests for different types
042 * of information by passing individual Callbacks to the
043 * <code>CallbackHandler</code>. The <code>CallbackHandler</code>
044 * implementation decides how to retrieve and display information
045 * depending on the Callbacks passed to it. For example,
046 * if the underlying service needs a username and password to
047 * authenticate a user, it uses a <code>NameCallback</code> and
048 * <code>PasswordCallback</code>. The <code>CallbackHandler</code>
049 * can then choose to prompt for a username and password serially,
050 * or to prompt for both in a single window.
051 *
052 * <p> A default <code>CallbackHandler</code> class implementation
053 * may be specified in the <i>auth.login.defaultCallbackHandler</i>
054 * security property. The security property can be set
055 * in the Java security properties file located in the file named
056 * <JAVA_HOME>/lib/security/java.security.
057 * <JAVA_HOME> refers to the value of the java.home system property,
058 * and specifies the directory where the JRE is installed.
059 *
060 * <p> If the security property is set to the fully qualified name of a
061 * <code>CallbackHandler</code> implementation class,
062 * then a <code>LoginContext</code> will load the specified
063 * <code>CallbackHandler</code> and pass it to the underlying LoginModules.
064 * The <code>LoginContext</code> only loads the default handler
065 * if it was not provided one.
066 *
067 * <p> All default handler implementations must provide a public
068 * zero-argument constructor.
069 *
070 * @version 1.25, 05/05/07
071 */
072 public interface CallbackHandler {
073
074 /**
075 * <p> Retrieve or display the information requested in the
076 * provided Callbacks.
077 *
078 * <p> The <code>handle</code> method implementation checks the
079 * instance(s) of the <code>Callback</code> object(s) passed in
080 * to retrieve or display the requested information.
081 * The following example is provided to help demonstrate what an
082 * <code>handle</code> method implementation might look like.
083 * This example code is for guidance only. Many details,
084 * including proper error handling, are left out for simplicity.
085 *
086 * <pre>
087 * public void handle(Callback[] callbacks)
088 * throws IOException, UnsupportedCallbackException {
089 *
090 * for (int i = 0; i < callbacks.length; i++) {
091 * if (callbacks[i] instanceof TextOutputCallback) {
092 *
093 * // display the message according to the specified type
094 * TextOutputCallback toc = (TextOutputCallback)callbacks[i];
095 * switch (toc.getMessageType()) {
096 * case TextOutputCallback.INFORMATION:
097 * System.out.println(toc.getMessage());
098 * break;
099 * case TextOutputCallback.ERROR:
100 * System.out.println("ERROR: " + toc.getMessage());
101 * break;
102 * case TextOutputCallback.WARNING:
103 * System.out.println("WARNING: " + toc.getMessage());
104 * break;
105 * default:
106 * throw new IOException("Unsupported message type: " +
107 * toc.getMessageType());
108 * }
109 *
110 * } else if (callbacks[i] instanceof NameCallback) {
111 *
112 * // prompt the user for a username
113 * NameCallback nc = (NameCallback)callbacks[i];
114 *
115 * // ignore the provided defaultName
116 * System.err.print(nc.getPrompt());
117 * System.err.flush();
118 * nc.setName((new BufferedReader
119 * (new InputStreamReader(System.in))).readLine());
120 *
121 * } else if (callbacks[i] instanceof PasswordCallback) {
122 *
123 * // prompt the user for sensitive information
124 * PasswordCallback pc = (PasswordCallback)callbacks[i];
125 * System.err.print(pc.getPrompt());
126 * System.err.flush();
127 * pc.setPassword(readPassword(System.in));
128 *
129 * } else {
130 * throw new UnsupportedCallbackException
131 * (callbacks[i], "Unrecognized Callback");
132 * }
133 * }
134 * }
135 *
136 * // Reads user password from given input stream.
137 * private char[] readPassword(InputStream in) throws IOException {
138 * // insert code to read a user password from the input stream
139 * }
140 * </pre>
141 *
142 * @param callbacks an array of <code>Callback</code> objects provided
143 * by an underlying security service which contains
144 * the information requested to be retrieved or displayed.
145 *
146 * @exception java.io.IOException if an input or output error occurs. <p>
147 *
148 * @exception UnsupportedCallbackException if the implementation of this
149 * method does not support one or more of the Callbacks
150 * specified in the <code>callbacks</code> parameter.
151 */
152 void handle(Callback[] callbacks) throws java.io.IOException,
153 UnsupportedCallbackException;
154 }
|