001: /***************************************************************
002: * This file is part of the [fleXive](R) project.
003: *
004: * Copyright (c) 1999-2008
005: * UCS - unique computing solutions gmbh (http://www.ucs.at)
006: * All rights reserved
007: *
008: * The [fleXive](R) project is free software; you can redistribute
009: * it and/or modify it under the terms of the GNU General Public
010: * License as published by the Free Software Foundation;
011: * either version 2 of the License, or (at your option) any
012: * later version.
013: *
014: * The GNU General Public License can be found at
015: * http://www.gnu.org/copyleft/gpl.html.
016: * A copy is found in the textfile GPL.txt and important notices to the
017: * license from the author are found in LICENSE.txt distributed with
018: * these libraries.
019: *
020: * This library is distributed in the hope that it will be useful,
021: * but WITHOUT ANY WARRANTY; without even the implied warranty of
022: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
023: * GNU General Public License for more details.
024: *
025: * For further information about UCS - unique computing solutions gmbh,
026: * please see the company website: http://www.ucs.at
027: *
028: * For further information about [fleXive](R), please see the
029: * project website: http://www.flexive.org
030: *
031: *
032: * This copyright notice MUST APPEAR in all copies of the file!
033: ***************************************************************/package com.flexive.core.security;
034:
035: import org.apache.commons.logging.Log;
036: import org.apache.commons.logging.LogFactory;
037:
038: import javax.ejb.SessionContext;
039: import javax.security.auth.callback.*;
040: import javax.sql.DataSource;
041: import java.io.IOException;
042:
043: /**
044: * PassiveCallbackHandler has constructor that takes
045: * a username and password so its handle() method does
046: * not have to prompt the user for input.
047: * Useful for server-side applications.
048: *
049: * @author Gregor Schober (gregor.schober@flexive.com), UCS - unique computing solutions gmbh (http://www.ucs.at)
050: */
051: public class PassiveCallbackHandler implements CallbackHandler {
052:
053: private static final transient Log LOG = LogFactory
054: .getLog(PassiveCallbackHandler.class);
055: private String username = null;
056: private char[] password = null;
057: private boolean takeOverSession = false;
058: private SessionContext ctx = null;
059: private DataSource ds = null;
060:
061: /**
062: * Creates a callback handler with the give username and password.
063: *
064: * @param user the username
065: * @param pass the password
066: * @param takeOverSession if an existing session should be "taken over"
067: * @param ctx the session context to be used
068: * @param ds the datasource to be used for authentication
069: */
070: public PassiveCallbackHandler(String user, String pass,
071: boolean takeOverSession, SessionContext ctx, DataSource ds) {
072: if (user == null)
073: user = "";
074: if (pass == null)
075: pass = "";
076: this .username = user;
077: this .password = pass.toCharArray();
078: this .takeOverSession = takeOverSession;
079: this .ctx = ctx;
080: this .ds = ds;
081: }
082:
083: /**
084: * Handles the specified set of Callbacks. Uses the username and password that were supplied to our
085: * constructor to popluate the Callbacks.
086: * <p/>
087: * This class supports NameCallback and PasswordCallback.
088: *
089: * @param callbacks the callbacks to handle
090: * @throws IOException if an input or output error occurs.
091: * @throws UnsupportedCallbackException if the callback is not an instance of NameCallback or PasswordCallback
092: */
093: public void handle(Callback[] callbacks) throws IOException,
094: UnsupportedCallbackException {
095:
096: for (Callback callback : callbacks) {
097: if (callback == null)
098: continue;
099: if (callback instanceof NameCallback) {
100: ((NameCallback) callback).setName(username);
101: } else if (callback instanceof PasswordCallback) {
102: ((PasswordCallback) callback).setPassword(password);
103: } else if (callback instanceof FxCallback) {
104: FxCallback ac = ((FxCallback) callback);
105: ac.setTakeOverSession(takeOverSession);
106: ac.setDataSource(ds);
107: ac.setSessionContext(ctx);
108: } else {
109: UnsupportedCallbackException uce = new UnsupportedCallbackException(
110: callback, "Callback class ["
111: + callback.getClass()
112: + "] not supported");
113: LOG.error(uce);
114: throw uce;
115: }
116: }
117:
118: }
119:
120: /**
121: * Clears out password state.
122: */
123: public void clearPassword() {
124: if (password != null) {
125: for (int i = 0; i < password.length; i++)
126: password[i] = ' ';
127: password = null;
128: }
129: }
130:
131: }
|